β FruityArmor APT Exploits Yet Another Windows Graphics Kernel Flaw β
π Read
via "The first stop for security news | Threatpost ".
This is the second local privilege-escalation zero-day this APT group has exploited.π Read
via "The first stop for security news | Threatpost ".
Threat Post
FruityArmor APT Exploits Yet Another Windows Graphics Kernel Flaw
This is the second local privilege-escalation zero-day this APT group has exploited.
π΄ Russian Hacking Groups Intersect in Recent Cyberattacks π΄
π Read
via "Dark Reading: ".
Two different hacking teams best known as Turla and Fancy Bear employed the same stealthy attack method in an unusual overlap of hacking activity.π Read
via "Dark Reading: ".
Dark Reading
Russian Hacking Groups Intersect in Recent Cyberattacks
Two different hacking teams best known as Turla and Fancy Bear employed the same stealthy attack method in an unusual overlap of hacking activity.
π΄ Meet 5 Women Shaping Microsoft's Security Strategy π΄
π Read
via "Dark Reading: ".
Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.π Read
via "Dark Reading: ".
Darkreading
Meet 5 Women Shaping Microsoft's Security Strategy
Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.
β How to differentiate between spam and phishing emails? β
π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Estimated reading time: 3 minutesEmails today have become an integral part of our day-to-day life and this has made it a childβs play for spammers to lure people into opening fraudulent emails and attachments. Thus, while you are using emails for your everyday personal or official use, it is important to realize that the tech-savvy spammers can easily hack their way to your personal information, simply by means of emails. Thus, it is extremely important that you understand the difference between a spam email and a phishing email before you can access one. What is a spam email? A spam email is basically those hundreds and thousands of unsolicited emails that are sent out, solely with the purpose to sell a service or product. Spammers usually send such emails to a long list of recipients, in the hope that at least a few of them will respond back. The intention behind sending these spam emails is to simply lure recipients into buying dubious products or participate in fraudulent and quasi-legal schemes. Some of the most commonly circulated spam emails cover topics including β Lottery, Travel, Credit/Debit Card, Fake Antivirus, Bank Loan, etc. What is a phishing email? A phishing email on the other hand is a kind of spam email that is sent out specifically, to trick you into sharing your personal details like, debit/credit card details, bank account details, passwords, etc. Sharing your details through such phishing emails can lead to cases of financial fraud through identity theft. At times, these emails are specifically targeted to dig out personal information about your colleague or company. Such emails are referred to as spear-phishing targeted emails. The Difference!! The most significant differentiating factor between a spam and a phishing email is that spams are not meant to acquire sensitive user information. How to identify phishing emails? There is no rocket science behind identifying phishing emails. You just need to have an eye for few important details: Malicious Website Links β One of the most common types of phishing emails, is one containing link to a malicious website, disguised to look like a legitimate one. These can be in the form of login screens of banking websites. No sooner that you enter your username and password, your login details will get stolen providing the spammers easy access to your bank account. Infected Attachments β Phishing emails usually either of these two types of attachments: HTML Attachments β These are basically the infected .html files that exist in your inbox. Macros β These usually contain attached documents that can be opened only after you enable macros. As soon as you open any of these attached files or documents, you are bound to provide easy access to your system to the already waiting cyber criminals. Eye-Catching Subject-lines β One of the most common types of phishing emails are the ones containing subject-lines that seem too good to be true. Eg: Claim your winning amount of Rs. 10,000 or you have just received a $100 gift card from Amazon. The best way to prevent yourself from becoming a victim of such phishing email attacks, is to keep a check on the following things: Check the authenticity of the website before you decide to share any personal information online. Check website URL for spelling errors, changed domain name or language. Most often these are a clear give-away that the website may be malicious. Confirm the email ID requesting you for details, by directly calling the company. Such small initiatives on your part can play a critical role in protecting you and your system from malicious phishing attacks. This can also make it easy for you to differentiate between spam and phishing emails. The post How to differentiate between spam and phishing emails? appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Quick Heal Blog | Latest computer security news, tips, and advice
How to differentiate between spam and phishing emails?
Emails today have become an integral part of our day-to-day life and this has made it a childβs play for spammers to lure people into opening fraudulent emails and attachments. Thus, while you are using emails for your everyday personal or official use, itβ¦
β Update now! Microsoft fixes 49 bugs, 12 are critical β
π Read
via "Naked Security".
Microsoftβs October Patch Tuesday update made its scheduled appearance on Tuesday with fixes for 49 security flaws across its family of products, 12 of which are listed as βcriticalβ.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π The spectrum of threat actors π
π Read
via "Security on TechRepublic".
Akamai's Andy Ellis walks CNET's Dan Patterson down the winding path of where your passwords go after they are stolenπ Read
via "Security on TechRepublic".
TechRepublic
The spectrum of threat actors
Akamai's Andy Ellis walks CNET's Dan Patterson down the winding path of where your passwords go after they are stolen
π΄ Deep Dives: New Security Flaws in Apple and Microsoft products at Black Hat Europe π΄
π Read
via "Dark Reading: ".
With Black Hat Europe coming to London in a few months, organizers share three of the most promising Briefings slated for the December event.π Read
via "Dark Reading: ".
Darkreading
Deep Dives: New Security Flaws in Apple and Microsoft products at Black Hat Europe
With Black Hat Europe coming to London in a few months, organizers share three of the most promising Briefings slated for the December event.
β Jailbroken PS4 seller sued by Sony β
π Read
via "Naked Security".
