ATENTIONβΌ New - CVE-2016-10770
π Read
via "National Vulnerability Database".
cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10769
π Read
via "National Vulnerability Database".
cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10768
π Read
via "National Vulnerability Database".
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10767
π Read
via "National Vulnerability Database".
cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).π Read
via "National Vulnerability Database".
π΄ Fighting Back Against Mobile Fraudsters π΄
π Read
via "Dark Reading: ".
The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.π Read
via "Dark Reading: ".
Dark Reading
Fighting Back Against Mobile Fraudsters
The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.
β Google and ARM Tackle Android Bugs with Memory-Tagging β
π Read
via "Threatpost".
Buffer overflows, race conditions, use-after-free and more account for more than half of all vulnerabilities in the Android platform.π Read
via "Threatpost".
Threat Post
Google and ARM Tackle Android Bugs with Memory-Tagging
Buffer overflows, race conditions, use-after-free and more account for more than half of all vulnerabilities in the Android platform.
β Microsoft Lab Offers $300K For Working Azure Exploits β
π Read
via "Threatpost".
Microsoft says its Azure Security Lab will allow researchers to attack its cloud environment in a customer-safe way.π Read
via "Threatpost".
Threat Post
Microsoft Lab Offers $300K For Working Azure Exploits
Microsoft says its Azure Security Lab will dole out rewards topping $300,000 for researchers to exploit customer-safe cloud environments.
ATENTIONβΌ New - CVE-2016-10766 (edx-platform)
π Read
via "National Vulnerability Database".
edx-platform before 2016-06-06 allows CSRF.π Read
via "National Vulnerability Database".
β Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections β
π Read
via "Threatpost".
After infecting Fiberhome routers, its sole purpose seems to be setting up SOCKS5 proxies.π Read
via "Threatpost".
Threat Post
Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections
After infecting Fiberhome routers, its sole purpose seems to be setting up SOCKS5 proxies.
π΄ Microsoft Opens Azure Security Lab, Raises Top Azure Bounty to $40K π΄
π Read
via "Dark Reading: ".
Microsoft has invited security experts to 'come and do their worst' to mimic cybercriminals in the Azure Security Lab.π Read
via "Dark Reading: ".
Dark Reading
Cloud Security recent news | Dark Reading
Explore the latest news and expert commentary on Cloud Security, brought to you by the editors of Dark Reading
π΄ Database of 200M-Plus Potential 'Sextortion' Victims Published π΄
π Read
via "Dark Reading: ".
Researchers have discovered a botnet (and the database it feeds on) dedicated to extortion schemes.π Read
via "Dark Reading: ".
Darkreading
Database of 200M-Plus Potential 'Sextortion' Victims Published
Researchers have discovered a botnet (and the database it feeds on) dedicated to extortion schemes.
β E3 Website Leaks Private Addresses for Thousands of Journalists β
π Read
via "Threatpost".
Personal data of 2,000 journalists was found publicly accessible on a spreadsheet on the website for popular trade show E3.π Read
via "Threatpost".
Threat Post
E3 Website Leaks Private Addresses for Thousands of Journalists
Personal data of 2,000 journalists was found publicly accessible on a spreadsheet on the website for popular trade show E3.
π΄ Destructive Malware Attacks Up 200% in 2019 π΄
π Read
via "Dark Reading: ".
Organizations hit with destructive malware can lose more than 12,000 machines and face $200 million or more in costs, IBM X-Force reports.π Read
via "Dark Reading: ".
Darkreading
Destructive Malware Attacks Up 200% in 2019
Organizations hit with destructive malware can lose more than 12,000 machines and face $200 million or more in costs, IBM X-Force reports.
π΄ Ransomware Used in Multimillion-Dollar Attacks Gets More Automated π΄
π Read
via "Dark Reading: ".
The authors of MegaCortex appear to have traded security for convenience and speed, say researchers at Accenture iDefense.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ Mimecast Rejected Over 67 Million Emails. Here's What It Learned π΄
π Read
via "Dark Reading: ".
New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Securing DevOps Is About People and Culture π΄
π Read
via "Dark Reading: ".
Preconceived notions and divisions make building security into the software development life cycle an uphill battle for many organizations.π Read
via "Dark Reading: ".
Dark Reading
Securing DevOps Is About People and Culture
Preconceived notions and divisions make building security into the software development life cycle an uphill battle for many organizations.
β Attackers ransom booksellerβs exposed MongoDB database β
π Read
via "Naked Security".
Another database has fallen to extortion hackers, this time containing 2.1 million records belonging to Mexican bookseller, LibrerΓa PorrΓΊa.π Read
via "Naked Security".
Naked Security
Attackers ransom booksellerβs exposed MongoDB database
Another database has fallen to extortion hackers, this time containing 2.1 million records belonging to Mexican bookseller, LibrerΓa PorrΓΊa.
β GitHub βencouragesβ hacking, says lawsuit following Capital One breach β
π Read
via "Naked Security".
The class action charges Capital One and GitHub, charging it with being "friendly" (at least) toward hacking and for the hackers' posts.π Read
via "Naked Security".
Naked Security
GitHub βencouragesβ hacking, says lawsuit following Capital One breach
The class action charges Capital One and GitHub, charging it with being βfriendlyβ (at least) toward hacking and for the hackersβ posts.
π΄ Hollywood-Style Hacker Fight π΄
π Read
via "Dark Reading: ".
What movies much? Here's what happens when two hackers try to outhack each other.π Read
via "Dark Reading: ".
Darkreading
Hollywood-Style Hacker Fight
Watch movies much? Here's what happens when two hackers try to outhack each other.
β Fake Dell support rep admits to talking US colleges out of $874,000 β
π Read
via "Naked Security".
His victims: UCSD and a Pennsylvania university. He hid out in Kenya for nearly 8 months before being nabbed.π Read
via "Naked Security".
Naked Security
Fake Dell support rep admits to talking US colleges out of $874,000
His victims: UCSD and a Pennsylvania university. He hid out in Kenya for nearly 8 months before being nabbed.
β Baldr malware unpicked with a little help from crooksβ bad opsec β
π Read
via "Naked Security".
New research from Sophos takes an exhaustive look at the Baldr password stealer.π Read
via "Naked Security".
Naked Security
Baldr malware unpicked with a little help from crooksβ bad opsec
New research from Sophos takes an exhaustive look at the Baldr password stealer.