π΄ Phishing Campaign Uses SharePoint to Slip Past Defenses π΄
π Read
via "Dark Reading: ".
Cybercriminals targeting financial institutions in the UK bypassed Symantec email gateway and other perimeter technologies.π Read
via "Dark Reading: ".
Darkreading
Phishing Campaign Uses SharePoint to Slip Past Defenses
Cybercriminals targeting financial institutions in the UK bypassed Symantec email gateway and other perimeter technologies.
β Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn β
π Read
via "Threatpost".
The zero-day vulnerability could enable privilege escalation, and is not part of Google's Android September security update.π Read
via "Threatpost".
Threat Post
Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn
The zero-day vulnerability could enable privilege escalation, and is not part of Google's Android September security update.
π΄ 5G Standard to Get New Security Specifications π΄
π Read
via "Dark Reading: ".
Researchers had recently demonstrated how attackers could intercept device capability information and use it against 5G mobile subscribers.π Read
via "Dark Reading: ".
Dark Reading
5G Standard to Get New Security Specifications
Researchers had recently demonstrated how attackers could intercept device capability information and use it against 5G mobile subscribers.
π΄ Meet FPGA: The Tiny, Powerful, Hackable Bit of Silicon at the Heart of IoT π΄
π Read
via "Dark Reading: ".
Field-Programmable Gate Arrays are flexible, agile-friendly components that populate many infrastructure and IoT devices -- and have recently become the targets of researchers finding vulnerabilities.π Read
via "Dark Reading: ".
Dark Reading
Meet FPGA: The Tiny, Powerful, Hackable Bit of Silicon at the Heart of IoT
Field-Programmable Gate Arrays are flexible, agile-friendly components that populate many infrastructure and IoT devices -- and have recently become the targets of researchers finding vulnerabilities.
β S2 Ep7: iPhone attack, Twitter hack and Android bots β Naked Security Podcast β
π Read
via "Naked Security".
Episode 7 of the Naked Security podcast is available now!π Read
via "Naked Security".
Naked Security
S2 Ep7: iPhone attack, Twitter hack and Android bots β Naked Security Podcast
Episode 7 of the Naked Security podcast is available now!
β Leaky Server Exposes 419M Phone Numbers of Facebook Users β
π Read
via "Threatpost".
Server lacked password protection and included multiple databases with records from the U.S., U.K. and Vietnam.π Read
via "Threatpost".
Threat Post
Leaky Server Exposes 419M Phone Numbers of Facebook Users
Server lacked password protection and included multiple databases with records from the U.S., U.K. and Vietnam.
β Author of record-setting IoT botnets pleads guilty β
π Read
via "Naked Security".
He kept working on new botnets (and swatting a co-conspirator-cum-competitor) while indicted and on supervised release.π Read
via "Naked Security".
Naked Security
Author of record-setting IoT botnets pleads guilty
He kept working on new botnets (and swatting a co-conspirator-cum-competitor) while indicted and on supervised release.
β Android gets September update as price of flaws soars β
π Read
via "Naked Security".
When is a security update not a security update? When itβs patching flaws in a version of an OS nobody beyond developers is yet running.π Read
via "Naked Security".
Naked Security
Android gets September update as price of flaws soars
When is a security update not a security update? When itβs patching flaws in a version of an OS nobody beyond developers is yet running.
π΄ It's Not Healthy to Confuse Compliance with Security π΄
π Read
via "Dark Reading: ".
Healthcare organizations should be alarmed by the frequency and severity of cyberattacks. Don't assume you're safe from them just because you're compliant with regulations.π Read
via "Dark Reading: ".
Dark Reading
It's Not Healthy to Confuse Compliance with Security
Healthcare organizations should be alarmed by the frequency and severity of cyberattacks. Don't assume you're safe from them just because you're compliant with regulations.
β Firefox wonβt follow Chromeβs anti-ad-blocker changes, says Mozilla β
π Read
via "Naked Security".
Mozilla has told developers not to fret - it won't follow Google in tweaking its browser to be unfriendly to ad blocking software.π Read
via "Naked Security".
Naked Security
Firefox wonβt follow Chromeβs anti-ad-blocker changes, says Mozilla
Mozilla has told developers not to fret β it wonβt follow Google in tweaking its browser to be unfriendly to ad blocking software.
β Scammers deepfake CEOβs voice to talk underling into $243,000 transfer β
π Read
via "Naked Security".
The voice had the hint of a German accent and the same βmelodyβ that a UK CEO recognized in his boss's voice.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Raspberry Pi blasted into space, sends back video of Earth β
π Read
via "Naked Security".
Got a Pi? Here's a cool project idea for you...π Read
via "Naked Security".
Naked Security
Raspberry Pi blasted into space, sends back video of Earth
Got a Pi? Hereβs a cool project idea for youβ¦
β $5.3M Ransomware Demand: Massachusetts City Says No Thanks β
π Read
via "Threatpost".
After being hit by a ransomware attack, Massachusetts city New Bedford faced a payout demand of more than $5 million - one of the latest known ransoms ever.π Read
via "Threatpost".
Threat Post
$5.3M Ransomware Demand: Massachusetts City Says No Thanks
After being hit by a ransomware attack, Massachusetts city New Bedford faced a payout demand of more than $5 million - one of the latest known ransoms ever.
π΄ 419M Facebook User Phone Numbers Publicly Exposed π΄
π Read
via "Dark Reading: ".
It's still unclear who owned the server storing hundreds of millions of records online without a password.π Read
via "Dark Reading: ".
Dark Reading
419M Facebook User Phone Numbers Publicly Exposed
It's still unclear who owned the server storing hundreds of millions of records online without a password.
ATENTIONβΌ New - CVE-2018-18370 (advanced_secure_gateway, proxysg)
π Read
via "National Vulnerability Database".
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2.π Read
via "National Vulnerability Database".
π΄ Crimeware: How Criminals Built a Business to Target Businesses π΄
π Read
via "Dark Reading: ".
A new report investigates the evolution of crimeware, how businesses underestimate the threat, and why they should be concerned.π Read
via "Dark Reading: ".
Darkreading
Crimeware: How Criminals Built a Business to Target Businesses
A new report investigates the evolution of crimeware, how businesses underestimate the threat, and why they should be concerned.
π DoD To Launch New IP Policy Group π
π Read
via "Subscriber Blog RSS Feed ".
The team will be tasked with better protecting U.S. IP from data theft; it will also issue and oversee new policies around data rights and how military IP is allocated in the DoD's contracting and acquisition stages.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
DoD To Launch New IP Policy Group
The team will be tasked with better protecting U.S. IP from data theft; it will also issue and oversee new policies around data rights and how military IP is allocated in the DoD's contracting and acquisition stages.
π΄ Automation: Friend of the SOC Analyst π΄
π Read
via "Dark Reading: ".
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs.π Read
via "Dark Reading: ".
Darkreading
Automation: Friend of the SOC Analyst
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs.
ATENTIONβΌ New - CVE-2018-11569
π Read
via "National Vulnerability Database".
Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data. Fixed in version 3.5.2.π Read
via "National Vulnerability Database".
π΄ Attackers Hit Ceiling in Ransomware Demands π΄
π Read
via "Dark Reading: ".
New Bedford, Massachusetts' refusal to pay a $5.3 million ransom highlights how victim towns and cities may be hitting the limit to what they're willing to spend to speed recovery.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading