β Patch Android! July 2019 update fixes 9 critical flaws β
π Read
via "Naked Security".
Depending on when users receive it, this weekβs Androidβs July patch update will fix 33 security vulnerabilities, including 9 marked critical, and 24 marked high.π Read
via "Naked Security".
Naked Security
Patch Android! July 2019 update fixes 9 critical flaws
Depending on when users receive it, this weekβs Androidβs July patch update will fix 33 security vulnerabilities, including 9 marked critical, and 24 marked high.
β Miami police body cam videos up for sale on the darkweb β
π Read
via "Naked Security".
Videos from Miami Police Department body cams were leaked and stored in unprotected, internet-facing databases, then sold on the darkweb.π Read
via "Naked Security".
Naked Security
Miami police body cam videos up for sale on the darkweb
Videos from Miami Police Department body cams were leaked and stored in unprotected, internet-facing databases, then sold on the darkweb.
β Georgiaβs court system hit by ransomware β
π Read
via "Naked Security".
There's a hint that it might involve Ryuk ransomware. If so, it might be the fourth Ryuk attack against state and local agencies since May.π Read
via "Naked Security".
Naked Security
Georgiaβs court system hit by ransomware
Thereβs a hint that it might involve Ryuk ransomware. If so, it might be the fourth Ryuk attack against state and local agencies since May.
β IoT vendor Orvibo gives away treasure trove of user and device data β
π Read
via "Naked Security".
Researchers at web privacy review service vpnMentor discovered the data in an exposed ElasticSearch server online. It contains two billion items of log data from devices sold by Shenzen, China-based smart IoT device manufacturer Orvibo.π Read
via "Naked Security".
Naked Security
IoT vendor Orvibo gives away treasure trove of user and device data
Researchers at web privacy review service vpnMentor discovered the data in an exposed ElasticSearch server online. It contains two billion items of log data from devices sold by Shenzen, China-baseβ¦
π΄ TA505 Group Launches New Targeted Attacks π΄
π Read
via "Dark Reading: ".
Russian-speaking group has sent thousands of emails containing new malware to individuals working at financial institutions in the US, United Arab Emirates, and Singapore.π Read
via "Dark Reading: ".
Darkreading
TA505 Group Launches New Targeted Attacks
Russian-speaking group has sent thousands of emails containing new malware to individuals working at financial institutions in the US, United Arab Emirates, and Singapore.
π΄ Black Hat Q&A: Understanding NSA's Quest to Open Source Ghidra π΄
π Read
via "Dark Reading: ".
National Security Agency researcher Brian Knighton previews his October Black Hat USA talk on the evolution of Ghidra.π Read
via "Dark Reading: ".
Dark Reading
Black Hat Q&A: Understanding NSA's Quest to Open Source Ghidra
National Security Agency researcher Brian Knighton previews his October Black Hat USA talk on the evolution of Ghidra.
π UK Sees Steep Jump in Cyber Attacks on Financial Services Firms π
π Read
via "Subscriber Blog RSS Feed ".
According to a regulator, retail banks in the region took the biggest hit last year.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
UK Sees Steep Jump in Cyber Attacks on Financial Services Firms
According to a regulator, retail banks in the region took the biggest hit last year.
π΄ Disarming Employee Weaponization π΄
π Read
via "Dark Reading: ".
Human vulnerability presents a real threat for organizations. But it's also a remarkable opportunity to turn employees into our strongest cyber warriors.π Read
via "Dark Reading: ".
Darkreading
Disarming Employee Weaponization
Human vulnerability presents a real threat for organizations. But it's also a remarkable opportunity to turn employees into our strongest cyber warriors.
π DevOps will fail unless security and developer teams communicate better π
π Read
via "Security on TechRepublic".
DevOps initiatives have become important for 74% of organizations over the past year, but communication must improve for DevOps to be successful, according to Trend Micro.π Read
via "Security on TechRepublic".
TechRepublic
DevOps will fail unless security and developer teams communicate better
DevOps initiatives have become important for 74% of organizations over the past year, but communication must improve for DevOps to be successful, according to Trend Micro.
β Amazon Admits Alexa Voice Recordings Saved Indefinitely β
π Read
via "Threatpost".
Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.π Read
via "Threatpost".
Threat Post
Amazon Admits Alexa Voice Recordings Saved Indefinitely
Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.
β Serious Security: Beware eBay scrapers promising to help you with βviral promotionsβ β
π Read
via "Naked Security".
Selling items online? Watch our for people who suddenly offer to help!π Read
via "Naked Security".
Naked Security
Serious Security: Beware eBay scrapers promising to help you
Selling items online? Watch out for people who suddenly offer to help!
π Amazon Prime Day, EA gaming service's vulnerabilities, and the basics of multicloud π
π Read
via "Security on TechRepublic".
This week's TechRepublic and ZDNet news stories include the brand battle between Apple and Microsoft, Word documents containing malicious links, and the future of on-premises databases.π Read
via "Security on TechRepublic".
TechRepublic
Amazon Prime Day, EA gaming service's vulnerabilities, and the basics of multicloud
This week's TechRepublic and ZDNet news stories include the brand battle between Apple and Microsoft, Word documents containing malicious links, and the future of on-premises databases.
β Apple Transparency Report Now Includes App Store Takedown Requests β
π Read
via "Threatpost".
Apple report now includes data on requests by governments to take down apps from the tech giant's app store.π Read
via "Threatpost".
Threat Post
Apple Transparency Report Now Includes App Store Takedown Requests
Apple report now includes data on requests by governments to take down apps from the tech giants app store.
π Tech news roundup: Amazon Prime Day, EA gaming service's vulnerabilities, and the basics of multicloud π
π Read
via "Security on TechRepublic".
This week's TechRepublic and ZDNet news stories include the brand battle between Apple and Microsoft, Word documents containing malicious links, and the future of on-premises databases.π Read
via "Security on TechRepublic".
ATENTIONβΌ New - CVE-2018-11427
π Read
via "National Vulnerability Database".
CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-11426
π Read
via "National Vulnerability Database".
A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password change.π Read
via "National Vulnerability Database".
π΄ 20 Questions to Ask During a Real (or Manufactured) Security Crisis π΄
π Read
via "Dark Reading: ".
There are important lessons to be learned from a crisis, even the ones that are more fiction than fact.π Read
via "Dark Reading: ".
Darkreading
20 Questions to Ask During a Real (or Manufactured) Security Crisis
There are important lessons to be learned from a crisis, even the ones that are more fiction than fact.
π΄ More Than Half of SMB Devices Run Outdated Operating Systems π΄
π Read
via "Dark Reading: ".
66% of devices in small-to midsized businesses are based on expired or about-to-expire Microsoft OS versions, Alert Logic study found.π Read
via "Dark Reading: ".
Dark Reading
Endpoint Security recent news | Dark Reading
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading
π΄ Sodin Ransomware Exploits Windows Privilege Escalation Bug π΄
π Read
via "Dark Reading: ".
Exploitation of CVE-2018-8453 grants attackers the highest level of privileges on a target system.π Read
via "Dark Reading: ".
Darkreading
Sodin Ransomware Exploits Windows Privilege Escalation Bug
Exploitation of CVE-2018-8453 grants attackers the highest level of privileges on a target system.
ATENTIONβΌ New - CVE-2017-9327
π Read
via "National Vulnerability Database".
Secret data of processes managed by CM is not secured by file permissions.π Read
via "National Vulnerability Database".