π΄ Magecart Hits Macy's: Retailer Discloses Data Breach π΄
π Read
via "Dark Reading: ".
The retail giant discovered malicious code designed to capture customer data planted on its payment page.π Read
via "Dark Reading: ".
Dark Reading
Magecart Hits Macy's: Retailer Discloses Data Breach
The retail giant discovered malicious code designed to capture customer data planted on its payment page.
β βWindows Updateβ Installs Cyborg Ransomware β
π Read
via "Threatpost".
A malicious spam campaign that informs victims it contains a βcritical Windows updateβ instead leads to the installation of Cyborg ransomware, researchers have found. Further, they were able to access its builder, which can be used to create malware variants. The email-based threat, discovered recently by researchers at Trustwave, is unique in a few ways, [β¦]π Read
via "Threatpost".
Threat Post
Fake βWindows Updateβ Installs Cyborg Ransomware
An executable file disguised as a .jpg leads not only to ransomware but also its builder, which can be used to create variants.
π 82% of SMB execs expect employees to put business devices at risk with holiday shopping π
π Read
via "Security on TechRepublic".
Nearly half of executives surveyed don't believe their employees would be able to spot a bad actor posing as an online retailer, Zix-AppRiver found.π Read
via "Security on TechRepublic".
TechRepublic
82% of SMB execs expect employees to put business devices at risk with holiday shopping
Nearly half of executives surveyed don't believe their employees would be able to spot a bad actor posing as an online retailer, Zix-AppRiver found.
π΄ I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned π΄
π Read
via "Dark Reading: ".
A feature that's supposed to make your account more secure -- adding a cellphone number -- has become a vector of attack in SIM-swapping incidents. Here's how it's done and how you can protect yourself.π Read
via "Dark Reading: ".
Dark Reading
I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
A feature that's supposed to make your account more secure -- adding a cellphone number -- has become a vector of attack in SIM-swapping incidents. Here's how it's done and how you can protect yourself.
π Air Force hires Trueface for facial recognition on bases π
π Read
via "Security on TechRepublic".
Trueface will provide Air Force bases with systems that can identify faces, license plates and guns.π Read
via "Security on TechRepublic".
TechRepublic
Air Force hires Trueface for facial recognition on bases
Trueface will provide Air Force bases with systems that can identify faces, license plates and guns.
π FBI Agent: Ex-Monsanto Employee Stole Trade Secrets π
π Read
via "Subscriber Blog RSS Feed ".
When he was first detained at the airport, the employee was found with six files containing trade secret data on a storage device connected to his laptop.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
FBI Agent: Ex-Monsanto Employee Stole Trade Secrets
When he was first detained at the airport, the employee was found with six files containing trade secret data on a storage device connected to his laptop.
π΄ Most Companies Lag Behind '1-10-60' Benchmark for Breach Response π΄
π Read
via "Dark Reading: ".
Average company needs 162 hours to detect, triage, and contain a breach, according to a new CrowdStrike survey.π Read
via "Dark Reading: ".
Darkreading
Most Companies Lag Behind '1-10-60' Benchmark for Breach Response
Average company needs 162 hours to detect, triage, and contain a breach, according to a new CrowdStrike survey.
β McDonalds-Themed Facebook Ads Serve Up Banking Trojans β
π Read
via "Threatpost".
The malware has backdoor functionality and the ability to steal payment cards and credentials.π Read
via "Threatpost".
Threat Post
McDonalds-Themed Facebook Ads Serve Up Banking Trojans
The malware has backdoor functionality and the ability to steal payment cards and credentials.
π΄ TPM-Fail: What It Means & What to Do About It π΄
π Read
via "Dark Reading: ".
Trusted Platform Modules are well-suited to a wide range of applications, but for the strongest security, architect them into "defense-in-depth" designs.π Read
via "Dark Reading: ".
Dark Reading
TPM-Fail: What It Means & What to Do About It
Trusted Platform Modules are well-suited to a wide range of applications, but for the strongest security, architect them into defense-in-depth designs.
β Google Discloses Android Camera Hijack Hack β
π Read
via "Threatpost".
Google has disclosed a now-fixed issue that enabled third-party apps to access a disturbing set of permissions for its Camera App built into Android phones.π Read
via "Threatpost".
