β Brand new Android smartphones shipped with 146 security flaws β
π Read
via "Naked Security".
If you think brand new, just-out-of-the-box Android smartphones are immune from security vulnerabilities - think again.π Read
via "Naked Security".
Naked Security
Brand new Android smartphones shipped with 146 security flaws
If you think brand new, just-out-of-the-box Android smartphones are immune from security vulnerabilities β think again.
β Macyβs Suffers Data Breach by Magecart Cybercriminals β
π Read
via "Threatpost".
Obfuscated Magecart script was discovered on two Macys.com webpages, scooping up holiday shoppers' payment card information.π Read
via "Threatpost".
Threat Post
Macyβs Suffers Data Breach by Magecart Cybercriminals
Obfuscated Magecart script was discovered on two Macys.com webpages, scooping up holiday shoppers' payment card information.
π Bing.com Hostname / IP Enumerator 1.0 π
π Go!
via "Security Tool Files β Packet Storm".
This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Bing.com Hostname / IP Enumerator 1.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ A Security Strategy that Centers on Humans, Not Bugs π΄
π Read
via "Dark Reading: ".
The industry's fixation on complex exploits has come at the expense of making fundamentals easy and intuitive for end users.π Read
via "Dark Reading: ".
Darkreading
A Security Strategy That Centers on Humans, Not Bugs
The industry's fixation on complex exploits has come at the expense of making fundamentals easy and intuitive for end users.
π΄ If You Never Cared About Security ... π΄
π Read
via "Dark Reading: ".
Oh, I used to feel that way. (Until a BEC attack.)π Read
via "Dark Reading: ".
Dark Reading
If You Never Cared About Security ... - Dark Reading
Oh, I used to feel that way. (Until a BEC attack.)
π΄ Magecart Hits Macy's: Retailer Discloses Data Breach π΄
π Read
via "Dark Reading: ".
The retail giant discovered malicious code designed to capture customer data planted on its payment page.π Read
via "Dark Reading: ".
Dark Reading
Magecart Hits Macy's: Retailer Discloses Data Breach
The retail giant discovered malicious code designed to capture customer data planted on its payment page.
β βWindows Updateβ Installs Cyborg Ransomware β
π Read
via "Threatpost".
A malicious spam campaign that informs victims it contains a βcritical Windows updateβ instead leads to the installation of Cyborg ransomware, researchers have found. Further, they were able to access its builder, which can be used to create malware variants. The email-based threat, discovered recently by researchers at Trustwave, is unique in a few ways, [β¦]π Read
via "Threatpost".
Threat Post
Fake βWindows Updateβ Installs Cyborg Ransomware
An executable file disguised as a .jpg leads not only to ransomware but also its builder, which can be used to create variants.
π 82% of SMB execs expect employees to put business devices at risk with holiday shopping π
π Read
via "Security on TechRepublic".
Nearly half of executives surveyed don't believe their employees would be able to spot a bad actor posing as an online retailer, Zix-AppRiver found.π Read
via "Security on TechRepublic".
TechRepublic
82% of SMB execs expect employees to put business devices at risk with holiday shopping
Nearly half of executives surveyed don't believe their employees would be able to spot a bad actor posing as an online retailer, Zix-AppRiver found.
π΄ I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned π΄
π Read
via "Dark Reading: ".
A feature that's supposed to make your account more secure -- adding a cellphone number -- has become a vector of attack in SIM-swapping incidents. Here's how it's done and how you can protect yourself.π Read
via "Dark Reading: ".
Dark Reading
I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
A feature that's supposed to make your account more secure -- adding a cellphone number -- has become a vector of attack in SIM-swapping incidents. Here's how it's done and how you can protect yourself.
π Air Force hires Trueface for facial recognition on bases π
π Read
via "Security on TechRepublic".
Trueface will provide Air Force bases with systems that can identify faces, license plates and guns.π Read
via "Security on TechRepublic".
TechRepublic
Air Force hires Trueface for facial recognition on bases
Trueface will provide Air Force bases with systems that can identify faces, license plates and guns.
