🛡 Cybersecurity & Privacy 🛡 - News

Stealthy Malware Flies Under AV Radar with Advanced Obfuscation

A threat campaign active since January customizes long-used droppers to infect victim machines and lift credentials and other data from browsers, according to Cisco Talos.

61 views14:49

Traveling for the holidays? Avoid these 5 tech mistakes

🔐 Traveling for the holidays? Avoid these 5 tech mistakes 🔐

Wi-Fi hotspots, public charging stations, and travel planning sites seem helpful, but they could actually be a traveler's worst nightmare.

📖 Read

via "Security on TechRepublic".

TechRepublic

Wi-Fi hotspots, public charging stations, and travel planning sites seem helpful, but they could actually be a traveler's worst nightmare.

61 views15:06

🕴 DevSecOps: The Answer to the Cloud Security Skills Gap 🕴

There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap.

📖 Read

via "Dark Reading: ".

DevSecOps: The Answer to the Cloud Security Skills Gap

There's a skills and resources gap industrywide, but a DevSecOps approach can go a long way toward closing that gap.

58 views15:11

How can you protect yourself from hackers? An IBM social engineer offers advice

🔐 How can you protect yourself from hackers? An IBM social engineer offers advice 🔐

Stephanie "Snow" Carruthers, Chief People Hacker at IBM, gives advice about protecting yourself online. She also explains how the robocalls and spoofing process works.

📖 Read

via "Security on TechRepublic".

TechRepublic

Stephanie "Snow" Carruthers, Chief People Hacker at IBM, gives advice about protecting yourself online. She also explains how the robocalls and spoofing process works.

61 views15:12

Cybersecurity remains the top concern for middle market companies

🔐 Cybersecurity remains the top concern for middle market companies 🔐

Nearly half (47%) of executives believe they will be at a greater security risk in the next year, a Chubb and NCMM report found.

📖 Read

via "Security on TechRepublic".

TechRepublic

Nearly half (47%) of executives believe they will be at a greater security risk in the next year, a Chubb and NCMM report found.

64 views16:42

🕴 Attackers' Costs Increasing as Businesses Focus on Security 🕴

Based on penetration tests and vulnerability assessments, attackers' costs to compromise a company's network increases significantly when security is continuously tested, a report finds.

📖 Read

via "Dark Reading: ".

Attackers' Costs Increasing as Businesses Focus on Security

Based on penetration tests and vulnerability assessments, attackers' costs to compromise a company's network increases significantly when security is continuously tested, a report finds.

74 views16:50

Kamerka 2.0 ≈ Packet Storm

🛠 Kamerka 2.0 🛠

Kamerka is an OSINT tool that builds an interactive map of cameras, printers, tweets, and photos leveraging Flickr, Instagram, Shodan, and Twitter.

📖 Go!

via "Security Tool Files ≈ Packet Storm".

Packetstormsecurity

Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

110 views17:08

Friday Five: 11/15 Edition

🔏 Friday Five: 11/15 Edition 🔏

Microsoft warns about BlueKeep - again, a real estate firm is fined $16M for violating GDPR, and more - catch up on the week's news with the Friday Five.

📖 Read

via "Subscriber Blog RSS Feed ".

Digital Guardian

Microsoft warns about BlueKeep - again, a real estate firm is fined $16M for violating GDPR, and more - catch up on the week's news with the Friday Five.

79 views17:09

ATENTION‼ New - CVE-2009-5047

Jetty 6.x before 6.1.22 suffers from an escape sequence injection vulnerability from two different vectors: 1) "Cookie Dump Servlet" and 2) Http Content-Length header. 1) A POST request to the form at "/test/cookie/" with the "Age" parameter set to a string throws a "java.lang.NumberFormatException" which reflects binary characters including ESC. These characters could be used to execute arbitrary commands or buffer dumps in the terminal. 2) The same attack in 1) can be exploited by requesting a page using an HTTP request "Content-Length" header set to a letteral string.

📖 Read

via "National Vulnerability Database".

72 views17:28

❌ Lizard Squad Threatens UK’s Labour Leader with Cyberattacks Against His Family ❌

The threats follow a DDos attack bent on taking out the Labour Party's online presence.

📖 Read

via "Threatpost".

