β Latest Android patches fix critical βQualPwnβ Wi-Fi flaws β
π Read
via "Naked Security".
The August 2019 security bulletin is out - and two of the critical flaws could allow an attacker to compromise the Android system kernel.π Read
via "Naked Security".
Naked Security
Latest Android patches fix critical βQualPwnβ Wi-Fi flaws
The August 2019 security bulletin is out β and two of the critical flaws could allow an attacker to compromise the Android system kernel.
β Banking PINs exposed in Monzo secure storage slip-up β
π Read
via "Naked Security".
When is a secure PIN not a secure PIN? When you accidentally store it in your log files.π Read
via "Naked Security".
Naked Security
Banking PINs exposed in Monzo secure storage slip-up
When is a secure PIN not a secure PIN? When you accidentally store it in your log files.
π΄ The Key to Enterprisewide Encryption π΄
π Read
via "Dark Reading: ".
Security teams have been slow to embrace enterprisewide encryption, and for good reasons. But the truth is, it doesn't have to be an all-or-nothing endeavor.π Read
via "Dark Reading: ".
Dark Reading
The Key to Enterprisewide Encryption - Dark Reading
Security teams have been slow to embrace enterprisewide encryption, and for good reasons. But the truth is, it doesn't have to be an all-or-nothing endeavor.
β Black Hat: LeapFrog Tablet Flaws Let Attackers Track, Message Kids β
π Read
via "Threatpost".
Several serious privacy flaws in a kid's tablet were disclosed this year at Black Hat, which could allow a bad actor to track or send messages to children.π Read
via "Threatpost".
Threat Post
Black Hat: LeapFrog Tablet Flaws Let Attackers Track, Message Kids
Several serious privacy flaws in a kid's tablet were disclosed this year at Black Hat, which could allow a bad actor to track or send messages to children.
β Donβt fall for fake Equifax settlement sites, warns FTC β
π Read
via "Naked Security".
Equifictitious sites popped up within days of Equifax agreeing to pay up to $700m to settle claims over the 2017 data breach.π Read
via "Naked Security".
Naked Security
Donβt fall for fake Equifax settlement sites, warns FTC
Equifictitious sites popped up within days of Equifax agreeing to pay up to $700m to settle claims over the 2017 data breach.
β Security Vulnerabilities Are Increasingly Putting Kids at Risk β
π Read
via "Threatpost".
A kid's tablet with security vulnerabilities is only the latest privacy faux pas in a children's connected device.π Read
via "Threatpost".
Threat Post
Security Vulnerabilities Are Increasingly Putting Kids at Risk
A kid's tablet with security vulnerabilities is only the latest privacy faux pas in a children's connected device.
β Scammers recruiting money mules on dating sites is on the rise, says FBI β
π Read
via "Naked Security".
It's not longer enough to be wary of flash-in-the-pan "lovers" who ask you to send money; now they're asking you to open accounts for them.π Read
via "Naked Security".
Naked Security
Scammers recruiting money mules on dating sites is on the rise, says FBI
Itβs no longer enough to be wary of flash-in-the-pan βloversβ who ask you to send money; now theyβre asking you to open accounts for them.
π Why do so many wireless routers lack basic security protections? π
π Read
via "Security on TechRepublic".
Many popular routers include security flaws, but here are some tips on how to secure your wireless router, according to Consumer Reports.π Read
via "Security on TechRepublic".
TechRepublic
Why do so many wireless routers lack basic security protections?
Many popular routers include security flaws, but here are some tips on how to secure your wireless router, according to Consumer Reports.
β New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses β
π Read
via "Threatpost".
Researchers demonstrate a new side-channel attack that bypass mitigations against Spectre and Meltdown.π Read
via "Threatpost".
Threat Post
New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses
Researchers demonstrate a new side-channel attack that bypass mitigations against Spectre and Meltdown.
π΄ Rethinking Website Spoofing Mitigation π΄
π Read
via "Dark Reading: ".
Deception technology is evolving rapidly, making it easier for organizations to turn the tables on their attackers. Here's how.π Read
via "Dark Reading: ".
