β Virus Bulletin 2019: Japanese Attacks Highlight Savvy APT Strategy β
π Read
via "Threatpost".
Multiyear campaigns stretching back to at least 2014 have been seen using zero-days in region-specific software.π Read
via "Threatpost".
Threat Post
Virus Bulletin 2019: Japanese Attacks Highlight Savvy APT Strategy
Multiyear campaigns stretching back to at least 2014 have been seen using zero-days in region-specific software.
π΄ Google's 'Password Checkup' Tool Tells You When Passwords Are Leaked π΄
π Read
via "Dark Reading: ".
The feature will check the strength of saved passwords and alert users when they're compromised in a breach.π Read
via "Dark Reading: ".
Dark Reading
Google's 'Password Checkup' Tool Tells You When Passwords Are Leaked
The feature will check the strength of saved passwords and alert users when they're compromised in a breach.
β Virus Bulletin 2019: Geost Android Botnet Goes After Millions of Euros β
π Read
via "Threatpost".
Bad OpSec led to the botnet's discovery -- revealing 800,000 victims in Russia.π Read
via "Threatpost".
Threat Post
Virus Bulletin 2019: Geost Android Botnet Goes After Millions of Euros
Bad OpSec led to the botnet's discovery β revealing 800,000 victims in Russia.
π΄ Quantum-Safe Cryptography: The Time to Prepare Is Now π΄
π Read
via "Dark Reading: ".
Quantum computing is real and it's evolving fast. Is the security industry up to the challenge?π Read
via "Dark Reading: ".
Darkreading
Quantum-Safe Cryptography: The Time to Prepare Is Now
Quantum computing is real and it's evolving fast. Is the security industry up to the challenge?
π Employee Accessed, Abused Customer Data at American Express π
π Read
via "Subscriber Blog RSS Feed ".
An employee - since terminated - at the financial services corporation is being investigated for fraud after accessing and stealing cardholder data.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Employee Accessed, Abused Customer Data at American Express
An employee - since terminated - at the financial services corporation is being investigated for fraud after accessing and stealing cardholder data.
β Why This New Cybergang is Heralding a New Age For BEC β
π Read
via "Threatpost".
Cybergang Silent Starling is taking BEC to the next level by targeting suppliers and going after their customers.π Read
via "Threatpost".
Threat Post
Why This New Cybergang is Heralding a New Age For BEC
Cybergang Silent Starling is taking BEC to the next level by targeting suppliers and going after their customers.
π΄ New Silent Starling Attack Group Puts Spin on BEC π΄
π Read
via "Dark Reading: ".
The West African cybergang has successfully infiltrated more than 500 companies using a tactic dubbed 'vendor email compromise.'π Read
via "Dark Reading: ".
Darkreading
New Silent Starling Attack Group Puts Spin on BEC
The West African cybergang has successfully infiltrated more than 500 companies using a tactic dubbed 'vendor email compromise.'
π΄ Millions More Embedded Devices Contain Vulnerable IPnet Software π΄
π Read
via "Dark Reading: ".
FDA, DHS issue fresh warnings on easily exploitable URGENT/11 flaws in medical, SCADA systems, industrial controllers, and other devices.π Read
via "Dark Reading: ".
Dark Reading
Millions More Embedded Devices Contain Vulnerable IPnet Software
FDA, DHS issue fresh warnings on easily exploitable URGENT/11 flaws in medical, SCADA systems, industrial controllers, and other devices.
π PDFGrab 0.4.4 π
π Go!
via "Security Tool Files β Packet Storm".
pdfgrab is a python script that analyzes pdf files to extract their metadata. You can direct it to analyze a single file, a directory of pdfs, provide it a url, or have it leverage googlesearch to get pdfs at a target site.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
PDFGrab 0.4.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Clam AntiVirus Toolkit 0.102.0 π
π Go!
via "Security Tool Files β Packet Storm".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Clam AntiVirus Toolkit 0.102.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2019-10212
π Read
via "National Vulnerability Database".
