ATENTIONβΌ New - CVE-2009-5048
π Read
via "National Vulnerability Database".
Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2009-5046
π Read
via "National Vulnerability Database".
JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2009-5045
π Read
via "National Vulnerability Database".
Dump Servlet information leak in jetty before 6.1.22.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2009-5043 (burn, debian_linux)
π Read
via "National Vulnerability Database".
burn allows file names to escape via mishandled quotation marksπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2009-5042 (debian_linux, python-docutils)
π Read
via "National Vulnerability Database".
python-docutils allows insecure usage of temporary filesπ Read
via "National Vulnerability Database".
β Trend Micro: Rogue Employee Sold Customer Data for 68K Accounts β
π Read
via "Threatpost".
Trend Micro customers whose data was sold are getting scam calls from criminals purporting to be support staff.π Read
via "Threatpost".
Threat Post
Rogue Trend Micro Employee Sold Customer Data for 68K Accounts
Trend Micro customers whose data was sold are getting scam calls from criminals purporting to be support staff.
π΄ Google Announces App Defense Alliance π΄
π Read
via "Dark Reading: ".
The industry partnership will scan apps for malware before they're published on the Google Play Store.π Read
via "Dark Reading: ".
Dark Reading
Google Announces App Defense Alliance
The industry partnership will scan apps for malware before they're published on the Google Play Store.
π΄ Accounting Scams Continue to Bilk Businesses π΄
π Read
via "Dark Reading: ".
Yes, ransomware is plaguing businesses and government organizations, but impersonators inserting themselves into financial workflows - most often via e-mail - continue to enable big paydays.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Youβve Been Servedβ¦with Subpoena-Themed Phishing Emails β
π Read
via "Threatpost".
A targeted campaign is delivering an information-stealing malware called Predator the Thief.π Read
via "Threatpost".
Threat Post
Youβve Been Servedβ¦with Subpoena-Themed Phishing Emails
A targeted campaign is delivering an information-stealing malware called Predator the Thief.
β Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security β
π Read
via "Threatpost".
Tactics for when authorized users need to connect to network resources, or need to venture out to the web to complete important tasks.π Read
via "Threatpost".
Threat Post
Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security
Tactics for when authorized users need to connect to network resources, or need to venture out to the web to complete important tasks.
β Warrant let police search online DNA database β
π Read
via "Naked Security".
This is a "game changer" when it comes to genetic privacy rights, experts say.π Read
via "Naked Security".
Naked Security
Warrant let police search online DNA database
This is a βgame changerβ when it comes to genetic privacy rights, experts say.
β Facebook scam steals famous faces and BBC branding β
π Read
via "Naked Security".
An email scam from earlier this year has resurfaced on Facebook - don't fall for it!π Read
via "Naked Security".
Naked Security
Facebook scam steals famous faces and BBC branding
An email scam from earlier this year has resurfaced on Facebook β donβt fall for it!
π΄ Black Hat Q&A: Hacking a '90s Sports Car π΄
π Read
via "Dark Reading: ".
Security researcher Stanislas Lejay offers a preview of his upcoming Black Hat Europe talk on automotive engine computer management and hardware reverse engineering.π Read
via "Dark Reading: ".
Darkreading
Black Hat Q&A: Hacking a '90s Sports Car
Security researcher Stanislas Lejay offers a preview of his upcoming Black Hat Europe talk on automotive engine computer management and hardware reverse engineering.
π΄ Kaspersky Lab Analysis Shines Light on DarkUniverse APT Group π΄
π Read
via "Dark Reading: ".
Threat actor was active between 2009 and 2017, targeting military, government, and private organizations.π Read
via "Dark Reading: ".
Darkreading
Kaspersky Analysis Shines Light on DarkUniverse APT Group
Threat actor was active between 2009 and 2017, targeting military, government, and private organizations.
β Facebook confesses 100 devs may have accessed leaked Groups data β
π Read
via "Naked Security".
It shut down that access in April 2018, or at least thought it did. At least 11 improperly accessed data in the last two months.π Read
via "Naked Security".
Naked Security
Facebook confesses 100 devs may have accessed leaked Groups data
It shut down that access in April 2018, or at least thought it did. At least 11 improperly accessed data in the last two months.
β Google Enlists Help to Fight Bad Android Apps β
π Read
via "Threatpost".
After years of unsuccessfully battling malware and bad apps in the Google Play store and on more than 2.5 billion Android devices, Google is finally doing something about it. The tech giant this week unveiled an alliance with three companies with specific expertise in endpoint security to help prevent the spread of malware on its [β¦]π Read
via "Threatpost".
Threat Post
Google Enlists Help to Fight Bad Android Apps
After years of unsuccessfully battling malware and bad apps in the Google Play store and on more than 2.5 billion Android devices, Google is finally doing something about it. The tech giant this week unveiled an alliance with three companies with specificβ¦
β Pilot presses the wrong button, triggers airport hostage alarm β
π Read
via "Naked Security".
We've all been there - faced with a button that is just begging to be pressed...π Read
via "Naked Security".
Naked Security
Pilot presses the wrong button, triggers airport hostage alarm
Weβve all been there β faced with a button that is just begging to be pressedβ¦
β Linux users warned to update libarchive to beat flaw β
π Read
via "Naked Security".
The bug is identified as CVE-2019-18408, a high-priority βuse-after-freeβ bug when dealing with a failed archive.π Read
via "Naked Security".
Naked Security
Linux users warned to update libarchive to beat flaw
The bug is identified as CVE-2019-18408, a high-priority βuse-after-freeβ bug when dealing with a failed archive.
β Data Breach Fines: Are They Working to Boost Consumer Safety? β
π Read
via "Threatpost".
Despite trillions of dollars in breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise.π Read
via "Threatpost".
Threat Post
Why Big Breach Fines Donβt Equal Fewer Breaches
Despite trillions of dollars in breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise.
β WordPress sites hit by malvertising β
π Read
via "Naked Security".
An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing.π Read
via "Naked Security".
Naked Security
WordPress sites hit by malvertising
An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing.
π You've got malware: Malicious actors are waiting in your inbox π
π Read
via "Security on TechRepublic".
Dangerous URL messages, the resurgence of Emotet, and banking trojans flood the cyberthreat landscape, Proofpoint found.π Read
via "Security on TechRepublic".
TechRepublic
You've got malware: Malicious actors are waiting in your inbox
Dangerous URL messages, the resurgence of Emotet, and banking trojans flood the cyberthreat landscape, Proofpoint found.