π 40% of enterprises experienced Office 365 credential theft, report finds π
π Read
via "Security on TechRepublic".
While 80% of organizations use more than the default security provided by Office 365, additional measures are needed to secure enterprise email.π Read
via "Security on TechRepublic".
TechRepublic
40% of enterprises experienced Office 365 credential theft, report finds
While 80% of organizations use more than the default security provided by Office 365, additional measures are needed to secure enterprise email.
ATENTIONβΌ New - CVE-2018-2024
π Read
via "National Vulnerability Database".
IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 155350.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-13927
π Read
via "National Vulnerability Database".
Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-13924
π Read
via "National Vulnerability Database".
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA6174A, QCA8081, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-13896
π Read
via "National Vulnerability Database".
XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130π Read
via "National Vulnerability Database".
β Amazon Alexa, Google Home On Collision Course With Regulation β
π Read
via "Threatpost".
Threatpost talks to Tim Mackey with Synopsys about recent Amazon Echo and Google Home privacy faux pas. Will GDPR and other regulations catch up to the voice assistants?π Read
via "Threatpost".
Threat Post
Amazon Alexa, Google Home On Collision Course With Regulation
Threatpost talks to Tim Mackey with Synopsys about recent Amazon Echo and Google Home privacy faux pas. Will GDPR and other regulations catch up to the voice assistants?
π΄ Firmware Vulnerabilities Show Supply Chain Risks π΄
π Read
via "Dark Reading: ".
A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk.π Read
via "Dark Reading: ".
Darkreading
Firmware Vulnerabilities Show Supply Chain Risks
A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk.
π Equifax to Pay Upwards of $700 Million in Data Breach Settlement π
π Read
via "Subscriber Blog RSS Feed ".
Once approved, the settlement will be the largest ever paid by a company over a data breach.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Equifax to Pay Upwards of $700 Million in Data Breach Settlement
Once approved, the settlement will be the largest ever paid by a company over a data breach.
β Tackling the Collaboration Conundrum β
π Read
via "Threatpost".
Enterprises should recognize the data security risk that Slack, Teams or TeamViewer could introduce and address it.π Read
via "Threatpost".
Threat Post
Tackling the Collaboration Conundrum
Enterprises should recognize the data security risk that Slack, Teams or TeamViewer could introduce and address it.
β Critical RCE Flaw in Palo Alto Gateways Hits Uber β
π Read
via "Threatpost".
The bug is previously unknown but yet still fixed in later releases. However, many organizations are likely still vulnerable.π Read
via "Threatpost".
Threat Post
Critical RCE Flaw in Palo Alto Gateways Hits Uber
The bug is previously unknown but yet still fixed in later releases. However, many organizations are likely still vulnerable.
π΄ How Cybercriminals Break into the Microsoft Cloud π΄
π Read
via "Dark Reading: ".
Microsoft and Trimarc researchers explore the most common attacks against the cloud and effective defenses and mitigation.π Read
via "Dark Reading: ".
Darkreading
How Cybercriminals Break into the Microsoft Cloud
Microsoft and Trimarc researchers explore the most common attacks against the cloud and effective defenses and mitigation.
π΄ Equifax to Pay Up to $700mn for Data Breach Damages π΄
π Read
via "Dark Reading: ".
In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove.π Read
via "Dark Reading: ".
Dark Reading
Equifax to Pay Up to $700mn for Data Breach Damages
In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove.
β FSB hackers drop files online β
π Read
via "Naked Security".
A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online.π Read
via "Naked Security".
Naked Security
FSB hackers drop files online
A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online.
β Your Androidβs accelerometer could be used to eavesdrop on your calls β
π Read
via "Naked Security".
Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.π Read
via "Naked Security".
Naked Security
Your Androidβs accelerometer could be used to eavesdrop on your calls
Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.
β Big password hole in iOS 13 beta spotted by testers β
π Read
via "Naked Security".
A security clanger has been spotted in the current beta version of iOS 13 which allows anyone to access a userβs stored web and app passwords without having to authenticate.π Read
via "Naked Security".
Naked Security
Big password hole in iOS 13 beta spotted by testers
A security clanger has been spotted in the current beta version of iOS 13 which allows anyone to access a userβs stored web and app passwords without having to authenticate.
π How organizations and employees can protect themselves against financial email scams π
π Read
via "Security on TechRepublic".
Fraudulent emails that try to trick their victims into conducting financial transactions amounted to losses of more than $1.2 billion in 2018, according to a new study from Symantec.π Read
via "Security on TechRepublic".
TechRepublic
How organizations and employees can protect themselves against financial email scams
Fraudulent emails that try to trick their victims into conducting financial transactions amounted to losses of more than $1.2 billion in 2018, according to a new study from Symantec.
π How businesses can reduce the financial impact of data breaches π
π Read
via "Security on TechRepublic".
The cost of a data breach has grown 12% over the past 5 years, hitting $3.92 million on average. Organizations can take steps to mitigate the financial damage, according to a new report.π Read
via "Security on TechRepublic".
TechRepublic
How businesses can reduce the financial impact of data breaches
The cost of a data breach has grown 12% over the past 5 years, hitting $3.92 million on average. Organizations can take steps to mitigate the financial damage, according to a new report.
π΄ Security Considerations in a BYOD Culture π΄
π Read
via "Dark Reading: ".
The 'bring your own device' movement has put security pros on high alert for a new breed of predator who is on the hunt to find ways to exploit the ever-expanding attack surface.π Read
via "Dark Reading: ".
Dark Reading
Security Considerations in a BYOD Culture
The 'bring your own device' movement has put security pros on high alert for a new breed of predator who is on the hunt to find ways to exploit the ever-expanding attack surface.
π΄ Planning a Bug Bounty Program? Follow Shopify's Example π΄
π Read
via "Dark Reading: ".
Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.π Read
via "Dark Reading: ".
Dark Reading
Planning a Bug Bounty Program? Follow Shopify's Example
Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.
π΄ DHS's Bob Kolasky Goes All in on Risk Management π΄
π Read
via "Dark Reading: ".
As director of the DHS's National Risk Management Center, measuring and managing risk for critical infrastructure across 16 industrial sectors, Kolasky stands at a busy crossroads.π Read
via "Dark Reading: ".
Dark Reading
DHS's Bob Kolasky Goes All in on Risk Management
As director of the DHS's National Risk Management Center, measuring and managing risk for critical infrastructure across 16 industrial sectors, Kolasky stands at a busy crossroads.