Lizard Squad Threatens UK’s Labour Leader with Cyberattacks Against His Family

The threats follow an DDos attack bent on taking out the Labour Party's online presence.

67 views17:59

❌ James Clapper: Lessons Learned in a Post-Snowden World ❌

Former national intelligence director James Clapper discusses lessons learned from the 2013 Snowden leak as well as the top cyberthreats that the U.S. is currently facing.

📖 Read

via "Threatpost".

James Clapper: Lessons Learned in a Post-Snowden World

Former national intelligence director James Clapper discusses lessons learned from the 2013 Snowden leak as well as the top cyberthreats that the U.S. is currently facing.

79 views18:24

🕴 12 Tips for Dealing with a Manipulative Security Manager 🕴

Don't let yourself be stuck in an unhealthy work environment with a toxic manager who takes advantage of your talent.

📖 Read

via "Dark Reading: ".

12 Tips for Dealing with a Manipulative Security Manager - Dark Reading

Don't let yourself be stuck in an unhealthy work environment with a toxic manager who takes advantage of your talent.

74 views18:50

🕴 Black Hat Europe Brings A Bevy of IoT Security Insights 🕴

Attend this London event next month for the latest on how security researchers are finding (and solving) security vulnerabilities in all of your favorite Internet-connected devices.

📖 Read

via "Dark Reading: ".

Black Hat Europe Brings A Bevy of IoT Security Insights

Attend this London event next month for the latest on how security researchers are finding (and solving) security vulnerabilities in all of your favorite Internet-connected devices.

76 views21:05

🕴 Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed 🕴

Degrees, certifications, and experience are all important to career development, but mastering the people side of the equation may matter a whole lot more, CISOs say.

📖 Read

via "Dark Reading: ".

Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed

Degrees, certifications, and experience are all important to career development, but mastering the people side of the equation may matter a whole lot more, CISOs say.

83 views21:40

Illegal Booter Connected with DDoSes Sentenced to Prison, Fine

🕴 Bad Booter Brought to Justice With Sentence for Prison, Fine, and Parole 🕴

The Illinois-based man operated a criminal service that launched millions of DDoS attacks and brought in hundreds of thousands of dollars.

📖 Read

via "Dark Reading: ".

Darkreading

The Illinois-based man operated a criminal service that launched millions of DDoS attacks and brought in hundreds of thousands of dollars.

89 views21:40

❌ Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers ❌

The copycat sites are using valid certificates to be more convincing.

📖 Read

via "Threatpost".

Holiday Shoppers Beware: 100K Malicious Sites Found Posing as Well-Known Retailers

The copycat sites are using valid certificates to be more convincing.

124 views22:14

Faraday 3.9.3 ≈ Packet Storm

🛠 Faraday 3.9.3 🛠

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

📖 Go!

via "Security Tool Files ≈ Packet Storm".

Packetstormsecurity

Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

168 views22:28

⚠ Monday review – the hot 23 stories of the week ⚠

From a fake news generator to critical flaws in Medtronic equipment - it's weekly roundup time.

📖 Read

via "Naked Security".

Monday review – the hot 23 stories of the week

From a fake news generator to critical flaws in Medtronic equipment – it’s weekly roundup time.

106 views09:46

⚠ Wikipedia co-founder offers a Facebook/Twitter wannabe ⚠

Tired of being a tracked, ad-bedeviled product sold by social media companies? The cost to immediately join a network with no tracking/ads: $12.99/month.

📖 Read

via "Naked Security".

Wikipedia co-founder offers a Facebook/Twitter wannabe

Tired of being a tracked, ad-bedeviled product sold by social media companies? The cost to immediately join a network with no tracking/ads: $12.99/month.

101 views11:01

⚠ Two men busted for hijacking victims’ phones and email accounts ⚠

Prosecutors allege that Meiggs and Harrington took over their targets' mobile phone and email accounts via SIM-swapping.

📖 Read

via "Naked Security".

Two men busted for hijacking victims’ phones and email accounts

Prosecutors allege that Meiggs and Harrington took over their targets’ mobile phone and email accounts via SIM-swapping.

75 views11:26

⚠ GitHub launches Security Lab to boost open source security ⚠

The idea is simple – create a global platform for reporting and fixing vulnerabilities in open source projects before they do damage.

📖 Read

via "Naked Security".