π’ Ransomware discovered carrying legitimate Windows certificates π’
π Read
via "ITPro".
Sophos researchers pointed to the sophisticated signatures as a sign of a new, dangerous strategy by a group tied to Cubaπ Read
via "ITPro".
ITPro
Ransomware discovered carrying legitimate Windows certificates
Sophos researchers pointed to the sophisticated signatures as a sign of a new, dangerous strategy by a group tied to Cuba
π’ The pros and cons of facial recognition technology π’
π Read
via "ITPro".
There are plenty of pros and cons of facial recognition technology, but is it really worth risking user privacy in the name of efficiency and security?π Read
via "ITPro".
ITPro
The pros and cons of facial recognition technology
There are plenty of pros and cons of facial recognition technology, but is it really worth risking user privacy in the name of efficiency and security?
π’ Telstra blames IT blunder for leak of 130,000 customer records π’
π Read
via "ITPro".
Australiaβs biggest telco said that the error was due to a mismanagement of databases and not a cyber attackπ Read
via "ITPro".
ITPro
Telstra blames IT blunder for leak of 130,000 customer records
Australiaβs biggest telco said that the error was due to a mismanagement of databases and not a cyber attack
π’ Microsoft patches two zero-day vulnerabilities in last Patch Tuesday of 2022 π’
π Read
via "ITPro".
Zero-days affecting Windows SmartScreen and DirectX were identified in the latest security updateπ Read
via "ITPro".
ITPro
Microsoft patches two zero-day vulnerabilities in last Patch Tuesday of 2022
Zero-days affecting Windows SmartScreen and DirectX were identified in the latest security update
π’ IT Pro 20/20: LinkedIn & the toxic world of cyber security π’
π Read
via "ITPro".
A look at the shady world of cyber security networking and online communitiesπ Read
via "ITPro".
ITPro
IT Pro 20/20: LinkedIn & the toxic world of cyber security
A look at the shady world of cyber security networking and online communities
π’ What is HTTP error 503 and how do you fix it? π’
π Read
via "ITPro".
It may not always be obvious what's behind a HTTP error 503, but there are steps you can take to get back onlineπ Read
via "ITPro".
ITPro
What is HTTP error 503 and how do you fix it?
The cause of HTTP error 503 might be hard to find, but there are steps you can take to resume website access
βΌ CVE-2022-4506 βΌ
π Read
via "National Vulnerability Database".
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4505 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4504 βΌ
π Read
via "National Vulnerability Database".
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4502 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4503 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2.π Read
via "National Vulnerability Database".
ποΈ Critical IP spoofing bug patched in Cacti ποΈ
π Read
via "The Daily Swig".
βNot that hard to execute if attacker has access to a monitoring platform running Cactiβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Critical IP spoofing bug patched in Cacti
βNot that hard to execute if attacker has access to a monitoring platform running Cactiβ
π΄ Data Destruction Policies in the Age of Cloud Computing π΄
π Read
via "Dark Reading".
It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality?π Read
via "Dark Reading".
Dark Reading
Data Destruction Policies in the Age of Cloud Computing
It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality?
π΄ Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps π΄
π Read
via "Dark Reading".
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail.π Read
via "Dark Reading".
Dark Reading
Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail.
β Apple patches everything, finally reveals mystery of iOS 16.1.2 β
π Read
via "Naked Security".
There's an update for everything this time, not just for iOS.π Read
via "Naked Security".
Naked Security
Apple patches everything, finally reveals mystery of iOS 16.1.2
Thereβs an update for everything this time, not just for iOS.
β Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware β
π Read
via "Naked Security".
Tales of derring-do in the cyberunderground! (And some zero-days.)π Read
via "Naked Security".
Naked Security
Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware
Tales of derring-do in the cyberunderground! (And some zero-days.)
β S3 Ep113: Pwning the Windows kernel β the crooks who hoodwinked Microsoft [Audio + Text] β
π Read
via "Naked Security".
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Adversary3 3.0 π
π Read
via "Packet Storm Security".
Adversary3 is a tool to navigate the vast www.malvuln.com malware vulnerability dataset.π Read
via "Packet Storm Security".
Packetstormsecurity
Adversary3 3.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook π΄
π Read
via "Dark Reading".
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.π Read
via "Dark Reading".
Dark Reading
Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.
π΄ WatchGuard Threat Lab Report Finds Top Threat Arriving Exclusively Over Encrypted Connections π΄
π Read
via "Dark Reading".
New research also analyzes the commoditization of adversary-in-the-middle attacks, JavaScript obfuscation in exploit kits, and a malware family with Gothic Panda ties.π Read
via "Dark Reading".
Dark Reading
WatchGuard Threat Lab Report Finds Top Threat Arriving Exclusively Over Encrypted Connections
New research also analyzes the commoditization of adversary-in-the-middle attacks, JavaScript obfuscation in exploit kits, and a malware family with Gothic Panda ties.
π΄ Axonius Bolsters SaaS Management Offering With New Behavioral Analytics and SaaS User-Device Association Capabilities to Help Teams Address SaaS Application Risk π΄
π Read
via "Dark Reading".
New features bring greater visibility and context into SaaS applications access and activity.π Read
via "Dark Reading".
Dark Reading
Axonius Bolsters SaaS Management Offering With Behavioral Analytics and SaaS User-Device Association Capabilities
New features bring greater visibility and context into SaaS applications access and activity.
π1