ATENTIONβΌ New - CVE-2015-4630
π Read
via "National Vulnerability Database".
Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack the authentication of administrators for requests that create a user via a request to members/memberentry.pl or (2) give a user superlibrarian permission via a request to members/member-flags.pl or (3) hijack the authentication of arbitrary users for requests that conduct cross-site scripting (XSS) attacks via the addshelf parameter to opac-shelves.pl.π Read
via "National Vulnerability Database".
β Apple privacy portal lets you see everything it knows about you β
π Read
via "Naked Security".
The Apple website's privacy and data area lets you download and correct your data.π Read
via "Naked Security".
Naked Security
Apple privacy portal lets you see everything it knows about you
The Apple websiteβs privacy and data area lets you download and correct your data.
β Serious D-Link router security flaws may never be patched β
π Read
via "Naked Security".
Six routers with serious security flaws are considered end of life (EOL) and may never be updated.π Read
via "Naked Security".
Naked Security
Serious D-Link router security flaws may never be patched
Six routers with serious security flaws are considered end of life (EOL) and may never be updated.
β βWe know you watch pornβ (and hereβs fake proofβ¦) [PODCAST] β
π Read
via "Naked Security".
Here's Episode 6 of the Naked Security podcast... enjoy!π Read
via "Naked Security".
Naked Security
βWe know you watch pornβ (and hereβs fake proofβ¦) [PODCAST]
Hereβs Episode 6 of the Naked Security podcastβ¦ enjoy!
π AI, cybersecurity shape the CIO agenda for 2019 as IT budgets rise π
π Read
via "Security on TechRepublic".
Companies are scaling digital transformation projects, but privacy remains a top concern, according to a Gartner report.π Read
via "Security on TechRepublic".
TechRepublic
AI, cybersecurity shape the CIO agenda for 2019 as IT budgets rise
Companies are scaling digital transformation projects, but privacy remains a top concern, according to a Gartner report.
β Trivial Post-Intrusion Attack Exploits Windows RID β
π Read
via "The first stop for security news | Threatpost ".
Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Trivial Post-Intrusion Attack Exploits Windows RID
Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.
π΄ Risky Business: Dark Reading Caption Contest Winners π΄
π Read
via "Dark Reading: ".
Phishing, anti-shoulder surfing, Russia and other hysterical identity management puns and comments. And the winners are ...π Read
via "Dark Reading: ".
Dark Reading
Endpoint Security recent news | Dark Reading
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading
π Why we need more cybersecurity workers right now π
π Read
via "Security on TechRepublic".
At the 2018 Grace Hopper Celebration, Katie Jenkins of Liberty Mutual explained how to attract more diverse candidates to cybersecurity roles.π Read
via "Security on TechRepublic".
TechRepublic
Why we need more cybersecurity workers right now
At the 2018 Grace Hopper Celebration, Katie Jenkins of Liberty Mutual explained how to attract more diverse candidates to cybersecurity roles.
β AWS FreeRTOS Bugs Allow Compromise of IoT Devices β
π Read
via "The first stop for security news | Threatpost ".
The bugs let hackers crash IoT devices, leak their information, and completely take them over.π Read
via "The first stop for security news | Threatpost ".
Threat Post
AWS FreeRTOS Bugs Allow Compromise of IoT Devices
The bugs let hackers crash IoT devices, leak their information, and completely take them over.
π Apple Pay: A cheat sheet π
π Read
via "Security on TechRepublic".
Apple Pay is a mobile payment solution that's accepted by millions of retailers in various countries. This guide covers what you need to know to use Apple Pay.π Read
via "Security on TechRepublic".
TechRepublic
Apple Pay: A cheat sheet
Apple Pay is a mobile payment solution that's accepted by millions of retailers in various countries. This guide covers what you need to know to use Apple Pay.
π΄ WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors π΄
π Read
via "Dark Reading: ".
A report by the Wall Street Journal points finger at group that is know to Facebook Security.π Read
via "Dark Reading: ".
Dark Reading
Application Security recent news | Dark Reading
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading
π΄ EU Takes Step Toward Cyberattack Sanctions π΄
π Read
via "Dark Reading: ".
European leaders complete first step toward establishing a sanctions regime.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ Google Patch to Block Spectre Slowdown in Windows 10 π΄
π Read
via "Dark Reading: ".
Microsoft will incorporate Google's Retpoline patch to prevent Spectre Variant 2 from slowing down its operating system.π Read
via "Dark Reading: ".
Dark Reading
Endpoint Security recent news | Dark Reading
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading
β Two Critical RCE Bugs Patched in Drupal 7 and 8 β
π Read
via "The first stop for security news | Threatpost ".
Drupal's advisory also included three patches for "moderately critical" bugs.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Two Critical RCE Bugs Patched in Drupal 7 and 8
Drupalβs advisory also included three patches for βmoderately criticalβ bugs.
β Monday review β the hot 20 stories of the week β
π Read
via "Naked Security".
From a serious libssh bug to the sextortionists that spoof your email address, and all the stories in between. Catch up with everything we've written in the last seven days - it's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 20 stories of the week
From a serious libssh bug to the sextortionists that spoof your email address, and all the stories in between. Catch up with everything weβve written in the last seven days β itβsβ¦
β Maker of LuminosityLink RAT gets 30 months in the clink β
π Read
via "Naked Security".
Prosecutors said that the 21-year-old LuminosityLink author had no respect for the law and showed contempt for moral rules and social norms.π Read
via "Naked Security".
Naked Security
Maker of LuminosityLink RAT gets 30 months in the clink
Prosecutors said that the 21-year-old LuminosityLink author had no respect for the law and showed contempt for moral rules and social norms.
β Up to 9.5 million net neutrality comments were fake β
π Read
via "Naked Security".
New York has expanded its probe to subpoena 14 industry groups and lobbyists, saying that fake comments "distort[ed] public opinion."π Read
via "Naked Security".
Naked Security
Up to 9.5 million net neutrality comments were fake
New York has expanded its probe to subpoena 14 industry groups and lobbyists, saying that fake comments βdistort[ed] public opinion.β
β Alleged robber busted after Facebook-friending victim to apologize β
π Read
via "Naked Security".
He told her to put down the pizza delivery and all her money on top of it. 26 days later, he found her on Facebook and reached out.π Read
via "Naked Security".
Naked Security
Alleged robber busted after Facebook-friending victim to apologize
He told her to put down the pizza delivery and all her money on top of it. 26 days later, he found her on Facebook and reached out.
β Popular website plugin harboured a serious 0-day for years β
π Read
via "Naked Security".
The flaw in the popular file uploader allows an attacker to upload files and run their own command line shell on any affected server.π Read
via "Naked Security".
Naked Security
Popular website plugin harboured a serious 0-day for years
The flaw in the popular file uploader allows an attacker to upload files and run their own command line shell on any affected server.
π΄ Understanding SOCs' 4 Top Deficiencies π΄
π Read
via "Dark Reading: ".
In most cases, the areas that rankle SANS survey respondents the most about security operations centers can be addressed with the right mix of planning, policies, and procedures.π Read
via "Dark Reading: ".
Dark Reading
Understanding SOCs' 4 Top Deficiencies
In most cases, the areas that rankle SANS survey respondents the most about security operations centers can be addressed with the right mix of planning, policies, and procedures.
β Critical Bug Impacts Live555 Media Streaming Libraries β
π Read
via "The first stop for security news | Threatpost ".
A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Critical Bug Impacts Live555 Media Streaming Libraries
A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software.