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.π Read
via "National Vulnerability Database".
β Zendesk Exposes 10,000 Accounts to Unknown Third Party β
π Read
via "Threatpost".
Zendesk says access occurred in 2016 and that only a small percentage of customers were impacted.π Read
via "Threatpost".
Threat Post
Zendesk Exposes 10,000 Accounts to Unknown Third Party
Zendesk says access occurred in 2016 and that only a small percentage of customers were impacted.
π΄ Stalkware on the Rise Globally π΄
π Read
via "Dark Reading: ".
Stalkware is being installed on more and more victims' devices, and the trend is only accelerating, according to a new report.π Read
via "Dark Reading: ".
Darkreading
Stalkerware on the Rise Globally
Stalkware is being installed on more and more victims' devices, and the trend is only accelerating, according to a new report.
β Ransomware attacks paralyze, and sometimes crush, hospitals β
π Read
via "Naked Security".
New attacks on the perennially besieged sector have crippled hospitals in the US and Australia and caused one health clinic to shut down.π Read
via "Naked Security".
Naked Security
Ransomware attacks paralyze, and sometimes crush, hospitals
New attacks on the perennially besieged sector have crippled hospitals in the US and Australia and caused one health clinic to shut down.
π΄ How the City of Angels Is Tackling Cyber Devilry π΄
π Read
via "Dark Reading: ".
A new mobile app makes a cybersecurity threat lab available to more small businesses in Los Angeles.π Read
via "Dark Reading: ".
Dark Reading
How the City of Angels Is Tackling Cyber Devilry
A new mobile app makes a cybersecurity threat lab available to more small businesses in Los Angeles.
β Googleβs Password Manager now checks for breached credentials β
π Read
via "Naked Security".
Google has taken the next step in its strategy to secure users' passwords. The search giant has taken a password-checking feature released in February as an extension to its Chrome browser and embedded it directly into its password manager service.π Read
via "Naked Security".
Naked Security
Googleβs Password Manager now checks for breached credentials
Google has taken the next step in its strategy to secure usersβ passwords. The search giant has taken a password-checking feature released in February as an extension to its Chrome browser anβ¦
π΄ Cartoon Contest: Second Wind π΄
π Read
via "Dark Reading: ".
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading: ".
Dark Reading
Cartoon Contest: Second Wind
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
β PDF encryption standard weaknesses uncovered β
π Read
via "Naked Security".
Researchers have discovered weaknesses in PDF encryption which could be exploited to reveal the plaintext contents of a file to an attacker.π Read
via "Naked Security".
Naked Security
PDF encryption standard weaknesses uncovered
Researchers have discovered weaknesses in PDF encryption which could be exploited to reveal the plaintext contents of a file to an attacker.
β No federal privacy law will make it in the US this year, sources say β
π Read
via "Naked Security".
Without one, the companies that collect our data will likely face compliance with California's take-no-prisoners law, in effect 1 January 2020.π Read
via "Naked Security".
Naked Security
No federal privacy law will make it in the US this year, sources say
Without one, the companies that collect our data will likely face compliance with Californiaβs take-no-prisoners law, in effect 1 January 2020.
β WhatsApp Flaw Opens Android Devices to Remote Code Execution β
π Read
via "Threatpost".
A double-free bug could allow an attacker to achieve remote code execution; users are encouraged to update to a patched version of the messaging app.π Read
via "Threatpost".
Threat Post
WhatsApp Flaw Opens Android Devices to Remote Code Execution
A double-free bug could allow an attacker to achieve remote code execution; users encouraged to update to patched version of messaging app.
π΄ How FISMA Requirements Relate to Firmware Security π΄
π Read
via "Dark Reading: ".
Federal guidelines can help all organizations pragmatically and meaningfully improve their firmware security.π Read
via "Dark Reading: ".
Darkreading
How FISMA Requirements Relate to Firmware Security
Federal guidelines can help all organizations pragmatically and meaningfully improve their firmware security.