Darkreading
Rethinking Website Spoofing Mitigation
Deception technology is evolving rapidly, making it easier for organizations to turn the tables on their attackers. Here's how.
β Donβt let the crooks βborrowβ your home router as a hacking server β
π Read
via "Naked Security".
Crooks don't have to break *into* your network to benefit - they can bounce *off* it so you take the blame and look like a hacker yourself.π Read
via "Naked Security".
Naked Security
Donβt let the crooks βborrowβ your home router as a hacking server
Crooks donβt have to break *into* your network to benefit β they can bounce *off* it so you take the blame and look like a hacker yourself.
π How the Air Force used a bug bounty program to hack its own cloud server π
π Read
via "Security on TechRepublic".
The Air Force paid out $123,000 to researchers who found vulnerabilities in the organization's move to the cloud. Here's why.π Read
via "Security on TechRepublic".
TechRepublic
How the Air Force used a bug bounty program to hack its own cloud server
The Air Force paid out $123,000 to researchers who found vulnerabilities in the organization's move to the cloud. Here's why.
π Businesses need to patch for BlueKeep to avoid another WannaCry π
π Read
via "Security on TechRepublic".
BitSight is sounding an alarm over the potential for patching to taper off, leaving legacy systems at risk for the potentially potent vulnerability.π Read
via "Security on TechRepublic".
TechRepublic
Businesses need to patch for BlueKeep to avoid another WannaCry
BitSight is sounding an alarm over the potential for patching to taper off, leaving legacy systems at risk for the potentially potent vulnerability.
β Smominru Cryptominer Scrapes Credentials for Half-Million Machines β
π Read
via "Threatpost".
The adversaries have retooled with EternalBlue and credential theft to add a new "access mining" revenue stream.π Read
via "Threatpost".
Threat Post
Smominru Cryptominer Scrapes Credentials for Half-Million Machines
The adversaries have retooled with EternalBlue and credential theft to add a new "access mining" revenue stream.
ATENTIONβΌ New - CVE-2015-9291 (cpanel)
π Read
via "National Vulnerability Database".
cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-5297 (pixman)
π Read
via "National Vulnerability Database".
An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.π Read
via "National Vulnerability Database".
β Black Hat 2019: Securityβs Powerful Cultural Transformation β
π Read
via "Threatpost".
Dino Dai Zovi, mobile security lead at Square, discusses ongoing transformation in security's role in the workplace during the keynote.π Read
via "Threatpost".
Threat Post
Black Hat 2019: Securityβs Powerful Cultural Transformation
Black Hat 2019: Security's Powerful Cultural Transformation
π΄ Boeing 787 On-Board Network Vulnerable to Remote Hacking, Researcher Says π΄
π Read
via "Dark Reading: ".
Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.π Read
via "Dark Reading: ".
Dark Reading
Boeing 787 On-Board Network Vulnerable to Remote Hacking, Researcher Says
Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.
π΄ Enterprises Must Be Wary of Ransomware Targeting Network File Shares &Cloud Assets π΄
π Read
via "Dark Reading: ".
New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
β Black Hat 2019: Ethical Hackers Must Protect Digital Human Rights β
π Read
via "Threatpost".
From government surveillance to domestic abuse, technology is being used in new and disturbing ways that threaten human rights - how can the security industry fight back?π Read
via "Threatpost".
Threat Post
Black Hat 2019: Ethical Hackers Must Protect Digital Human Rights
From government surveillance to domestic abuse, technology is being used in new and disturbing ways that threaten human rights - how can the security industry fight back?
π΄ North Korean Cyber Ops Reportedly Stole $2B to Fund Weapons Programs π΄
π Read
via "Dark Reading: ".
Unlike many nations, North Korea often engages in cyber operations to generate much-needed cash for the country's coffers. In that respect, its hackers have been extremely successful.π Read
via "Dark Reading: ".
Dark Reading
North Korean Cyber Ops Reportedly Stole $2B to Fund Weapons Programs
Unlike many nations, North Korea often engages in cyber operations to generate much-needed cash for the country's coffers. In that respect, its hackers have been extremely successful.