🛡 Cybersecurity & Privacy 🛡 - News

Apple iOS Flaw Could Give Attacker Access via iMessage

Google Project Zero researchers found an iOS vulnerability that could let an attacker snoop on a victim's phone remotely.

38 views19:34

ATENTION‼ New - CVE-2017-18381

The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials.

📖 Read

via "National Vulnerability Database".

41 views20:32

❌ DHS Warning: Small Aircraft are Ripe for Hacking ❌

Hackers with physical access to small aircraft can easily hack the plane's CAN bus system and take control of key navigation systems.

📖 Read

via "Threatpost".

DHS Warning: Small Aircraft are Ripe for Hacking

Hackers with physical access to small aircraft can easily hack the plane's CAN bus system and take control of the navigation systems.

49 views21:09

New AT&T Cybersecurity Managed Threat Detection and Response service

🕴 New AT&T Cybersecurity Managed Threat Detection and Response service 🕴

📖 Read

via "Dark Reading: ".

Dark Reading

Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

61 views21:19

🕴 Container Security Is Falling Behind Container Deployments 🕴

Organizations are increasingly turning to containers even though they are not as confident in the security of those containers, according to a new survey.

📖 Read

via "Dark Reading: ".

Container Security Is Falling Behind Container Deployments

Organizations are increasingly turning to containers even though they are not as confident in the security of those containers, according to a new survey.

59 views23:04

⚠ Cyberattacks on connected cars could gridlock entire cities ⚠

It would require taking over and stranding 20% of a city's cars to freeze traffic, and only 10% to impede ambulances, physicists calculate.

📖 Read

via "Naked Security".

Cyberattacks on connected cars could gridlock entire cities

It would require taking over and stranding 20% of a city’s cars to freeze traffic, and only 10% to impede ambulances, physicists calculate.

57 views10:46

Keep Your Eye on Digital Certificates

🕴 Keep Your Eye on Digital Certificates 🕴

X.509 certificates help secure the identity, privacy, and communication between two endpoints, but these digital certificates also have built-in expirations and must be managed.

📖 Read

via "Dark Reading: ".

Dark Reading

X.509 certificates help secure the identity, privacy, and communication between two endpoints, but these digital certificates also have built-in expirations and must be managed.

52 views11:14

🔐 SanDisk's SSD Dashboard uses hardcoded password, lacks encrypted updates 🔐

Lackadaisical security practices in proprietary management software from a hardware vendor underscore the need for a vendor-agnostic solution.

📖 Read

via "Security on TechRepublic".

SanDisk's SSD Dashboard uses hardcoded password, lacks encrypted updates

Lackadaisical security practices in proprietary management software from a hardware vendor underscore the need for a vendor-agnostic solution.

47 views12:17

Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.

🕴 Best Practices 🕴

📖 Read

via "Dark Reading: ".

Dark Reading

In-Depth - Dark Reading

40 views12:19

🔐 iOS and Android patched 440 security vulnerabilities in 2019, so far 🔐

Android patched more CVEs than Apple did, according to a Zimperium report.

📖 Read

via "Security on TechRepublic".

iOS and Android patched 440 security vulnerabilities in 2019, so far

Android patched more CVEs than Apple did, according to a Zimperium report.

43 views12:42

🔐 Capital One is not alone: 3.5B malicious login attacks target banks and customers 🔐

Phishing and credential stuffing attacks are top threats to financial services organizations and customers, according to Akamai.

📖 Read

via "Security on TechRepublic".

Capital One is not alone: 3.5B malicious login attacks target banks and customers

Phishing and credential stuffing attacks are top threats to financial services organizations and customers, according to Akamai.

43 views12:47

❌ Black Hat USA 2019 Preview ❌

Threatpost editors discuss the top trends, keynotes and sessions that they look forward to at Black Hat USA and DEF CON 2019.

📖 Read

via "Threatpost".

Black Hat USA 2019 Preview

Threatpost editors discuss the top trends, keynotes and sessions that they look forward to at Black Hat USA and DEF CON 2019.

40 views13:05

⚠ Georgia hit with malware yet again ⚠

The Department of Public Safety says it won't pay, but given the umpteen times the state's agencies have been hit, somebody's not listening.

📖 Read

via "Naked Security".

Georgia hit with malware yet again

The Department of Public Safety says it won’t pay, but given the umpteen times the state’s agencies have been hit, somebody’s not listening.

42 views13:16

⚠ iMessage bug could have allowed attackers to read data from any iPhone ⚠

Google's Project Zero has unveiled details of a bug in Apple's iMessage that lets attackers read data from an iPhone without any user interaction.

📖 Read

via "Naked Security".

iMessage bug could have allowed attackers to read data from any iPhone

Google’s Project Zero has unveiled details of a bug in Apple’s iMessage that lets attackers read data from an iPhone without any user interaction.

40 views13:51

🔐 5 experimental cybersecurity trends your business needs to know about 🔐

These early-stage security trends have not yet seen widespread adoption, but may in the near future, according to CB Insights.

📖 Read

via "Security on TechRepublic".

5 experimental cybersecurity trends your business needs to know about

These early-stage security trends have not yet seen widespread adoption, but may in the near future, according to CB Insights.

39 views14:07

🕴 The Attribution Trap: A Waste of Precious Time & Money 🕴

📖 Read

via "Dark Reading: ".

The Attribution Trap: A Waste of Precious Time & Money

Aiming for attribution doesn't help most organizations become more secure. It can actually have the opposite effect.

41 views14:14

🕴 8 Free Tools to Be Showcased at Black Hat and DEF CON 🕴

Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large.

📖 Read

via "Dark Reading: ".

8 Free Tools to Be Showcased at Black Hat and DEF CON

Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large.

43 views14:14

❌ Trivial Bug Turns Home Security Cameras Into Listening Posts ❌

Anyone can listen to the camera's audio over the internet.

📖 Read

via "Threatpost".

Trivial Bug Turns Home Security Cameras Into Listening Posts

Anyone can listen to the camera's audio over the internet.

43 views14:59

❌ Chrome 76 Dumps Default Adobe Flash Player Support ❌

In addition, Google’s latest Chrome version implements 43 new security fixes.

📖 Read

via "Threatpost".

Chrome 76 Dumps Default Adobe Flash Player Support

In addition, Google’s latest Chrome version implements 43 new security fixes.

43 views16:19

ATENTION‼ New - CVE-2018-16860

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.

📖 Read

via "National Vulnerability Database".

39 views16:32

⚠ ‘Urgent/11’ flaws affect 200 million devices – from routers to elevators ⚠

There are 11 security flaws affecting VxWorks: “the most widely used operating system you may never have heard about”.

📖 Read

via "Naked Security".