β U.S. Universities Get Failing Grades for DMARC Adoption β
π Read
via "Threatpost".
Of the 200 schools in the report, the University of Pittsburgh and Georgetown University received top marks, with their DMARC policy set to "reject."π Read
via "Threatpost".
Threat Post
U.S. Universities Get Failing Grades for DMARC Adoption
Of the 200 schools in the report, the University of Pittsburgh and Georgetown University received top marks, with their DMARC policy set to "reject."
π How to protect your business against phishing attacks that exploit major tech brands π
π Read
via "Security on TechRepublic".
Users of Microsoft, PayPal, DHL, and Dropbox are among the top targets of phishers, according to a new report from cloud service provider Akamai.π Read
via "Security on TechRepublic".
ATENTIONβΌ New - CVE-2011-2186
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
β WhatsApp Spyware Attack: Uncovering NSO Group Activity β
π Read
via "Threatpost".
John Scott Railton with Citizen Lab, who helped WhatsApp investigate the NSO Group over the alleged WhatsApp hack, said the subsequent lawsuit is a "certified big deal."π Read
via "Threatpost".
Threat Post
WhatsApp Spyware Attack: Uncovering NSO Group Activity
John Scott Railton with Citizen Lab, who helped WhatsApp investigate the NSO Group over the alleged WhatsApp hack, said the subsequent lawsuit is a "certified big deal."
π΄ Security Pros Fear Insider Attacks Stem from Cloud Apps π΄
π Read
via "Dark Reading: ".
More than half of security practitioners surveyed say insider attack detection has grown more difficult since migrating to cloud.π Read
via "Dark Reading: ".
Dark Reading
Security Pros Fear Insider Attacks Stem from Cloud Apps
More than half of security practitioners surveyed say insider attack detection has grown more difficult since migrating to cloud.
π΄ Ransomware Attack Hits Las Cruces, New Mexico Public Schools π΄
π Read
via "Dark Reading: ".
The attack early in the morning of October 29 has taken all of the school district's systems offline.π Read
via "Dark Reading: ".
Darkreading
Ransomware Attack Hits Las Cruces, New Mexico Public Schools
The attack early in the morning of October 29 has taken all of the school district's systems offline.
π΄ Facebook Says Israeli Firm Was Involved in Recent WhatsApp Intrusion π΄
π Read
via "Dark Reading: ".
Evidence suggests NSO Group used WhatsApps servers to distribute mobile spyware to targeted devices.π Read
via "Dark Reading: ".
Dark Reading
Facebook Says Israeli Firm Was Involved in Recent WhatsApp Intrusion
Evidence suggests NSO Group used WhatsApps servers to distribute mobile spyware to targeted devices.
β Insurance Pays Out a Sliver of Norsk Hydroβs Cyberattack Damages β
π Read
via "Threatpost".
The company received $3.6 million in cyber insurance - out of $71 million incurred in damages after a massive March cyberattack.π Read
via "Threatpost".
Threat Post
Insurance Pays Out a Sliver of Norsk Hydroβs Cyberattack Damages
The company received $3.6 million in cyber insurance - out of $71 million incurred in damages after a massive March cyberattack.
π How to avoid malware on Android in one easy step π
π Read
via "Security on TechRepublic".
Jack Wallen offers up his best advice for avoiding malware on Android.π Read
via "Security on TechRepublic".
TechRepublic
How to avoid malware on Android in one easy step
Jack Wallen offers up his best advice for avoiding malware on Android.
π΄ Black Hat Europe Brings Enterprise-Grade Cybersecurity Insights to London π΄
π Read
via "Dark Reading: ".
Don't miss all the promising enterprise security Briefings at Black Hat Europe in London this December.π Read
via "Dark Reading: ".
Dark Reading
Black Hat Europe Brings Enterprise-Grade Cybersecurity Insights to London
Don't miss all the promising enterprise security Briefings at Black Hat Europe in London this December.
π΄ Cybersecurity's 'Moral Imperative' π΄
π Read
via "Dark Reading: ".
Cybersecurity professionals often talk about the economic drivers of security. But should the conversation shift to include a moral component? At least one analyst says "yes."π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity's 'Moral Imperative'
Cybersecurity professionals often talk about the economic drivers of security. But should the conversation shift to include a moral component? At least one analyst says yes.
π΄ As Phishing Kits Evolve, Their Lifespans Shorten π΄
π Read
via "Dark Reading: ".
Most phishing kits last less than 20 days, a sign defenders are keeping up in the race against cybercrime.π Read
via "Dark Reading: ".
Darkreading
As Phishing Kits Evolve, Their Lifespans Shorten
Most phishing kits last less than 20 days, a sign defenders are keeping up in the race against cybercrime.
ATENTIONβΌ New - CVE-2013-1391
π Read
via "National Vulnerability Database".
Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-0207
π Read
via "National Vulnerability Database".
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-0206
π Read
via "National Vulnerability Database".
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-1673
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web script or HTML via a comment.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-0749
π Read
via "National Vulnerability Database".
Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-0748
π Read
via "National Vulnerability Database".
Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-0747
π Read
via "National Vulnerability Database".
drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-0737
π Read
via "National Vulnerability Database".
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-0398
π Read
via "National Vulnerability Database".
The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack.π Read
via "National Vulnerability Database".