π΄ 419M Facebook User Phone Numbers Publicly Exposed π΄
π Read
via "Dark Reading: ".
It's still unclear who owned the server storing hundreds of millions of records online without a password.π Read
via "Dark Reading: ".
Dark Reading
419M Facebook User Phone Numbers Publicly Exposed
It's still unclear who owned the server storing hundreds of millions of records online without a password.
ATENTIONβΌ New - CVE-2018-18370 (advanced_secure_gateway, proxysg)
π Read
via "National Vulnerability Database".
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web listing of a remote FTP server. Exploiting the vulnerability requires the attacker to be able to upload crafted files to the remote FTP server. Affected versions: ASG 6.6 and 6.7 prior to 6.7.4.2; ProxySG 6.5 prior to 6.5.10.15, 6.6, and 6.7 prior to 6.7.4.2.π Read
via "National Vulnerability Database".
π΄ Crimeware: How Criminals Built a Business to Target Businesses π΄
π Read
via "Dark Reading: ".
A new report investigates the evolution of crimeware, how businesses underestimate the threat, and why they should be concerned.π Read
via "Dark Reading: ".
Darkreading
Crimeware: How Criminals Built a Business to Target Businesses
A new report investigates the evolution of crimeware, how businesses underestimate the threat, and why they should be concerned.
π DoD To Launch New IP Policy Group π
π Read
via "Subscriber Blog RSS Feed ".
The team will be tasked with better protecting U.S. IP from data theft; it will also issue and oversee new policies around data rights and how military IP is allocated in the DoD's contracting and acquisition stages.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
DoD To Launch New IP Policy Group
The team will be tasked with better protecting U.S. IP from data theft; it will also issue and oversee new policies around data rights and how military IP is allocated in the DoD's contracting and acquisition stages.
π΄ Automation: Friend of the SOC Analyst π΄
π Read
via "Dark Reading: ".
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs.π Read
via "Dark Reading: ".
Darkreading
Automation: Friend of the SOC Analyst
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs.
ATENTIONβΌ New - CVE-2018-11569
π Read
via "National Vulnerability Database".
Controller/ListController.php in Eventum 3.5.0 is vulnerable to Deserialization of Untrusted Data. Fixed in version 3.5.2.π Read
via "National Vulnerability Database".
π΄ Attackers Hit Ceiling in Ransomware Demands π΄
π Read
via "Dark Reading: ".
New Bedford, Massachusetts' refusal to pay a $5.3 million ransom highlights how victim towns and cities may be hitting the limit to what they're willing to spend to speed recovery.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ New Technique Makes Passwords 14M Percent Harder to Crack, Nonprofit Claims π΄
π Read
via "Dark Reading: ".
Tide's method for protecting passwords splinters them up into tiny pieces and stores them on distributed nodes.π Read
via "Dark Reading: ".
Dark Reading
New Technique Makes Passwords 14M Percent Harder to Crack, Nonprofit Claims
Tide's method for protecting passwords splinters them up into tiny pieces and stores them on distributed nodes.
π How to sign into your Microsoft Account website without a password π
π Read
via "Security on TechRepublic".
Learn how to sign in to your Microsoft Account site using your fingerprint, face, or a physical security key via Chrome, Firefox, or Microsoft Edge.π Read
via "Security on TechRepublic".
β FunkyBot Malware Intercepts Android Texts, 2FA Codes β
π Read
via "Threatpost".
The spyware poses as a legitimate application, spreading via SMS messages to victims' contact lists.π Read
via "Threatpost".
Threat Post
FunkyBot Malware Intercepts Android Texts, 2FA Codes
The spyware poses as a legitimate application, spreading via SMS messages to victims' contact lists.
β Joker Spyware Found in 24 Google Play Apps β
π Read
via "Threatpost".
Google has kicked 24 apps off of its official Android app marketplace after spyware was discovered in them.π Read
via "Threatpost".
