β vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach β
π Read
via "Threatpost".
A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum -- data that researchers say could be used for blackmail.π Read
via "Threatpost".
Threat Post
vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach
A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum β data that researchers say could be used for blackmail.
π΄ Imperva Details Response to Customer Database Exposure π΄
π Read
via "Dark Reading: ".
The cloud security's CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts.π Read
via "Dark Reading: ".
Darkreading
Imperva Details Response to Customer Database Exposure
The cloud security's CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts.
π΄ AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security π΄
π Read
via "Dark Reading: ".
π Read
via "Dark Reading: ".
Dark Reading
AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security
Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.
π΄ iTunes Zero-Day Exploited to Deliver BitPaymer π΄
π Read
via "Dark Reading: ".
The ransomware operators targeted an "unquoted path" vulnerability in iTunes for Windows to evade detection and install BitPaymer.π Read
via "Dark Reading: ".
Darkreading
iTunes Zero-Day Exploited to Deliver BitPaymer
The ransomware operators targeted an "unquoted path" vulnerability in iTunes for Windows to evade detection and install BitPaymer.
β Apple removes app that tracks Hong Kong police and protestors β
π Read
via "Naked Security".
Apple was under fire this week after banning an app that tracked the location of both police and protesters in Hong Kong on a live map.π Read
via "Naked Security".
Naked Security
Apple removes app that tracks Hong Kong police and protestors
Apple was under fire this week after banning an app that tracked the location of both police and protesters in Hong Kong on a live map.
β Facebook flags thousands of kids as interested in gambling, booze β
π Read
via "Naked Security".
According to a new report, its algorithmic labelling may expose minors to age-inappropriate, targeted advertising.π Read
via "Naked Security".
Naked Security
Facebook flags thousands of kids as interested in gambling, booze
According to a new report, its algorithmic labelling may expose minors to age-inappropriate, targeted advertising.
β Hackers bypassing some types of 2FA security FBI warns β
π Read
via "Naked Security".
Some types of 2FA security can no longer be guaranteed to keep the bad guys out, the FBI warned US companies.π Read
via "Naked Security".
Naked Security
Hackers bypassing some types of 2FA security FBI warns
Some types of 2FA security can no longer be guaranteed to keep the bad guys out, the FBI warned US companies.
β Most Americans donβt have a clue what https:// means β
π Read
via "Naked Security".
...and wouldn't know 2FA from a hole in the ground, according to Pew Research.π Read
via "Naked Security".
Naked Security
Most Americans donβt have a clue what https:// means
β¦and wouldnβt know 2FA from a hole in the ground, according to Pew Research.
ATENTIONβΌ New - CVE-2010-5340
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5339
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5338
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5337
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5336
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5335
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (script to basic/minimizer/index.php) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5334
π Read
via "National Vulnerability Database".
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files.π Read
via "National Vulnerability Database".
β Iran-Linked βCharming Kittenβ Touts New Spearphishing Tactics β
π Read
via "Threatpost".
A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumpβs 2020 re-election campaign.π Read
via "Threatpost".
Threat Post
Iran-Linked βCharming Kittenβ Touts New Spearphishing Tactics
A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trumpβs 2020 re-election campaign.
π΄ Close the Gap Between Cyber-Risk and Business Risk π΄
π Read
via "Dark Reading: ".
Four steps outlining how security teams can better understand their company's cyber-risk and demonstrate to company leadership what's being done to mitigate the resulting business risk.π Read
via "Dark Reading: ".
Darkreading
Close the Gap Between Cyber-Risk and Business Risk
Four steps outlining how security teams can better understand their company's cyber-risk and demonstrate to company leadership what's being done to mitigate the resulting business risk.
π΄ Creative Wi-Fi Passwords π΄
π Read
via "Dark Reading: ".
Let's see a hacker figure out one of these.π Read
via "Dark Reading: ".
Dark Reading
Creative Wi-Fi Passwords
Let's see a hacker figure out one of these.
β S2 Ep12: Dark Web, O.MG Cable spying and securing new laptops β Naked Security Podcast β
π Read
via "Naked Security".
Listen to the latest episode now!π Read
via "Naked Security".
Naked Security
S2 Ep12: Dark Web, O.MG Cable spying and securing new laptops β Naked Security Podcast
Listen to the latest episode now!
π΄ Build Your Cybersecurity Toolkit at Black Hat Europe in December π΄
π Read
via "Dark Reading: ".
Now's the time to start planning what to see and do at Black Hat Europe, which is jam-packed with relevant Briefings and Arsenal demos.π Read
via "Dark Reading: ".
Dark Reading
Build Your Cybersecurity Toolkit at Black Hat Europe in December
Now's the time to start planning what to see and do at Black Hat Europe, which is jam-packed with relevant Briefings and Arsenal demos.
π How to enable SSH session recording in CentOS 8 π
π Read
via "Security on TechRepublic".
Learn how to enable SSH session recording in CentOS 8.π Read
via "Security on TechRepublic".
TechRepublic
How to enable SSH session recording in CentOS 8
Learn how to enable SSH session recording in CentOS 8.