🕴 Thousands of Facebook Users Hit in Malware Distribution Campaign 🕴
📖 Read
via "Dark Reading: ".
'Operation Tripoli' is another reminder why users cannot trust every link they see on social media sites.📖 Read
via "Dark Reading: ".
Darkreading
Thousands of Facebook Users Hit in Malware Distribution Campaign
'Operation Tripoli' is another reminder why users cannot trust every link they see on social media sites.
🔐 Why WPA3 is necessary to secure Wi-Fi 6 / 802.11ax networks 🔐
📖 Read
via "Security on TechRepublic".
Following the disclosure of the KRACK vulnerability, WPA3 was developed to prevent "session replay" attacks. Aruba's Jeff Lipton explains the importance of WPA3 to Wi-Fi 6.📖 Read
via "Security on TechRepublic".
TechRepublic
Why WPA3 is necessary to secure Wi-Fi 6 / 802.11ax networks
Following the disclosure of the KRACK vulnerability, WPA3 was developed to prevent "session replay" attacks. Aruba's Jeff Lipton explains the importance of WPA3 to Wi-Fi 6.
🔐 1 in 10 tech employees plan to steal company information before leaving a job 🔐
📖 Read
via "Security on TechRepublic".
Insider threats are more difficult to detect and prevent than external attacks, and are a major threat to businesses, according to Gurucul.📖 Read
via "Security on TechRepublic".
TechRepublic
1 in 10 tech employees plan to steal company information before leaving a job
Insider threats are more difficult to detect and prevent than external attacks, and are a major threat to businesses, according to Gurucul.
🕴 Ransomware Hits Georgia Court System 🕴
📖 Read
via "Dark Reading: ".
The court's IT department is meeting with external agencies to determine the scope and severity of the cyberattack.📖 Read
via "Dark Reading: ".
Darkreading
Ransomware Hits Georgia Court System
The court's IT department is meeting with external agencies to determine the scope and severity of the cyberattack.
🔐 Cyberwar risk: Utilities fail to patch critical security vulnerabilities often enough 🔐
📖 Read
via "Security on TechRepublic".
The potential risks associated with compromised systems are severe. Given the prospects of a potential cyberwar, utilities should place a greater emphasis on security.📖 Read
via "Security on TechRepublic".
TechRepublic
Cyberwar risk: Utilities fail to patch critical security vulnerabilities often enough
The potential risks associated with compromised systems are severe. Given the prospects of a potential cyberwar, utilities should place a greater emphasis on security.
🔐 How organizations can better protect themselves against supply chain security threats 🔐
📖 Read
via "Security on TechRepublic".
Running regular anti-malware scans and blocking malicious IP addresses are two strategies. But organizations need to do more to defend themselves against security risks from supply chain partners, according to (ISC)2.📖 Read
via "Security on TechRepublic".
TechRepublic
How organizations can better protect themselves against supply chain security threats
Running regular anti-malware scans and blocking malicious IP addresses are two strategies. But organizations need to do more to defend themselves against security risks from supply chain partners, according to (ISC)2.
❌ Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer ❌
📖 Read
via "Threatpost".
A new malware is targeting Macs with new tactics to sniff out antivirus and virtual machines.📖 Read
via "Threatpost".
Threat Post
Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer
A new malware is targeting Macs with new tactics to sniff out antivirus and virtual machines.
🕴 Lake City Employee Fired Following Ransom Payment 🕴
📖 Read
via "Dark Reading: ".
The Florida city approved its insurer to pay $460,000 in ransom for a cyberattack that shut down servers, email, and phone.📖 Read
via "Dark Reading: ".
Darkreading
Lake City Employee Fired Following Ransom Payment
The Florida city approved its insurer to pay $460,000 in ransom for a cyberattack that shut down servers, email, and phone.
🔏 New Bill Could Ease HIPAA Enforcement 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
A bill passed by a Senate Committee last week could ease Health Insurance Portability and Accountability Act (HIPAA) enforcements by incentivizing healthcare entities to adopt cybersecurity policies.📖 Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
New Bill Could Ease HIPAA Enforcement
A bill passed by a Senate Committee last week could ease Health Insurance Portability and Accountability Act (HIPAA) enforcements by incentivizing healthcare entities to adopt cybersecurity policies.
🕴 Toyota's Car-Hacking Tool Now Available 🕴
📖 Read
via "Dark Reading: ".
'PASTA' hardware and software kit now retails for $28,300.📖 Read
via "Dark Reading: ".
Dark Reading
Toyota's Car-Hacking Tool Now Available
'PASTA' hardware and software kit now retails for $28,300.
❌ Google July Android Security Bulletin Fixes 3 Critical RCE Bugs ❌
📖 Read
via "Threatpost".
