🛡 Cybersecurity & Privacy 🛡 - News

6 Small-Business Password Managers

The right password manager can help bring enterprise-class security to small businesses. Here are a half-dozen candidates to strengthen your access management.

75 views14:14

9 Principles to Simplify Security

🕴 9 Principles to Simplify Security 🕴

This isn't a one-size-fits-all situation. Simplify as much as you can, as the saying goes, but no more than that.

📖 Read

via "Dark Reading: ".

Darkreading

This isn't a one-size-fits-all situation. Simplify as much as you can, as the saying goes, but no more than that.

72 views15:09

🕴 Ring Flaw Underscores Impact of IoT Vulnerabilities 🕴

A vulnerability in Amazon's Ring doorbell cameras would have allowed a local attacker to gain access to a target's entire wireless network.

📖 Read

via "Dark Reading: ".

Ring Flaw Underscores Impact of IoT Vulnerabilities

A vulnerability in Amazon's Ring doorbell cameras would have allowed a local attacker to gain access to a target's entire wireless network.

71 views16:04

❌ Pwn2Own Tokyo Roundup: Amazon Echo, Routers and Smart TVs Fall to Hackers ❌

The latest edition of the bi-annual hacking contest saw creative exploits in new device categories.

📖 Read

via "Threatpost".

Pwn2Own Tokyo Roundup: Amazon Echo, Routers, Smart TVs Fall to Hackers

The latest edition of the bi-annual hacking contest saw creative exploits in new device categories.

74 views16:12

Hospital Cyberattacks Linked to Increase in Heart Attack Mortality

🕴 Hospital Cyberattacks Linked to Increase in Heart Attack Mortality 🕴

Breach remediation processes adversely impact timeliness in patient care and outcomes, a new study finds.

📖 Read

via "Dark Reading: ".

Darkreading

Breach remediation processes adversely impact timeliness in patient care and outcomes, a new study finds.

84 views17:49

❌ Art Imitates Life: Lessons from the Final Season of Mr. Robot ❌

Unlike Elliot, real-world adversaries don’t have lofty ideals nor do they suffer crises of conscience.

📖 Read

via "Threatpost".

Art Imitates Life: Lessons from the Final Season of Mr. Robot

Unlike Elliot, real-world adversaries don’t have lofty ideals nor do they suffer crises of conscience.

94 views18:37

🕴 Bugcrowd Pays Out Over $500K in Bounties in One Week 🕴

In all, bug hunters from around the world submitted over 6,500 vulnerabilities in October alone.

📖 Read

via "Dark Reading: ".

Bugcrowd Pays Out Over $500K in Bounties in One Week

In all, bug hunters from around the world submitted over 6,500 vulnerabilities in October alone.

79 views19:04

🕴 4 Ways to Soothe a Stressed-Out Incident Response Team 🕴

IR teams are under tremendous pressure, often working long hours and putting their needs aside amid a security crisis. Their care is just as important as policy and procedure.

📖 Read

via "Dark Reading: ".

4 Ways to Soothe a Stressed-Out Incident Response Team

IR teams are under tremendous pressure, often working long hours and putting their needs aside amid a security crisis. Their care is just as important as policy and procedure.

78 views19:49

❌ Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone ❌

Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies.

📖 Read

via "Threatpost".

Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone

Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies.

83 views19:52

VMware rolls out new Carbon Black security suite and Dell partnership

🔐 VMware rolls out new Carbon Black security suite and Dell partnership 🔐

The company announced at VMworld 2019 Europe in Barcelona how it will integrate Carbon Black into its suite of tools.

📖 Read

via "Security on TechRepublic".

TechRepublic

The company announced at VMworld 2019 Europe in Barcelona how it will integrate Carbon Black into its suite of tools.

75 views21:01

How to obscure open ports with knockd

🔐 How to obscure open ports with knockd 🔐

Learn how to obfuscate SSH login with port knocking.

📖 Read

via "Security on TechRepublic".

TechRepublic

Learn how to obfuscate SSH login with port knocking.

72 views21:01

How to obscure open ports with knockd

🔐 How to obscure open ports with knockd 🔐

Learn how to obfuscate SSH login with port knocking.

📖 Read

via "Security on TechRepublic".

TechRepublic

Learn how to obfuscate SSH login with port knocking.

94 views21:11

❌ Platinum APT Shines Up New Titanium Backdoor ❌

The trojan was observed as the final payload in a sophisticated and complex malware installation code set.

📖 Read

via "Threatpost".

Platinum APT Shines Up New Titanium Backdoor

The trojan was observed as the final payload in a sophisticated and complex malware installation code set.

90 views21:42

ATENTION‼ New - CVE-2009-5004

qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .

📖 Read

via "National Vulnerability Database".

90 views06:38

ATENTION‼ New - CVE-2009-4011

dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console.

📖 Read

via "National Vulnerability Database".

87 views06:38

ATENTION‼ New - CVE-2009-3614

liboping 1.3.2 allows users reading arbitrary files upon the local system.

📖 Read

via "National Vulnerability Database".

90 views06:38

ATENTION‼ New - CVE-2009-3552

In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. An attacker on the local network could use this flaw to conduct a man-in-the-middle attack, tricking the user into thinking they are viewing the Red Hat Enterprise Virtualization Manager when the content is actually attacker-controlled, or modifying actions a user requested Red Hat Enterprise Virtualization Manager to perform.

📖 Read

via "National Vulnerability Database".

105 views06:38

ATENTION‼ New - CVE-2009-2802

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

📖 Read

via "National Vulnerability Database".

116 views06:38

ATENTION‼ New - CVE-2009-0035

alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts.

📖 Read

via "National Vulnerability Database".

120 views06:38

Monday review – the hot 23 stories of the week

⚠ Monday review – the hot 23 stories of the week ⚠

From hackable voice assistants to ISPs allegedly lying about encrypted DNS, and everything in between. It's weekly roundup time.

📖 Read

via "Naked Security".

Naked Security

From hackable voice assistants to ISPs allegedly lying about encrypted DNS, and everything in between. It’s weekly roundup time.

119 views09:53