The consoles allegedly sold on eBay by the California man were packed with over 60 pirated games.π Read
via "Naked Security".
Naked Security
Jailbroken PS4 seller sued by Sony
The consoles allegedly sold on eBay by the California man were packed with over 60 pirated games.
β Millions at risk from default webcam passwords β
π Read
via "Naked Security".
Hangzhou Xiongmai Technology Co.,Ltd (Xiongmai), the Chinese manufacturer that made many of the devices left vulnerable to Mirai, is back with another vulnerability that puts millions of devices across the world at risk yet again.π Read
via "Naked Security".
Naked Security
Millions at risk from default webcam passwords
Hangzhou Xiongmai Technology Co.,Ltd (Xiongmai), the Chinese manufacturer that made many of the devices left vulnerable to Mirai, is back with another vulnerability that puts millions of devices acβ¦
β Instagram tests sharing your location history with Facebook β
π Read
via "Naked Security".
Instagram is testing Facebook Location History - which allows the tracking of precise locations from your device - in its app.π Read
via "Naked Security".
Naked Security
Instagram tests sharing your location history with Facebook
Instagram is testing Facebook Location History β which allows the tracking of precise locations from your device β in its app.
β Calif. Law Takes Aim at Weak IoT Passwords β
π Read
via "The first stop for security news | Threatpost ".
Concerns over data privacy and security push California to roll out the first legislation on connected devices.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Calif. Law Takes Aim at Weak IoT Passwords
Concerns over data privacy and security push California to roll out the first legislation on connected devices.
β Fake Adobe Flash Updates Hide Malicious Crypto Miners β
π Read
via "The first stop for security news | Threatpost ".
A fake Adobe update actually updates victims' Flash - but also installs malicious cryptomining malware.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Fake Adobe Flash Updates Hide Malicious Crypto Miners
A fake Adobe update actually updates victimsβ Flash - but also installs malicious cryptomining malware.
π΄ The Better Way: Threat Analysis & IIoT Security π΄
π Read
via "Dark Reading: ".
Threat analysis offers a more nuanced and multidimensional approach than go/no-go patching in the Industrial Internet of Things. But first, vendors must agree on how they report and address vulnerabilities.π Read
via "Dark Reading: ".
Dark Reading
Perimeter recent news | Dark Reading
Explore the latest news and expert commentary on Perimeter, brought to you by the editors of Dark Reading
π Ohio taps college cybersecurity experts to audit election systems before 2018 midterms π
π Read
via "Security on TechRepublic".
Called 'Pathfinders,' these security officials are conducting risk assessments and mitigating vulnerabilities in voting systems.π Read
via "Security on TechRepublic".
TechRepublic
Ohio taps college cybersecurity experts to audit election systems before 2018 midterms
Called 'Pathfinders,' these security officials are conducting risk assessments and mitigating vulnerabilities in voting systems.
π΄ One-Third of US Adults Hit with Identity Theft π΄
π Read
via "Dark Reading: ".
That's double the global average and more than three times the rate of French and German adults.π Read
via "Dark Reading: ".
Dark Reading
One-Third of US Adults Hit with Identity Theft
That's double the global average and more than three times the rate of French and German adults.
β Adaptable, All-in-One Android Trojan Shows the Future of Malware β
π Read
via "The first stop for security news | Threatpost ".
GPlayed may be the new face of malware -- flexible and adaptable, with a Swiss Army knife-like toolbox that can be used to target pretty much anyone.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Adaptable, All-in-One Android Trojan Shows the Future of Malware
GPlayed may be the new face of malware β flexible and adaptable, with a Swiss Army knife-like toolbox that can be used to target pretty much anyone.
π΄ Not All Multifactor Authentication Is Created Equal π΄
π Read
via "Dark Reading: ".
Users should be aware of the strengths and weaknesses of the various MFA methods.π Read
via "Dark Reading: ".
Darkreading
Not All Multifactor Authentication Is Created Equal
Users should be aware of the strengths and weaknesses of the various MFA methods.
π΄ Google Adds New Identity, Security Tools to Cloud Platform π΄
π Read
via "Dark Reading: ".
A wave of cloud news includes new tools for identity and access management and policies for stronger controls on cloud resources.π Read
via "Dark Reading: ".
Dark Reading
Google Adds New Identity, Security Tools to Cloud Platform
A wave of cloud news includes new tools for identity and access management and policies for stronger controls on cloud resources.
β ThreatList: Credential Theft Spikes by Triple Digits in U.S. β
π Read
via "The first stop for security news | Threatpost ".
Meanwhile, the LokiPWS (a.k.a. Lokibot) malware family distribution is surging.π Read
via "The first stop for security news | Threatpost ".
Threat Post
ThreatList: Credential Theft Spikes by Triple Digits in U.S.
Meanwhile, the LokiPWS (a.k.a. Lokibot) malware family distribution is surging.
β New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors β
π Read
via "The first stop for security news | Threatpost ".
Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot.π Read
via "The first stop for security news | Threatpost ".
Threat Post
New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors
Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot.
β FitMetrix Exposes Millions of Customer Details, Accessed by Criminals β
π Read
via "The first stop for security news | Threatpost ".
Gym customer data, including contact information, birth dates and height/weight data, opens the door to convincing follow-on social-engineering attacks.π Read
via "The first stop for security news | Threatpost ".
Threat Post
FitMetrix Exposes Millions of Customer Details, Accessed by Criminals
Gym customer data, including contact information, birth dates and height/weight data, opens the door to convincing follow-on social-engineering attacks.