π FBI Agent: Ex-Monsanto Employee Stole Trade Secrets π
π Read
via "Subscriber Blog RSS Feed ".
When he was first detained at the airport, the employee was found with six files containing trade secret data on a storage device connected to his laptop.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FBI Agent: Ex-Monsanto Employee Stole Trade Secrets
When he was first detained at the airport, the employee was found with six files containing trade secret data on a storage device connected to his laptop.
π΄ Most Companies Lag Behind '1-10-60' Benchmark for Breach Response π΄
π Read
via "Dark Reading: ".
Average company needs 162 hours to detect, triage, and contain a breach, according to a new CrowdStrike survey.π Read
via "Dark Reading: ".
Darkreading
Most Companies Lag Behind '1-10-60' Benchmark for Breach Response
Average company needs 162 hours to detect, triage, and contain a breach, according to a new CrowdStrike survey.
β McDonalds-Themed Facebook Ads Serve Up Banking Trojans β
π Read
via "Threatpost".
The malware has backdoor functionality and the ability to steal payment cards and credentials.π Read
via "Threatpost".
Threat Post
McDonalds-Themed Facebook Ads Serve Up Banking Trojans
The malware has backdoor functionality and the ability to steal payment cards and credentials.
π΄ TPM-Fail: What It Means & What to Do About It π΄
π Read
via "Dark Reading: ".
Trusted Platform Modules are well-suited to a wide range of applications, but for the strongest security, architect them into "defense-in-depth" designs.π Read
via "Dark Reading: ".
Dark Reading
TPM-Fail: What It Means & What to Do About It
Trusted Platform Modules are well-suited to a wide range of applications, but for the strongest security, architect them into defense-in-depth designs.
β Google Discloses Android Camera Hijack Hack β
π Read
via "Threatpost".
Google has disclosed a now-fixed issue that enabled third-party apps to access a disturbing set of permissions for its Camera App built into Android phones.π Read
via "Threatpost".
Threat Post
Google Discloses Android Camera Hijack Hack
Google has disclosed a now-fixed issue that enabled third-party apps to access a disturbing set of permissions for its Camera App built into Android phones.
π΅ Private Internet Access announces merger with Kape Technologies β in Latin π΅
π Read
via "VPNpro".
π Read
via "VPNpro".
VPNpro
PIA Announces Merger With Kape - In Latin | VPNpro
Kape Technologies added Private Internet Access (PIA) to their list of assets, which already includes CyberGhost VPN and ZenMate VPN services. Read more.
π΄ DDoS Attacks Up Sharply in Third Quarter of 2019 π΄
π Read
via "Dark Reading: ".
DDoS attacks of all sorts were up by triple-digit percentages, with smaller volume attacks growing most rapidly.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β D-Link Adds More Buggy Router Models to βWonβt Fixβ List β
π Read
via "Threatpost".
The list of routers that have critical RCE bugs, that have reached end of life and that wonβt get fixed has grown.π Read
via "Threatpost".
Threat Post
D-Link Adds More Buggy Router Models to βWonβt Fixβ List
The list of routers that have critical RCE bugs, that have reached end of life and that wonβt get fixed has grown.
β 400 Vet Locations Nipped by Ryuk Ransomware β
π Read
via "Threatpost".
The infection apparently made its way in through third-party systems.π Read
via "Threatpost".
Threat Post
400 Vet Locations Nipped by Ryuk Ransomware
The infection apparently made its way in through third-party systems.
π΄ Attacker Mistake Botches Cyborg Ransomware Campaign π΄
π Read
via "Dark Reading: ".
Cybercriminals attempted to install Cyborg ransomware on target machines by deceiving victims with a fraudulent Windows update.π Read
via "Dark Reading: ".
Darkreading
Attacker Mistake Botches Cyborg Ransomware Campaign
Cybercriminals attempted to install Cyborg ransomware on target machines by deceiving victims with a fraudulent Windows update.
ATENTIONβΌ New - CVE-2011-1145 (debian_linux, enterprise_linux, opensuse, unixodbc)
π Read
via "National Vulnerability Database".
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.π Read
via "National Vulnerability Database".