Threat Post
Google Discloses Android Camera Hijack Hack
Google has disclosed a now-fixed issue that enabled third-party apps to access a disturbing set of permissions for its Camera App built into Android phones.
π΅ Private Internet Access announces merger with Kape Technologies β in Latin π΅
π Read
via "VPNpro".
π Read
via "VPNpro".
VPNpro
PIA Announces Merger With Kape - In Latin | VPNpro
Kape Technologies added Private Internet Access (PIA) to their list of assets, which already includes CyberGhost VPN and ZenMate VPN services. Read more.
π΄ DDoS Attacks Up Sharply in Third Quarter of 2019 π΄
π Read
via "Dark Reading: ".
DDoS attacks of all sorts were up by triple-digit percentages, with smaller volume attacks growing most rapidly.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β D-Link Adds More Buggy Router Models to βWonβt Fixβ List β
π Read
via "Threatpost".
The list of routers that have critical RCE bugs, that have reached end of life and that wonβt get fixed has grown.π Read
via "Threatpost".
Threat Post
D-Link Adds More Buggy Router Models to βWonβt Fixβ List
The list of routers that have critical RCE bugs, that have reached end of life and that wonβt get fixed has grown.
β 400 Vet Locations Nipped by Ryuk Ransomware β
π Read
via "Threatpost".
The infection apparently made its way in through third-party systems.π Read
via "Threatpost".
Threat Post
400 Vet Locations Nipped by Ryuk Ransomware
The infection apparently made its way in through third-party systems.
π΄ Attacker Mistake Botches Cyborg Ransomware Campaign π΄
π Read
via "Dark Reading: ".
Cybercriminals attempted to install Cyborg ransomware on target machines by deceiving victims with a fraudulent Windows update.π Read
via "Dark Reading: ".
Darkreading
Attacker Mistake Botches Cyborg Ransomware Campaign
Cybercriminals attempted to install Cyborg ransomware on target machines by deceiving victims with a fraudulent Windows update.
ATENTIONβΌ New - CVE-2011-1145 (debian_linux, enterprise_linux, opensuse, unixodbc)
π Read
via "National Vulnerability Database".
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.π Read
via "National Vulnerability Database".
π΄ Ransomware Surge & Living-Off-the-Land Tactics Remain Big Threats π΄
π Read
via "Dark Reading: ".
Group-IB's and Rapid7's separate analysis of attack activity in recent months shows threat actors are making life harder for enterprise organizations in a variety of ways.π Read
via "Dark Reading: ".
Darkreading
Ransomware Surge & Living-Off-the-Land Tactics Remain Big Threats
Group-IB's and Rapid7's separate analysis of attack activity in recent months shows threat actors are making life harder for enterprise organizations in a variety of ways.
β Adobe Acrobat and Reader 2015 reach end of support β
π Read
via "Naked Security".
If you've been happily using Adobe Reader 2015 software for the last few years, you're in for a rude awakening.π Read
via "Naked Security".
Naked Security
Adobe Acrobat and Reader 2015 reach end of support
If youβve been happily using Adobe Reader 2015 software for the last few years, youβre in for a rude awakening.
β XSS security hole in Gmailβs dynamic email β
π Read
via "Naked Security".
The bug was fixed at least a month ago so users receiving dynamic email content have one less thing to worry about.π Read
via "Naked Security".
Naked Security
XSS security hole in Gmailβs dynamic email
The bug was fixed at least a month ago so users receiving dynamic email content have one less thing to worry about.
β Instagram stalker app Ghosty yanked from Play store β
π Read
via "Naked Security".
It was sucking up private profiles by requiring users to hand over their logins, giving it access to whatever accounts they follow.π Read
via "Naked Security".
Naked Security
Instagram stalker app Ghosty yanked from Play store
It was sucking up private profiles by requiring users to hand over their logins, giving it access to whatever accounts they follow.
β Update WhatsApp now: MP4 video bug exposes your messages β
π Read
via "Naked Security".
A now-patched-hole could have allowed remote code execution that could have exposed files and messages. Update your WhatsApp now.π Read
via "Naked Security".
Naked Security
Update WhatsApp now: MP4 video bug exposes your messages
A now-patched-hole could have allowed remote code execution that could have exposed files and messages. Update your WhatsApp now.