π΄ 12 AppSec Activities Enterprises Can't Afford to Skip π΄
π Read
via "Dark Reading: ".
The latest Building Security in Maturity Model (BSIMM9) report offers a statistically backed, bare-minimum benchmark for software security initiatives.π Read
via "Dark Reading: ".
Dark Reading
12 AppSec Activities Enterprises Can't Afford to Skip
The latest Building Security in Maturity Model (BSIMM9) report offers a statistically backed, bare-minimum benchmark for software security initiatives.
β Threatpost New Wrap Podcast For Oct. 5 β
π Read
via "The first stop for security news | Threatpost ".
Threatpost editors discuss the highlights and biggest breaking news from this past week.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Threatpost New Wrap Podcast For Oct. 5
Threatpost editors discuss the highlights and biggest breaking news from this past week.
β D-Link Patches RCE Bugs in Wireless Access Point Gear β
π Read
via "The first stop for security news | Threatpost ".
D-Link has released the beta version of the controller which addresses the reported vulnerabilities.π Read
via "The first stop for security news | Threatpost ".
Threat Post
D-Link Patches RCE Bugs in Wireless Access Point Gear
D-Link has released the beta version of the controller which addresses the reported vulnerabilities.
π΄ Successful Scammers Call After Lunch π΄
π Read
via "Dark Reading: ".
Analysis of 20,000 voice phishing, or vishing, calls reveals patterns in how hackers operate.π Read
via "Dark Reading: ".
Darkreading
Successful Scammers Call After Lunch
Analysis of 20,000 voice phishing, or vishing, calls reveals patterns in how social engineers operate and how targets respond.
β Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat β
π Read
via "The first stop for security news | Threatpost ".
A spyware attack on a Saudi dissident living in Canada made headlines this week, but Citizen Lab warns that simpler attacks are the real epidemic.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Virus Bulletin 2018: Saudi Dissident Spyware Attack Belies Bigger Threat
A spyware attack on a Saudi dissident living in Canada made headlines this week, but Citizen Lab warns that simpler attacks are the real epidemic.
π΄ Most Home Routers Are Full of Vulnerabilities π΄
π Read
via "Dark Reading: ".
More than 80% of surveyed routers had, on average, 172 security vulnerabilities, new research shows.π Read
via "Dark Reading: ".
Dark Reading
Most Home Routers Are Full of Vulnerabilities
More than 80% of surveyed routers had, on average, 172 security vulnerabilities, new research shows.
β Sony Smart TV Bug Allows Remote Access, Root Privileges β
π Read
via "The first stop for security news | Threatpost ".
Software patching becomes a new reality for smart TV owners.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Sony Smart TV Bug Allows Remote Access, Root Privileges
Software patching becomes a new reality for smart TV owners.
π΄ Mandia: Tipping Point Now Here for Rules of Cyber Engagement π΄
π Read
via "Dark Reading: ".
FireEye CEO and nation-state hacking expert Kevin Mandia says Russia began changing the game in 2015.π Read
via "Dark Reading: ".
Dark Reading
Mandia: Tipping Point Now Here for Rules of Cyber Engagement
FireEye CEO and nation-state hacking expert Kevin Mandia says Russia began changing the game in 2015.
π Cybersecurity investments: Why ROI calculations may not tell the whole story π
π Read
via "Security on TechRepublic".
Cybersecurity spends are about loss prevention not earnings, suggests security expert Bruce Schneier. Thankfully, there are better options to ensure cybersecurity investments are maximized.π Read
via "Security on TechRepublic".
ATENTIONβΌ New - CVE-2015-9273
π Read
via "National Vulnerability Database".
The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for WordPress has XSS via an HTTP Referer header, or via a field associated with JavaScript-based Referer tracking.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6710
π Read
via "National Vulnerability Database".
ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass authentication via a password[]= (aka an empty array) in an action=login request to index.php.π Read
via "National Vulnerability Database".
β PoC Attack Escalates MikroTik Router Bug to βAs Bad As It Getsβ β
π Read
via "The first stop for security news | Threatpost ".
