π΄ Employee Privacy in a Mobile Workplace π΄
π Read
via "Dark Reading: ".
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.π Read
via "Dark Reading: ".
Dark Reading
Employee Privacy in a Mobile Workplace
Why businesses need guidelines for managing their employees' personal information -- without compromising on security.
ATENTIONβΌ New - CVE-2011-1490 (debian_linux, opensuse, rsyslog)
π Read
via "National Vulnerability Database".
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one rulesetπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-1489 (debian_linux, opensuse, rsyslog)
π Read
via "National Vulnerability Database".
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-4659
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents.π Read
via "National Vulnerability Database".
β Apache Solr Bug Gets Bumped Up to High Severity β
π Read
via "Threatpost".
Linux users running the enterprise-search platform Solr are potentially vulnerable to remote code execution attack.π Read
via "Threatpost".
Threat Post
Apache Solr Bug Gets Bumped Up to High Severity
Linux users running the enterprise-search platform Solr are potentially vulnerable to remote code execution attack.
π NSA Reiterates Risks of Transport Layer Security Inspection π
π Read
via "Subscriber Blog RSS Feed ".
In an advisory published this week, the NSA outlined the risks of Transport Layer Security Inspection (TLSI) and provided security mitigations for organizations.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
NSA Reiterates Risks of Transport Layer Security Inspection
In an advisory published this week, the NSA outlined the risks of Transport Layer Security Inspection (TLSI) and provided security mitigations for organizations.
β Mozilla Bug Bounty Program Doubles Payouts, Adds Firefox Monitor β
π Read
via "Threatpost".
In scope RCE Mozilla bug bounty payouts have also tripled to reach $15,000.π Read
via "Threatpost".
Threat Post
Mozilla Bug Bounty Program Doubles Payouts, Adds Firefox Monitor
In scope RCE Mozilla bug bounty payouts have also tripled to reach $15,000.
π΄ Google Cloud Update Gives Users Greater Data Control π΄
π Read
via "Dark Reading: ".
External Key Manager and Key Access Justification are intended to give organizations greater visibility into requests for data access.π Read
via "Dark Reading: ".
Dark Reading
Google Cloud Update Gives Users Greater Data Control
External Key Manager and Key Access Justification are intended to give organizations greater visibility into requests for data access.
π΄ Patch 'Easily Exploitable' Oracle EBS Flaws ASAP: Onapsis π΄
π Read
via "Dark Reading: ".
Organizations that have not yet applied a pair of months-old critical patches from Oracle for E-Business Suite are at risk of attacks on their financial systems, the application security firm says.π Read
via "Dark Reading: ".
Dark Reading
Patch 'Easily Exploitable' Oracle EBS Flaws ASAP: Onapsis
Organizations that have not yet applied a pair of months-old critical patches from Oracle for E-Business Suite are at risk of attacks on their financial systems, the application security firm says.
β Security Firms, Nonprofits Team to Fight Stalkerware β
π Read
via "Threatpost".
The Coalition Against Stalkerware launched this week, with the aim of offering a centralized location for helping victims of stalkerware, as well as defining what stalkerware is in the first place.π Read
via "Threatpost".
Threat Post
Security Firms, Nonprofits Team to Fight Stalkerware
The Coalition Against Stalkerware launched this week, with the aim of offering a centralized location for helping victims of stalkerware, as well as defining what stalkerware is in the first place.
β Tories change Twitter name to βfactcheckUKβ during live TV debate β
π Read
via "Naked Security".
Twitter wagged its finger at the UK's Conservative party for renaming its press account "factcheckUK" during a live TV debate.π Read
via "Naked Security".
Naked Security
Tories change Twitter name to βfactcheckUKβ during live TV debate
Twitter wagged its finger at the UKβs Conservative party for renaming its press account βfactcheckUKβ during a live TV debate.
π΄ What's in a WAF? π΄
π Read
via "Dark Reading: ".
Need a 101 lesson on Web application firewalls? Here's your crib sheet on what a WAF is, how it works, and what to look for when you're in the market for a new solution.π Read
via "Dark Reading: ".
Dark Reading
What's in a WAF?
Need a 101 lesson on Web application firewalls? Here's your crib sheet on what a WAF is, how it works, and what to look for when you're in the market for a new solution.
π΄ As Retailers Prepare for the Holiday Season, So Do Cybercriminals π΄
π Read
via "Dark Reading: ".
Online shoppers need to be wary about domain spoofing, fraudulent giveaways, and other scams, ZeroFOX study shows.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π Clam AntiVirus Toolkit 0.102.1 π
π Go!
via "Security Tool Files β Packet Storm".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Clam AntiVirus Toolkit 0.102.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Popular Apps on Google Play Store Remain Unpatched β
π Read
via "Threatpost".
Check Point researchers found that hundreds of marquee Android mobile apps still contain vulnerabilities that allow remote code executive even if users update.π Read
via "Threatpost".
Threat Post
Popular Apps on Google Play Store Remain Unpatched
Check Point researchers found that hundreds of marquee Android mobile apps still contain vulnerabilities that allow remote code-execution even if users update.
β Official Monero site delivers malicious cash-grabbing wallet β
π Read
via "Naked Security".
If you downloaded the Monero command line wallet recently, check it before using it.π Read
via "Naked Security".
Naked Security
Official Monero site delivers malicious cash-grabbing wallet
If you downloaded the Monero command line wallet recently, check it before using it.
π΄ Anatomy of a BEC Scam π΄
π Read
via "Dark Reading: ".
A look at the characteristics of real-world business email compromise attacks - and what makes them tick.π Read
via "Dark Reading: ".
Darkreading
Anatomy of a BEC Scam
A look at the characteristics of real-world business email compromise attacks β and what makes them tick.
β Download: 2019 Security Team Assessment Template β
π Read
via "Threatpost".
The Ultimate 2019 Security Team Assessment Template is a unique tool that encapsulates all the major KPIs of the organizational security teamβs main pillars.π Read
via "Threatpost".
Threat Post
Download: 2019 Security Team Assessment Template
The Ultimate 2019 Security Team Assessment Template is a unique tool that encapsulates all the major KPIs of the organizational security teamβs main pillars.
β Android camera bug could have turned phones against their users β
π Read
via "Naked Security".
Google has patched a bug in the Android camera app that allowed other applications to bypass the strict controls on camera and audio access.π Read
via "Naked Security".
Naked Security
Android camera bug could have turned phones against their users
Google has patched a bug in the Android camera app that allowed other applications to bypass the strict controls on camera and audio access.
π΄ The 'Department of No': Why CISOs Need to Cultivate a Middle Way π΄
π Read
via "Dark Reading: ".
A chief information security officer's job inherently involves conflict, but a go-along-to-get-along approach carries its own vulnerabilities and risks.π Read
via "Dark Reading: ".
Dark Reading
The 'Department of No': Why CISOs Need to Cultivate a Middle Way
A chief information security officer's job inherently involves conflict, but a go-along-to-get-along approach carries its own vulnerabilities and risks.