ATENTIONβΌ New - CVE-2015-9392
π Read
via "National Vulnerability Database".
The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter.π Read
via "National Vulnerability Database".
π Friday Five: 9/20 Edition π
π Read
via "Subscriber Blog RSS Feed ".
A popular password manager fixes a bug, a 20 million person breach, and more - catch up on the week's infosec and privacy news with this week's Friday Five!π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 9/20 Edition
A popular password manager fixes a bug, a 20 million person breach, and more - catch up on the week's infosec and privacy news with this week's Friday Five!
π΄ Ransomware Strikes 49 School Districts & Colleges in 2019 π΄
π Read
via "Dark Reading: ".
The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.π Read
via "Dark Reading: ".
Darkreading
Ransomware Strikes 49 School Districts & Colleges in 2019
The education sector has seen 10 new victims in the past nine days alone, underscoring a consistent trend throughout 2019.
β Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica β
π Read
via "Threatpost".
Facebook said it has suspended and banned tens of thousands of apps on its platform after its investigation, launched after Cambridge Analytica, into how they collect and use data.π Read
via "Threatpost".
Threat Post
Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica
Facebook said it has suspended and banned tens of thousands of apps on its platform after its investigation, launched after Cambridge Analytica, into how they collect and use data.
π How to avoid the dreaded Video4Linux flaw in Android π
π Read
via "Security on TechRepublic".
With Google dragging its feet on the fix for Video4Linux, you might consider revoking camera permissions for certain apps.π Read
via "Security on TechRepublic".
TechRepublic
How to avoid the dreaded Video4Linux flaw in Android
With Google dragging its feet on the fix for Video4Linux, you might consider revoking camera permissions for certain apps.
π΄ HP Purchases Security Startup Bromium π΄
π Read
via "Dark Reading: ".
The purchase will bring new isolation and threat intelligence capabilities to the HP portfolio.π Read
via "Dark Reading: ".
Dark Reading
HP Purchases Security Startup Bromium
The purchase will bring new isolation and threat intelligence capabilities to the HP portfolio.
π Web-Based Firewall Logging Tool 1.1.2 π
π Go!
via "Security Tool Files β Packet Storm".
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Web-Based Firewall Logging Tool 1.1.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Wireshark Analyzer 3.0.5 π
π Go!
via "Security Tool Files β Packet Storm".
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Wireshark Analyzer 3.0.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2015-9406
π Read
via "National Vulnerability Database".
Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-10397
π Read
via "National Vulnerability Database".
The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to lib/scripts/download.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-10396
π Read
via "National Vulnerability Database".
The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file parameter to includes/download.php.π Read
via "National Vulnerability Database".
π΄ 7 Ways VPNs Can Turn from Ally to Threat π΄
π Read
via "Dark Reading: ".
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.π Read
via "Dark Reading: ".
Dark Reading
7 Ways VPNs Can Turn from Ally to Threat
VPNs are critical pieces of the security infrastructure, but they can be vulnerable, hackable, and weaponized against you. Here are seven things to be aware of before you ignore your VPN.
β Monday review β the hot 22 stories of the week β
π Read
via "Naked Security".
From the Simjacker phone hack to IBM's cloud-based quantum computer - and everything in between. It's the weekly security roundup.π Read
via "Naked Security".
Naked Security
Monday review β the hot 22 stories of the week
From the Simjacker phone hack to IBMβs cloud-based quantum computer β and everything in between. Itβs the weekly security roundup.
β WannaCry β and why it never went away β
π Read
via "Naked Security".
WannaCry still hasn't died out, more than two years after the original attack. We went live to find out why...π Read
via "Naked Security".
Naked Security
WannaCry β and why it never went away
WannaCry still hasnβt died out, more than two years after the original attack. We went live to find out whyβ¦
β Two charged with tech-support scamming the elderly for $10m β
π Read
via "Naked Security".
The tech-support scammers were allegedly part of a network of crooks in the US and India who conned about 7,500 victims.π Read
via "Naked Security".
Naked Security
Two charged with tech-support scamming the elderly for $10m
The tech-support scammers were allegedly part of a network of crooks in the US and India who conned about 7,500 victims.
β Could EarEcho change the way we authenticate our phones? β
π Read
via "Naked Security".
Researchers have discovered a way to use wireless earbuds as a biometric authentication system.π Read
via "Naked Security".
Naked Security
Could EarEcho change the way we authenticate our phones?
Researchers have discovered a way to use wireless earbuds as a biometric authentication system.
β Google pulls more fake adblockers from Chrome Web Store β
π Read
via "Naked Security".
Google has again been reprimanded for not spotting fake extensions impersonating popular brands in its Chrome Web Store.π Read
via "Naked Security".
Naked Security
Google pulls more fake adblockers from Chrome Web Store
Google has again been reprimanded for not spotting fake extensions impersonating popular brands in its Chrome Web Store.
π΄ 'Playing Around' Can Teach Serious Security Lessons π΄
π Read
via "Dark Reading: ".
A project intended to move a small robot around a hazardous board teaches some solid security lessons.π Read
via "Dark Reading: ".
Dark Reading
'Playing Around' Can Teach Serious Security Lessons
A project intended to move a small robot around a hazardous board teaches some solid security lessons.
β Investors accuse FedEx of lying, stock dumping after NotPetya attack β
π Read
via "Naked Security".
This is the second such suit, with shareholders asking why execs sold $40m+ of their shares while downplaying the ransomware attack.π Read
via "Naked Security".
Naked Security
Investors accuse FedEx of lying, stock dumping after NotPetya attack
This is the second such suit, with shareholders asking why execs sold $40m+ of their shares while downplaying the ransomware attack.
β 200K Sign Petition Against Equifax Data Breach Settlement β
π Read
via "Threatpost".
A Change.org petition is demanding stronger accountability for Equifax in the 2017 leak that affected 150 million customers.π Read
via "Threatpost".
Threat Post
200K Sign Petition Against Equifax Data Breach Settlement
A Change.org petition is demanding stronger accountability for Equifax in the 2017 leak that affected 150 million customers.
π΄ How Network Logging Mitigates Legal Risk π΄
π Read
via "Dark Reading: ".
Logging that is turned on, captured, and preserved immediately after a cyber event is proof positive that personal data didn't fall into the hands of a cybercriminal.π Read
via "Dark Reading: ".
Dark Reading
How Network Logging Mitigates Legal Risk
Logging that is turned on, captured, and preserved immediately after a cyber event is proof positive that personal data didn't fall into the hands of a cybercriminal.