❌ FDA Warns of Potentially Fatal Flaws in Medtronic Insulin Pumps ❌
📖 Read
via "Threatpost".
The FDA sent out an urgent advisory warning of serious flaws in Medtronic's insulin pumps, which are used by thousands across the U.S.📖 Read
via "Threatpost".
Threat Post
FDA Warns of Potentially Fatal Flaws in Medtronic Insulin Pumps
The FDA sent out an urgent advisory warning of serious flaws in Medtronic's insulin pumps, which are used by thousands across the U.S.
🔏 Friday Five: 6/28 Edition 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
A $600,000 ransomware payment, statistics on the cybersecurity talent shortage, and more - catch up on the week's news with this roundup!📖 Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 6/28 Edition
A $600,000 ransomware payment, statistics on the cybersecurity talent shortage, and more - catch up on the week's news with this roundup!
🕴 Cloud Provider PCM Suffers Data Breach 🕴
📖 Read
via "Dark Reading: ".
Attackers were reportedly able to compromise email and file-sharing systems for some of PCM's customers.📖 Read
via "Dark Reading: ".
Darkreading
Cloud Provider PCM Suffers Data Breach
Attackers were reportedly able to compromise email and file-sharing systems for some of PCM's customers.
ATENTION‼ New - CVE-2018-15555
📖 Read
via "National Vulnerability Database".
On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers.📖 Read
via "National Vulnerability Database".
🕴 Key Biscayne Hit by Cybersecurity Attack 🕴
📖 Read
via "Dark Reading: ".
Key Biscayne is the third Florida town to be hit by hackers in June.📖 Read
via "Dark Reading: ".
Darkreading
Key Biscayne Hit by Cybersecurity Attack
Key Biscayne is the third Florida town to be hit by hackers in June.
ATENTION‼ New - CVE-2018-15520
📖 Read
via "National Vulnerability Database".
Various Lexmark devices have a Buffer Overflow (issue 2 of 2).📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-15519
📖 Read
via "National Vulnerability Database".
Various Lexmark devices have a Buffer Overflow (issue 1 of 2).📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-14919
📖 Read
via "National Vulnerability Database".
LOYTEC LGATE-902 6.3.2 devices allow XSS.📖 Read
via "National Vulnerability Database".
🔐 How to set up multi-factor authentication for an IAM user in AWS 🔐
📖 Read
via "Security on TechRepublic".
MFA protocols are a simple best practice for increasing the overall access security of AWS cloud services and could prevent costly security breaches in your enterprise.📖 Read
via "Security on TechRepublic".
TechRepublic
How to set up multi-factor authentication for an IAM user in AWS
MFA protocols are a simple best practice for increasing the overall access security of AWS cloud services and could prevent costly security breaches in your enterprise.
❌ MongoDB Leak Exposed Millions of Medical Insurance Records ❌
📖 Read
via "Threatpost".
Millions of records containing personal information and medical insurance data were exposed by a database belonging to insurance marketing website MedicareSupplement.com.📖 Read
via "Threatpost".
Threat Post
MongoDB Leak Exposed Millions of Medical Insurance Records
Millions of records containing personal information and medical insurance data were exposed by a database belonging to insurance marketing website MedicareSupplement.com.
❌ New Dridex Variant Slips By Anti-Virus Detection ❌
📖 Read
via "Threatpost".
A never-before-seen Dridex variant has been spotted in phishing emails using anti-virus detection evasion tactics.📖 Read
via "Threatpost".
Threat Post
New Dridex Variant Slips By Anti-Virus Detection
A never-before-seen Dridex variant has been spotted in phishing emails using anti-virus detection evasion tactics.
🕴 MageCart Launches Customizable Campaign 🕴
📖 Read
via "Dark Reading: ".
A tool new to MageCart bolsters the group's ability to evade detection and steal data.📖 Read
via "Dark Reading: ".
Darkreading
MageCart Launches Customizable Campaign
A tool new to MageCart bolsters the group's ability to evade detection and steal data.
ATENTION‼ New - CVE-2018-14918
📖 Read
via "National Vulnerability Database".
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-14916
📖 Read
via "National Vulnerability Database".
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-14887
📖 Read
via "National Vulnerability Database".
Improper Host header sanitization in the dbfilter routing component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows a remote attacker to deny access to the service and to disclose database names via a crafted request.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-14886
📖 Read
via "National Vulnerability Database".
The module-description renderer in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier does not disable RST's local file inclusion, which allows privileged authenticated users to read local files via a crafted module description.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-14885
📖 Read
via "National Vulnerability Database".
Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-14868
📖 Read
via "National Vulnerability Database".
Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-14867
📖 Read
via "National Vulnerability Database".
Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2016-10761
📖 Read
via "National Vulnerability Database".
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.📖 Read
via "National Vulnerability Database".
⚠ Monday review – the hot 21 stories of the week ⚠
📖 Read
via "Naked Security".
From the controversial DeepNude app to the Molotov-cocktail-throwing hacker who dropped his USB stick - and everything in between.📖 Read
via "Naked Security".
Naked Security
Monday review – the hot 21 stories of the week
From the controversial DeepNude app to the Molotov-cocktail-throwing hacker who dropped his USB stick – and everything in between.