β Twitter bans political ads β
π Read
via "Naked Security".
Interesting timing: Right before Facebook's earnings call, two weeks after Facebook said it won't pull political ads that spout lies.π Read
via "Naked Security".
Naked Security
Twitter bans political ads
Interesting timing: Right before Facebookβs earnings call, two weeks after Facebook said it wonβt pull political ads that spout lies.
β Android Keyboard App Could Swindle 40M Users Out of Millions β
π Read
via "Threatpost".
The Ai.type app was removed from Google Play in June 2019 β but still remains on millions of Android devices and is still available from other Android marketplaces, researchers warn.π Read
via "Threatpost".
Threat Post
Android Keyboard App Could Swindle 40M Users Out of Millions
The app was removed from Google Play in June 2019 β but still remains on millions of Android devices and is still available from other Android marketplaces, researchers warn.
β Happy Birthday, CVE! β
π Read
via "Naked Security".
The Common Vulnerabilities and Exposures (CVE) system is 20 years old this week.π Read
via "Naked Security".
Naked Security
Happy Birthday, CVE!
The Common Vulnerabilities and Exposures (CVE) system is 20 years old this week.
π΄ Raising Security Awareness: Why Tools Can't Replace People π΄
π Read
via "Dark Reading: ".
Training your people and building relationships outside of the security organization is the most significant investment a CISO can make.π Read
via "Dark Reading: ".
Dark Reading
Raising Security Awareness: Why Tools Can't Replace People
Training your people and building relationships outside of the security organization is the most significant investment a CISO can make.
ATENTIONβΌ New - CVE-2005-3056
π Read
via "National Vulnerability Database".
TWiki allows arbitrary shell command execution via the Include functionπ Read
via "National Vulnerability Database".
β Apple props up macOS Catalina with 10.15.1 update β
π Read
via "Naked Security".
A vocal minority of the committed Apple base has been quick to express dissatisfaction at the move to Catalina from macOS 10.14 Mojave.π Read
via "Naked Security".
Naked Security
Apple props up macOS Catalina with 10.15.1 update
A vocal minority of the committed Apple base has been quick to express dissatisfaction at the move to Catalina from macOS 10.14 Mojave.
π How to allow SSH connections from LAN and WAN on different ports π
π Read
via "Security on TechRepublic".
Is it possible to configure SSH to listen for connections on both internal and external interfaces, using different ports? Jack Wallen says "yes."π Read
via "Security on TechRepublic".
TechRepublic
How to allow SSH connections from LAN and WAN on different ports
Is it possible to configure SSH to listen for connections on both internal and external interfaces, using different ports? Jack Wallen says "yes."
β Google Discloses Chrome Flaw Exploited in the Wild β
π Read
via "Threatpost".
Google warns exploits in the wild against a Use After Free vulnerability in Chrome's audio component.π Read
via "Threatpost".
Threat Post
Google Discloses Chrome Flaw Exploited in the Wild
Google warns exploits in the wild against a Use After Free vulnerability in Chrome's audio component.
π΄ 8 Holiday Security Tips for Retailers π΄
π Read
via "Dark Reading: ".
As retailers head into the holiday rush, here's how they can protect their businesses from attackers and scammers hoping to wreak havoc during the most wonderful time of the year.π Read
via "Dark Reading: ".
Dark Reading
8 Holiday Security Tips for Retailers
As retailers head into the holiday rush, here's how they can protect their businesses from attackers and scammers hoping to wreak havoc during the most wonderful time of the year.
β S2 Ep15: City under attack! VPN hacked, floppies nixed β
π Read
via "Naked Security".
A latest episode of the Naked Security podcast is out now!π Read
via "Naked Security".
Naked Security
S2 Ep15: City under attack! VPN hacked, floppies nixed
A latest episode of the Naked Security podcast is out now!
π΄ Google Patches Chrome Zero-Day Under Active Attack π΄
π Read
via "Dark Reading: ".
The fix addresses CVE-2019-13720, a high-severity, use-after-free vulnerability discovered by Kaspersky Lab researchers.π Read
via "Dark Reading: ".
Darkreading
Google Patches Chrome Zero-Day Under Active Attack
The fix addresses CVE-2019-13720, a high-severity, use-after-free vulnerability discovered by Kaspersky Lab researchers.
β Stubborn Malware Targets QNAP NAS Hardware Specifically β
π Read
via "Threatpost".
QNAP Systems says there is no known way to remove the Qsnatch malware infecting its NAS devices besides a full factory reset.π Read
via "Threatpost".
Threat Post
Stubborn Malware Targets QNAP NAS Hardware Specifically
QNAP Systems says there is no known way to remove the Qsnatch malware infecting its NAS devices.
β Global Crime Ring Bilks U.S. Military Members, Vets Out of Millions β
π Read
via "Threatpost".
An elaborate fraudster ring stole PII then used DoD and VA benefits portals to steal payments and funds from bank accounts.π Read
via "Threatpost".
Threat Post
Global Crime Ring Bilks U.S. Military Members, Vets Out of Millions
An elaborate fraudster ring stole PII then allegedly used DoD and VA benefits portals to steal payments and funds from bank accounts.
π How to copy a file from one server to another from a third with SSH π
π Read
via "Security on TechRepublic".
Find out how to work some SSH magic, by transferring a file from one machine to another from a third.π Read
via "Security on TechRepublic".
TechRepublic
How to copy a file from one server to another from a third with SSH
Find out how to work some SSH magic, by transferring a file from one machine to another from a third.
π Samhain File Integrity Checker 4.4.0 π
π Go!
via "Security Tool Files β Packet Storm".
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Samhain File Integrity Checker 4.4.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π SQLMAP - Automatic SQL Injection Tool 1.3.11 π
π Go!
via "Security Tool Files β Packet Storm".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.3.11 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Details of Attack on Electric Utility Emerge π΄
π Read
via "Dark Reading: ".
The March 5 DDoS attack interrupted communications between generating facilities and the electrical grid in three western states.π Read
via "Dark Reading: ".
Darkreading
Details of Attack on Electric Utility Emerge
The March 5 DDoS attack interrupted communications between generating facilities and the electrical grid in three western states.
π Friday Five: 11/1 Edition π
π Read
via "Subscriber Blog RSS Feed ".
The hackers behind Uber's 2016 breach finally plead guilty, WhatsApp pushes back against NSO Group, and an army admin steals millions from veterans - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 11/1 Edition
The hackers behind Uber's 2016 breach finally plead guilty, WhatsApp pushes back against NSO Group, and an army admin steals millions from veterans - catch up on the week's news with the Friday Five.
β News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach β
π Read
via "Threatpost".
Threatpost editors discuss this week's biggest news - from a data breach of Bed Bath & Beyond, a tricky phishing attack and widespread APT activity. π Read
via "Threatpost".
Threat Post
News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach
Threatpost editors discuss this week's biggest news - from a data breach of Bed Bath & Beyond, a tricky phishing attack and widespread APT activity.
π Wanted: More women hackers π
π Read
via "Security on TechRepublic".
Capture the Flag challenge encourages women to pursue cybersecurity careers and connects experts with newcomersπ Read
via "Security on TechRepublic".
TechRepublic
Wanted: More women hackers
Capture the Flag challenge encourages women to pursue cybersecurity careers and connects experts with newcomers
ATENTIONβΌ New - CVE-2005-2351
π Read
via "National Vulnerability Database".
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.π Read
via "National Vulnerability Database".