π Top 5 ways to maximize customer data security π
π Read
via "Security on TechRepublic".
Customers are starting to get the message that their data is valuable. Tom Merritt offers five suggestions to ensure your customers' data isn't vulnerable to attack.π Read
via "Security on TechRepublic".
TechRepublic
Top 5 ways to maximize customer data security
Customers are starting to get the message that their data is valuable. Tom Merritt offers five suggestions to ensure your customers' data isn't vulnerable to attack.
β New APT Could Signal Reemergence of Notorious Comment Crew β
π Read
via "The first stop for security news | Threatpost ".
A custom malware used in a five-pronged APT espionage campaign was largely built from the defunct Comment Crew's proprietary code.π Read
via "The first stop for security news | Threatpost ".
Threat Post
New APT Could Signal Reemergence of Notorious Comment Crew
A custom malware used in a five-pronged APT espionage campaign was largely built from the defunct Comment Crewβs proprietary code.
π΄ New Security Woes for Popular IoT Protocols π΄
π Read
via "Dark Reading: ".
Researchers at Black Hat Europe will detail denial-of-service and other flaws in MQTT, CoAP machine-to-machine communications protocols that imperil industrial and other IoT networks online.π Read
via "Dark Reading: ".
Dark Reading
New Security Woes for Popular IoT Protocols
Researchers at Black Hat Europe will detail denial-of-service and other flaws in MQTT, CoAP machine-to-machine communications protocols that imperil industrial and other IoT networks online.
π΄ How to Get Consumers to Forgive You for a Breach π΄
π Read
via "Dark Reading: ".
It starts with already-established trust, a new survey shows.π Read
via "Dark Reading: ".
Dark Reading
How to Get Consumers to Forgive You for a Breach
It starts with already-established trust, a new survey shows.
ATENTIONβΌ New - CVE-2015-4633
π Read
via "National Vulnerability Database".
Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the number parameter to opac-tags_subject.pl in the OPAC interface or (2) remote authenticated users to execute arbitrary SQL commands via the Filter or (3) Criteria parameter to reports/borrowers_out.pl in the Staff interface.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-4632
π Read
via "National Vulnerability Database".
Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-4631
π Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to inject arbitrary web script or HTML via the (1) tag parameter to opac-search.pl; the (2) value parameter to authorities/authorities-home.pl; the (3) delay parameter to acqui/lateorders.pl; the (4) authtypecode or (5) tagfield to admin/auth_subfields_structure.pl; the (6) tagfield parameter to admin/marc_subfields_structure.pl; the (7) limit parameter to catalogue/search.pl; the (8) bookseller_filter, (9) callnumber_filter, (10) EAN_filter, (11) ISSN_filter, (12) publisher_filter, or (13) title_filter parameter to serials/serials-search.pl; or the (14) author, (15) collectiontitle, (16) copyrightdate, (17) isbn, (18) manageddate_from, (19) manageddate_to, (20) publishercode, (21) suggesteddate_from, or (22) suggesteddate_to parameter to suggestion/suggestion.pl; or the (23) direction, (24) display or (25) addshelf parameter to opac-shelves.pl.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-4630
π Read
via "National Vulnerability Database".
Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack the authentication of administrators for requests that create a user via a request to members/memberentry.pl or (2) give a user superlibrarian permission via a request to members/member-flags.pl or (3) hijack the authentication of arbitrary users for requests that conduct cross-site scripting (XSS) attacks via the addshelf parameter to opac-shelves.pl.π Read
via "National Vulnerability Database".
β Apple privacy portal lets you see everything it knows about you β
π Read
via "Naked Security".
The Apple website's privacy and data area lets you download and correct your data.π Read
via "Naked Security".
Naked Security
Apple privacy portal lets you see everything it knows about you
The Apple websiteβs privacy and data area lets you download and correct your data.
β Serious D-Link router security flaws may never be patched β
π Read
via "Naked Security".
Six routers with serious security flaws are considered end of life (EOL) and may never be updated.π Read
via "Naked Security".
Naked Security
Serious D-Link router security flaws may never be patched
Six routers with serious security flaws are considered end of life (EOL) and may never be updated.
β βWe know you watch pornβ (and hereβs fake proofβ¦) [PODCAST] β
π Read
via "Naked Security".
Here's Episode 6 of the Naked Security podcast... enjoy!π Read
via "Naked Security".
Naked Security
βWe know you watch pornβ (and hereβs fake proofβ¦) [PODCAST]
Hereβs Episode 6 of the Naked Security podcastβ¦ enjoy!
π AI, cybersecurity shape the CIO agenda for 2019 as IT budgets rise π
π Read
via "Security on TechRepublic".
Companies are scaling digital transformation projects, but privacy remains a top concern, according to a Gartner report.π Read
via "Security on TechRepublic".
TechRepublic
AI, cybersecurity shape the CIO agenda for 2019 as IT budgets rise
Companies are scaling digital transformation projects, but privacy remains a top concern, according to a Gartner report.
β Trivial Post-Intrusion Attack Exploits Windows RID β
π Read
via "The first stop for security news | Threatpost ".
Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Trivial Post-Intrusion Attack Exploits Windows RID
Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.
π΄ Risky Business: Dark Reading Caption Contest Winners π΄
π Read
via "Dark Reading: ".
Phishing, anti-shoulder surfing, Russia and other hysterical identity management puns and comments. And the winners are ...π Read
via "Dark Reading: ".
Dark Reading
Endpoint Security recent news | Dark Reading
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading
π Why we need more cybersecurity workers right now π
π Read
via "Security on TechRepublic".
At the 2018 Grace Hopper Celebration, Katie Jenkins of Liberty Mutual explained how to attract more diverse candidates to cybersecurity roles.π Read
via "Security on TechRepublic".
TechRepublic
Why we need more cybersecurity workers right now
At the 2018 Grace Hopper Celebration, Katie Jenkins of Liberty Mutual explained how to attract more diverse candidates to cybersecurity roles.
β AWS FreeRTOS Bugs Allow Compromise of IoT Devices β
π Read
via "The first stop for security news | Threatpost ".
The bugs let hackers crash IoT devices, leak their information, and completely take them over.π Read
via "The first stop for security news | Threatpost ".
Threat Post
AWS FreeRTOS Bugs Allow Compromise of IoT Devices
The bugs let hackers crash IoT devices, leak their information, and completely take them over.
π Apple Pay: A cheat sheet π
π Read
via "Security on TechRepublic".
Apple Pay is a mobile payment solution that's accepted by millions of retailers in various countries. This guide covers what you need to know to use Apple Pay.π Read
via "Security on TechRepublic".
TechRepublic
Apple Pay: A cheat sheet
Apple Pay is a mobile payment solution that's accepted by millions of retailers in various countries. This guide covers what you need to know to use Apple Pay.
π΄ WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors π΄
π Read
via "Dark Reading: ".
A report by the Wall Street Journal points finger at group that is know to Facebook Security.π Read
via "Dark Reading: ".
Dark Reading
Application Security recent news | Dark Reading
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading
π΄ EU Takes Step Toward Cyberattack Sanctions π΄
π Read
via "Dark Reading: ".
European leaders complete first step toward establishing a sanctions regime.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading