🕴 4 Reasons Why SOC Superstars Quit 🕴
📖 Read
via "Dark Reading: ".
Security analysts know they are a hot commodity in the enviable position of writing their own ticket. Here's how to keep them engaged, challenged, and happy.📖 Read
via "Dark Reading: ".
Dark Reading
4 Reasons Why SOC Superstars Quit
Security analysts know they are a hot commodity in the enviable position of writing their own ticket. Here's how to keep them engaged, challenged, and happy.
ATENTION‼ New - CVE-2018-12626
📖 Read
via "National Vulnerability Database".
An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-12625
📖 Read
via "National Vulnerability Database".
An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-12623
📖 Read
via "National Vulnerability Database".
An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the current_page parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-12622
📖 Read
via "National Vulnerability Database".
An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-11423 (oncell_g3150-hspa-t_firmware, oncell_g3150-hspa_firmware)
📖 Read
via "National Vulnerability Database".
There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2018-11420 (oncell_g3150-hspa-t_firmware, oncell_g3150-hspa_firmware)
📖 Read
via "National Vulnerability Database".
There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.📖 Read
via "National Vulnerability Database".
❌ Latest FinSpy Modules Lift Data from Secure Messaging Apps ❌
📖 Read
via "Threatpost".
The espionage tool is capable of eavesdropping on calls and messages sent via Signal, Telegram, WhatsApp and more.📖 Read
via "Threatpost".
Threat Post
Latest FinSpy Modules Lift Data from Secure Messaging Apps
The espionage tool is capable of eavesdropping on calls and messages sent via Signal, Telegram, WhatsApp and more.
🕴 Intel Releases Updates for Storage & Diagnostic Tools 🕴
📖 Read
via "Dark Reading: ".
CISA released an alert telling users about the updates to firmware in Intel SSD and Processor Diagnostic products.📖 Read
via "Dark Reading: ".
Dark Reading
Intel Releases Updates for Storage & Diagnostic Tools
CISA released an alert telling users about the updates to firmware in Intel SSD and Processor Diagnostic products.
❌ Zoom Pushes Emergency Patch for Webcam Hijack Flaw ❌
📖 Read
via "Threatpost".
After media scrutiny, the collaboration service has decided to address the zero-day after initially dismissing its severity.📖 Read
via "Threatpost".
Threat Post
Zoom Pushes Emergency Patch for Webcam Hijack Flaw
After media scrutiny, the collaboration service has decided to address the zero-day after initially dismissing its severity.
ATENTION‼ New - CVE-2017-7189
📖 Read
via "National Vulnerability Database".
main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen calls, such as by interpreting fsockopen('127.0.0.1:80', 443) as if the address/port were 127.0.0.1:80:443, which is later truncated to 127.0.0.1:80. This behavior has a security risk if the explicitly provided port number (i.e., 443 in this example) is hardcoded into an application as a security policy, but the hostname argument (i.e., 127.0.0.1:80 in this example) is obtained from untrusted input.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-6217
📖 Read
via "National Vulnerability Database".
paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code execution📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2017-12652
📖 Read
via "National Vulnerability Database".
libpng before 1.6.32 does not properly check the length of chunks against the user limit.📖 Read
via "National Vulnerability Database".
🕴 Vulnerability Found in GE Anesthesia Machines 🕴
📖 Read
via "Dark Reading: ".
GE Healthcare has released a statement claiming the bug is not in the machine itself and does not pose direct risk to patients.📖 Read
via "Dark Reading: ".
Dark Reading
Vulnerability Found in GE Anesthesia Machines
GE Healthcare has released a statement claiming the bug is not in the machine itself and does not pose direct risk to patients.
🕴 Why You Need a Global View of IT Assets 🕴
📖 Read
via "Dark Reading: ".
It may seem obvious, but many companies lose sight of the fact that they can't protect what they don't know they even have.📖 Read
via "Dark Reading: ".
Darkreading
Why You Need a Global View of IT Assets
It may seem obvious, but many companies lose sight of the fact that they can't protect what they don't know they even have.
ATENTION‼ New - CVE-2018-10531
📖 Read
via "National Vulnerability Database".
An issue was discovered in the America's Army Proving Grounds platform for the Unreal Engine. With a false packet sent via UDP, the application server responds with several bytes, giving the possibility of DoS amplification, even being able to be used in DDoS attacks.📖 Read
via "National Vulnerability Database".
🔏 US Coast Guard Issues Cybersecurity Best Practices for Ships 🔏
📖 Read
via "Subscriber Blog RSS Feed ".
In addition to a list of best practices, the Coast Guard confirmed in an alert this week that malware affected the shipboard network of a vessel in February.📖 Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
US Coast Guard Issues Cybersecurity Best Practices for Ships
In addition to a list of best practices, the Coast Guard confirmed in an alert this week that malware affected the shipboard network of a vessel in February.
🕴 New Ransomware Targets QNAP's Network-Attached Storage Devices 🕴
📖 Read
via "Dark Reading: ".
More than 19,000 systems in the US are potentially at risk from eCh0raix.📖 Read
via "Dark Reading: ".
Darkreading
New Ransomware Targets QNAP's Network-Attached Storage Devices
More than 19,000 systems in the US are potentially at risk from eCh0raix.
❌ Bug in Anesthesia Respirators Allows Cyber-Tampering ❌
📖 Read
via "Threatpost".
GE Healthcare said an attacker could modify gas composition parameters within the devices' respirator function.📖 Read
via "Threatpost".
Threat Post
Bug in Anesthesia Respirators Allows Cyber-Tampering
GE Healthcare said an attacker could modify gas composition parameters within the devices' respirator function.
🕴 Financial Firms Face Threats from Employee Mobile Devices 🕴
📖 Read
via "Dark Reading: ".
A new report says that phishing and man-in-the-middle attacks are major risks to financial institutions - via mobile devices in the hands of their employees.📖 Read
via "Dark Reading: ".
Darkreading
Financial Firms Face Threats from Employee Mobile Devices
A new report says that phishing and man-in-the-middle attacks are major risks to financial institutions - via mobile devices in the hands of their employees.
🕴 Industry Insight: Checking Up on Healthcare Security 🕴
📖 Read
via "Dark Reading: ".
Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short.📖 Read
via "Dark Reading: ".
Dark Reading
Industry Insight: Checking Up on Healthcare Security
Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short.