β SharePoint Online scam β sadly, phishingβs not dead β
π Read
via "Naked Security".
Not all phishes contain easily spotted errors or obviously dodgy web links - here's how to stay safe...π Read
via "Naked Security".
Naked Security
SharePoint Online scam β sadly, phishingβs not dead
Not all phishes contain easily spotted errors or obviously dodgy web links β hereβs how to stay safeβ¦
π΄ CISA Warns Public About the Risks of 5G π΄
π Read
via "Dark Reading: ".
Vulnerabilities include everything from physical risks through the supply chain to business risks.π Read
via "Dark Reading: ".
Dark Reading
CISA Warns Public About the Risks of 5G
Vulnerabilities include everything from physical risks through the supply chain to business risks.
π΄ Russia Attempted to De-Anonymize Tor Browser: Report π΄
π Read
via "Dark Reading: ".
An attempt to crack Tor was one of many projects hackers discovered when they broke into Russian intelligence contractor SyTech.π Read
via "Dark Reading: ".
Darkreading
Russia Attempted to De-Anonymize Tor Browser: Report
An attempt to crack Tor was one of many projects hackers discovered when they broke into Russian intelligence contractor SyTech.
π Government Contractor Gets Nine Years for Data Theft π
π Read
via "Subscriber Blog RSS Feed ".
The judge is hopeful the sentencing is enough to deter other government employees with security clearances from mishandling secrets.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Government Contractor Gets Nine Years for Data Theft
The judge is hopeful the sentencing is enough to deter other government employees with security clearances from mishandling secrets.
ATENTIONβΌ New - CVE-2018-18676
π Read
via "National Vulnerability Database".
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18675
π Read
via "National Vulnerability Database".
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/board_form_update.php bo_mobile_subject parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18673
π Read
via "National Vulnerability Database".
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menu_list_update.php me_link parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18672
π Read
via "National Vulnerability Database".
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board head contents" parameter, aka the adm/board_form_update.php bo_content_head parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18671
π Read
via "National Vulnerability Database".
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/board_form_update.php bo_mobile_content_head parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-18670
π Read
via "National Vulnerability Database".
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/config_form_update.php cf_1~10 parameter.π Read
via "National Vulnerability Database".
β Malware-Loader βBrushaloaderβ Grows More Menacing β
π Read
via "Threatpost".
Dropper malware become more popular as hackers turn to more quiet attack techniques to avoid detection.π Read
via "Threatpost".
Threat Post
Malware-Loader βBrushaloaderβ Grows More Menacing
Dropper malware become more popular as hackers turn to more quiet attack techniques to avoid detection.
π΄ Bug Bounties Continue to Rise as Google Boosts its Payouts π΄
π Read
via "Dark Reading: ".
Reward for vulnerability research climbed 83% in the past year.π Read
via "Dark Reading: ".
Darkreading
Bug Bounties Continue to Rise as Google Boosts its Payouts
Reward for vulnerability research climbed 83% in the past year.
β WordPress Plugin Flaws Exploited in Ongoing Malvertising Campaign β
π Read
via "Threatpost".
An ongoing malvertising campaign is exploiting WordPress plugin vulnerabilities to redirect website visitors to malicious pages.π Read
via "Threatpost".
Threat Post
WordPress Plugin Flaws Exploited in Ongoing Malvertising Campaign
An ongoing malvertising campaign is exploiting WordPress plugin vulnerabilities to redirect website visitors to malicious pages.
β Citrix Confirms Password-Spraying Heist of Reams of Internal IP β
π Read
via "Threatpost".
Security experts say the attack stemmed from weak cybersecurity controls.π Read
via "Threatpost".
Threat Post
Citrix Confirms Password-Spraying Heist of Reams of Internal IP
Security experts say the attack stemmed from weak cybersecurity controls.
π΄ Business Email Compromise: Thinking Beyond Wire Transfers π΄
π Read
via "Dark Reading: ".
As BEC continues to drive record-high losses, cybercriminals devise new tactics for swindling corporate targets out of millions.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Penetration Test Data Shows Risk to Domain Admin Credentials π΄
π Read
via "Dark Reading: ".
But gaining a foothold on the LAN via vulnerabilities on Internet-facing assets is becoming harder, Rapid7 found in its real-world pen tests.π Read
via "Dark Reading: ".
Dark Reading
Penetration Test Data Shows Risk to Domain Admin Credentials
But gaining a foothold on the LAN via vulnerabilities on Internet-facing assets is becoming harder, Rapid7 found in its real-world pen tests.
π΄ New IPS Architecture Uses Network Flow Data for Analysis π΄
π Read
via "Dark Reading: ".
Can a stream of data intended for network performance monitoring be the basis of network security? One company says the answer is 'yes.'π Read
via "Dark Reading: ".
Dark Reading
New IPS Architecture Uses Network Flow Data for Analysis
Can a stream of data intended for network performance monitoring be the basis of network security? One company says the answer is 'yes.'
π΄ Malware-based Attacks Dropped 20% Worldwide π΄
π Read
via "Dark Reading: ".
Meanwhile, criminals waged more encrypted, ransomware, and IoT attacks.π Read
via "Dark Reading: ".
Dark Reading
Malware-based Attacks Dropped 20% Worldwide
Meanwhile, criminals waged more encrypted, ransomware, and IoT attacks.
β Facebook admits to Messenger Kids security hole β
π Read
via "Naked Security".
A hole in the supposed closed-loop messaging system allowed children to join group chats with people their parents hadnβt approved.π Read
via "Naked Security".
Naked Security
Facebook admits to Messenger Kids security hole
A hole in the supposed closed-loop messaging system allowed children to join group chats with people their parents hadnβt approved.
β Appleβs July patchfest fixes bugs in multiple products β
π Read
via "Naked Security".
Apple released fixes for various products this week, including one for a bug that has been public with proof-of-concept code for two months.π Read
via "Naked Security".
Naked Security
Appleβs July patchfest fixes bugs in multiple products
Apple released fixes for various products this week, including one for a bug that has been public with proof-of-concept code for two months.
π΄ VPNs' Future: Less Reliant on Users, More Transparent, And Smarter π΄
π Read
via "Dark Reading: ".
Virtual private networking is poised to become more automated and intelligent, especially as endpoints associated with cloud services and the IoT need protection.π Read
via "Dark Reading: ".
Dark Reading
VPNs' Future: Less Reliant on Users, More Transparent, And Smarter
Virtual private networking is poised to become more automated and intelligent, especially as endpoints associated with cloud services and the IoT need protection.