Researchers say a medium severity bug should now be rated critical because of a new hack technique that allows for remote code execution on MikroTik edge and consumer routers.π Read
via "The first stop for security news | Threatpost ".
Threat Post
PoC Attack Escalates MikroTik Router Bug to βAs Bad As It Getsβ
Researchers say a medium severity bug should now be rated critical because of a new hack technique that allows for remote code execution on MikroTik edge and consumer routers.
β Monday review β the hot 19 stories of the week β
π Read
via "Naked Security".
From the iOS lockscreen bypass to Facebook using your 2FA phone number to target market you, and everything we wrote in between. Catch up with the news from the last seven days - it's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 19 stories of the week
From the iOS lockscreen bypass to Facebook using your 2FA phone number to target market you, and everything we wrote in between. Catch up with the news from the last seven days β itβs wβ¦
β Seven Russian cyberspies indicted for hacking, wire fraud, ID theft β
π Read
via "Naked Security".
"Bungling" Russian GRU operatives picked up by Dutch police, linked to OPCW and World Anti-Doping Agency hacks.π Read
via "Naked Security".
Naked Security
Seven Russian cyberspies indicted for hacking, wire fraud, ID theft
βBunglingβ Russian GRU operatives picked up by Dutch police, linked to OPCW and World Anti-Doping Agency hacks.
β Fitbit data leads to arrest of 90-year-old in stepdaughterβs murder β
π Read
via "Naked Security".
Her device recorded her heart rate slowing rapidly, then stopping about five minutes before her stepfather left the house.π Read
via "Naked Security".
Naked Security
Fitbit data leads to arrest of 90-year-old in stepdaughterβs murder
Her device recorded her heart rate slowing rapidly, then stopping about five minutes before her stepfather left the house.
β Attackers use voicemail hack to steal WhatsApp accounts β
π Read
via "Naked Security".
The Israeli National Cybersecurity Authority issued an alert warning that WhatsApp users could lose control of their accounts.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Phantom Secure CEO sold encrypted phones to drug cartels β
π Read
via "Naked Security".
The CEO of βuncrackableβ phone seller, Phantom Secure, has pleaded guilty to helping drug sellers keep their business locked away from the eyes of law enforcement.π Read
via "Naked Security".
Naked Security
Phantom Secure CEO sold encrypted phones to drug cartels
The CEO of βuncrackableβ phone seller, Phantom Secure, has pleaded guilty to helping drug sellers keep their business locked away from the eyes of law enforcement.
π΄ Teach Your AI Well: A Potential New Bottleneck for Cybersecurity π΄
π Read
via "Dark Reading: ".
Artificial intelligence (AI) holds the promise of easing the skills shortage in cybersecurity, but implementing AI may result in a talent gap of its own for the industry.π Read
via "Dark Reading: ".
Dark Reading
Teach Your AI Well: A Potential New Bottleneck for Cybersecurity
Artificial intelligence (AI) holds the promise of easing the skills shortage in cybersecurity, but implementing AI may result in a talent gap of its own for the industry.
π 5 tips to secure your supply chain from cyberattacks π
π Read
via "Security on TechRepublic".
It's nearly impossible to secure supply chains from attacks like the alleged Chinese chip hack that was reported last week. But here are some tips to protect your company.π Read
via "Security on TechRepublic".
TechRepublic
5 tips to secure your supply chain from cyberattacks
It's nearly impossible to secure supply chains from attacks like the alleged Chinese chip hack that was reported last week. But here are some tips to protect your company.
β Unpatched routers bad, doubly unpatched routers worse β much, much worse! β
π Read
via "Naked Security".
Two bugs can be four times the trouble! If you missed the last Microtik router patch, you're at risk, but if you're *two* patches behind ...π Read
via "Naked Security".
Naked Security
Unpatched routers bad, doubly unpatched routers worse β much, much worse!
Two bugs can be four times the trouble! If you missed the last Microtik router patch, youβre at risk, but if youβre *two* patches behind β¦
ATENTIONβΌ New - CVE-2016-7475
π Read
via "National Vulnerability Database".
Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1, the Traffic Management Microkernel (TMM) may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles.π Read
via "National Vulnerability Database".