Google fixed several critical and high-severity vulnerabilities in its Android operating system.📖 Read
via "Threatpost".
Threat Post
Google July Android Security Bulletin Fixes 3 Critical RCE Bugs
Google fixed several critical and high-severity vulnerabilities in its Android operating system.
🕴 Poor Communications Slowing DevOps Shift 🕴
📖 Read
via "Dark Reading: ".
Existing functional silos are standing in the way of building a DevOps culture.📖 Read
via "Dark Reading: ".
Dark Reading
Poor Communications Slowing DevOps Shift
Existing functional silos are standing in the way of building a DevOps culture.
🕴 In Cybercrime's Evolution, Active, Automated Attacks Are the Latest Fad 🕴
📖 Read
via "Dark Reading: ".
Staying ahead can feel impossible, but understanding that perfection is impossible can free you to make decisions about managing risk.📖 Read
via "Dark Reading: ".
Darkreading
In Cybercrime's Evolution, Active, Automated Attacks Are the Latest Fad
Staying ahead can feel impossible, but understanding that perfection is impossible can free you to make decisions about managing risk.
ATENTION‼ New - CVE-2017-8408
📖 Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request (to test if SMB credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "cgibox" is the one that has the vulnerable function "sub_7EAFC" that receives the values sent by the GET request. If we open this binary in IDA-pro we will notice that this follows a ARM little endian format. The function sub_7EAFC in IDA pro is identified to be receiving the values sent in the GET request and the value set in GET parameter "user" is extracted in function sub_7E49C which is then passed to the vulnerable system API call.📖 Read
via "National Vulnerability Database".
🔐 Top 5 things to know about Europe's SCA rules 🔐
📖 Read
via "Security on TechRepublic".
Europe's Strong Customer Authentication compliance regulations go into effect in September 2019. Tom Merritt explains five things you need to know to get ready for SCA.📖 Read
via "Security on TechRepublic".
TechRepublic
Top 5 things to know about Europe's SCA rules
Europe's Strong Customer Authentication compliance regulations go into effect in September 2019. Tom Merritt explains five things you need to know to get ready for SCA.
🔐 Top 5 things to know about Europe's SCA rules 🔐
📖 Read
via "Security on TechRepublic".
Europe's Strong Customer Authentication compliance regulations go into effect in September 2019. Tom Merritt explains five things you need to know to get ready for SCA.📖 Read
via "Security on TechRepublic".
TechRepublic
Top 5 things to know about Europe's SCA rules
Europe's Strong Customer Authentication compliance regulations go into effect in September 2019. Tom Merritt explains five things you need to know to get ready for SCA.
🕴 'Human Side-Channels': Behavioral Traces We Leave Behind 🕴
📖 Read
via "Dark Reading: ".
How writing patterns, online activities, and other unintentional identifiers can be used in cyber offense and defense.📖 Read
via "Dark Reading: ".
Darkreading
'Human Side-Channels': Behavioral Traces We Leave Behind
How writing patterns, online activities, and other unintentional identifiers can be used in cyber offense and defense.
❌ IBM Patches Critical, High-Severity Flaws in Spectrum Protect ❌
📖 Read
via "Threatpost".
IBM has disclosed multiple critical and high-severity flaws across an array of products, the most severe of which exist in its IBM Spectrum Protect tool.📖 Read
via "Threatpost".
Threat Post
IBM Patches Critical, High-Severity Flaws in Spectrum Protect
IBM has disclosed multiple critical and high-severity flaws across an array of products, the most severe of which exist in its IBM Spectrum Protect tool.
ATENTION‼ New - CVE-2017-8411
📖 Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The library "libmailutils.so" is the one that has the vulnerable function "sub_1FC4" that receives the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows an ARM little endian format. The function sub_1FC4 in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "receiver1" is extracted in function "sub_15AC" which is then passed to the vulnerable system API call. The vulnerable library function is accessed in "cgibox" binary at address 0x00023BCC which calls the "Send_mail" function in "libmailutils.so" binary as shown below which results in the vulnerable POST parameter being passed to the library which results in the command injection issue.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-8407
📖 Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross-site request forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface to change the user's password.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-8404
📖 Read
via "National Vulnerability Database".
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The library "libmailutils.so" is the one that has the vulnerable function "sub_1FC4" that receives the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows an ARM little endian format. The function sub_1FC4 in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "receiver1" is extracted in function "sub_15AC" which is then passed to the vulnerable system API call. The vulnerable library function is accessed in "cgibox" binary at address 0x0008F598 which calls the "mailLoginTest" function in "libmailutils.so" binary as shown below which results in the vulnerable POST parameter being passed to the library which results in the command injection issue.📖 Read
via "National Vulnerability Database".