Threat Post
Joker Spyware Found in 24 Google Play Apps
Google has kicked 24 apps off of its official Android app marketplace after spyware was discovered in them.
π΄ Security Pros and 'Black Hats' Agree on Most Tempting Targets π΄
π Read
via "Dark Reading: ".
Malicious actors look for accounts that are springboards to other systems, according to nearly 300 attendees of Black Hat USA.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Twitter slaps back SMS texting after @Jack hijacking β
π Read
via "Naked Security".
Two problems, Twitter says: vulnerabilities that mobile carriers need to fix & its reliance on linked numbers for 2FA.π Read
via "Naked Security".
Naked Security
Twitter turns off SMS texting after @Jack hijacking
Two problems, Twitter says: vulnerabilities that mobile carriers need to fix & its reliance on linked numbers for 2FA.
π΄ 8 Ways To Spot an Insider Threat π΄
π Read
via "Dark Reading: ".
The good news is most insider threats derive from negligence, not malicious intent. The bad news is the frequency of negligence is already ahead of where it was in 2018.π Read
via "Dark Reading: ".
Dark Reading
8 Ways To Spot an Insider Threat
The good news is most insider threats derive from negligence, not malicious intent. The bad news is the frequency of negligence is already ahead of where it was in 2018.
β Facebook, Microsoft Challenge Industry to Detect, Prevent βDeepfakesβ β
π Read
via "Threatpost".
Deepfake Detection Challenge aims to spur creation of technology to combat AI used for creating altered videos that intentionally mislead viewers.π Read
via "Threatpost".
Threat Post
Facebook, Microsoft Challenge Industry to Detect, Prevent βDeepfakesβ
Deepfake Detection Challenge aims to spur creation of technology to combat AI used for creating altered videos that intentionally mislead viewers.
β Facebook expands use of face recognition β
π Read
via "Naked Security".
Facebook's replaced "tag suggestions" with "face recognition" - a setting Facebook says may help to save us from identity thieves.π Read
via "Naked Security".
Naked Security
Facebook expands use of face recognition
Facebookβs replaced βtag suggestionsβ with βface recognitionβ β a setting Facebook says may help to save us from identity thieves.
β YouTube fined $170m for covertly tracking kids online β
π Read
via "Naked Security".
YouTube can't track kids online anymore without their parents' permission, says the FTC, as it fined the Google-subsidiary $170m.π Read
via "Naked Security".
Naked Security
YouTube fined $170m for covertly tracking kids online
YouTube canβt track kids online anymore without their parentsβ permission, says the FTC, as it fined the Google-subsidiary $170m.
β Database exposed 133 million US Facebook usersβ phone numbers β
π Read
via "Naked Security".
Facebook confirmed the breach, claiming that the total number of users in the database was 210 million.π Read
via "Naked Security".
Naked Security
Database exposed 133 million US Facebook usersβ phone numbers
Facebook confirmed the breach, claiming that the total number of users in the database was 210 million.
π How to manage your Windows computers and devices π
π Read
via "Security on TechRepublic".
Learn how to add, remove, and otherwise manage your Windows 10 devices at your Microsoft Account site.π Read
via "Security on TechRepublic".
π΄ Why Businesses Fail to Address DNS Security Exposures π΄
π Read
via "Dark Reading: ".
Increasing awareness about the critical importance of DNS security is the first step in improving the risk of being attacked. It's time to get proactive.π Read
via "Dark Reading: ".
Darkreading
Why Businesses Fail to Address DNS Security Exposures
Increasing awareness about the critical importance of DNS security is the first step in improving the risk of being attacked. It's time to get proactive.
π΄ Job-Seeker Data Exposed in Monster File Leak π΄
π Read
via "Dark Reading: ".
The job website says it cannot notify users since the exposure occurred on a third-party organization's servers.π Read
via "Dark Reading: ".
Darkreading
Job-Seeker Data Exposed in Monster File Leak
The job website says it cannot notify users since the exposure occurred on a third-party organization's servers.