β Three Areas to Consider, to Focus Your Cyber-Plan β
π Read
via "Threatpost".
DNS, rogue employees and phishing/social engineering should be top of the list of threat areas for organizations to address.π Read
via "Threatpost".
Threat Post
Three Areas to Consider, to Focus Your Cyber-Plan
DNS, rogue employees and phishing/social engineering should be top of the list of threat areas for organizations to address.
π1
β ID Thieves Turn to Snail Mail as Juicy Target for Financial Crimes β
π Read
via "Threatpost".
Hackers turn to old-school mail-forwarding scams to commit modern-day ID theft and financial crimes.π Read
via "Threatpost".
Threat Post
ID Thieves Turn to Snail Mail as Juicy Target for Financial Crimes
As it gets harder for cybercriminals to bypass business email compromises defenses some hackers are switching from email scams to real mail cons. Researchers at Flashpoint said they are monitoring hacker forums where criminals are swapping tips on a growingβ¦
β Monday review β the hot 20 stories of the week β
π Read
via "Naked Security".
From a WhatsApp-attacking video file to the latest adopter of DNS-over-HTTPS, and everything in between. It's the weekly security roundup.π Read
via "Naked Security".
Naked Security
Monday review β the hot 20 stories of the week
From a WhatsApp-attacking video file to the latest adopter of DNS-over-HTTPS, and everything in between. Itβs the weekly security roundup.
β Russian hacker gets 4 years in jail for NeverQuest banking malware β
π Read
via "Naked Security".
The NeverQuest Trojan has been used by cybermuggers to try to weasel millions of dollars out of victimsβ bank accounts.π Read
via "Naked Security".
Naked Security
Hacker gets 4 years in jail for NeverQuest banking malware
The NeverQuest Trojan has been used by cybermuggers to try to weasel millions of dollars out of victimsβ bank accounts.
β Russian bans sale of devices that donβt come with βRussian softwareβ β
π Read
via "Naked Security".
The Russian Governmentβs campaign to control how its citizens use the internet seems to be gathering steam.π Read
via "Naked Security".
Naked Security
Russia to ban sale of devices that donβt come with βRussian softwareβ
The Russian Governmentβs campaign to control how its citizens use the internet seems to be gathering steam.
β Ad-blocking companies block βunblockableβ tracker β
π Read
via "Naked Security".
Ad-blockers have figured out a way to block the unblockable - a pernicious tracker technique that hides advertising networks in plain sight.π Read
via "Naked Security".
Naked Security
Ad-blocking companies block βunblockableβ tracker
Ad-blockers have figured out a way to block the unblockable β a pernicious tracker technique that hides advertising networks in plain sight.
β OneCoin crypto-scam lawyer found guilty of worldwide $400m fraud β
π Read
via "Naked Security".
A lawyer who boasted of making "50 by 50" - as in, $50m by the age of 50 - is now facing a potential 50+ years behind bars.π Read
via "Naked Security".
Naked Security
OneCoin crypto-scam lawyer found guilty of worldwide $400m fraud
A lawyer who boasted of making β50 by 50β β as in, $50m by the age of 50 β is now facing a potential 50+ years behind bars.
π΄ Time to Warn Users About Black Friday & Cyber Monday Scams π΄
π Read
via "Dark Reading: ".
Warn your employees to avoid the inevitable scams associated with these two "holidays," or you risk compromising your company's network.π Read
via "Dark Reading: ".
Dark Reading
Time to Warn Users About Black Friday & Cyber Monday Scams
Warn your employees to avoid the inevitable scams associated with these two holidays, or you risk compromising your company's network.
π΄ They See You When You're Shopping: Holiday Cybercrime Starts Early π΄
π Read
via "Dark Reading: ".
Researchers notice year-end phishing attacks starting in July and ramping up in September.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β PoS Malware Exposes Customer Data of Catch Restaurants β
π Read
via "Threatpost".
A newly announced data breach of several popular Catch restaurants stemmed from malware on its point-of-sale (PoS) systems.π Read
via "Threatpost".
Threat Post
PoS Malware Exposes Customer Data of Catch Restaurants
A newly announced data breach of several popular Catch restaurants stemmed from malware on its point-of-sale (PoS) systems.
π΄ New: 2019 State of the Internet / Security: Financial Services Attack Economy π΄
π Read
via "Dark Reading: ".
Every organization should be paying attention to the attacks targeting financial services systems.π Read
via "Dark Reading: ".
Dark Reading
New: 2019 State of the Internet / Security: Financial Services Attack Economy
Every organization should be paying attention to the attacks targeting financial services systems.
π΄ Home Safe: 20 Cybersecurity Tips for Your Remote Workers π΄
π Read
via "Dark Reading: ".
How can you protect your precious corporate endpoints from the mysterious dangers that might await when you're not by their side? Empower home office users with these tips.π Read
via "Dark Reading: ".
Dark Reading
Home Safe: 20 Cybersecurity Tips for Your Remote Workers
How can you protect your precious corporate endpoints from the mysterious dangers that might await when you're not by their side? Empower home office users with these tips.
π Meet Harlan Carvey, Digital Guardian's New Senior Threat Hunter π
π Read
via "Subscriber Blog RSS Feed ".
In this Q&A, we sit down with Harlan Carvey, Digital Guardian's new Senior Threat Hunter, to dig into how he approaches threat hunting, incident response, and more.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Meet Harlan Carvey, Digital Guardian's New Senior Threat Hunter
In this Q&A, we sit down with Harlan Carvey, Digital Guardian's new Senior Threat Hunter, to dig into how he approaches threat hunting, incident response, and more.
ATENTIONβΌ New - CVE-2011-4924
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2924 (debian_linux, fedora, foomatic-filters)
π Read
via "National Vulnerability Database".
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2923 (debian_linux, foomatic-filters)
π Read
via "National Vulnerability Database".
foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.π Read
via "National Vulnerability Database".
β NYPD Fingerprint Database Taken Offline to Thwart Ransomware β
π Read
via "Threatpost".
The malware was introduced to the police network via a contractor who was installing a digital display.π Read
via "Threatpost".
Threat Post
NYPD Fingerprint Database Taken Offline to Thwart Ransomware
The malware was introduced to the police network via a contractor who was installing a digital display.
π΄ T-Mobile Prepaid Hit by Significant Data Breach π΄
π Read
via "Dark Reading: ".
The breach, estimated to have affected more than a million customers, came from malicious external actors.π Read
via "Dark Reading: ".
Darkreading
T-Mobile Prepaid Hit by Significant Data Breach
The breach, estimated to have affected more than a million customers, came from malicious external actors.
π΄ Most Organizations Have Incomplete Vulnerability Information π΄
π Read
via "Dark Reading: ".
Companies that rely solely on CVE/NVD are missing 33% of disclosed flaws, Risk Based Security says.π Read
via "Dark Reading: ".
Dark Reading
Most Organizations Have Incomplete Vulnerability Information
Companies that rely solely on CVE/NVD are missing 33% of disclosed flaws, Risk Based Security says.
π΄ Tushu, Take Twoshu: Malicious SDK Reappears in Google Play π΄
π Read
via "Dark Reading: ".
Months after the Tushu SDK was found infecting Android apps on Google Play, its operators are back with new evasive techniques.π Read
via "Dark Reading: ".
Dark Reading
Tushu, Take Twoshu: Malicious SDK Reappears in Google Play
Months after the Tushu SDK was found infecting Android apps on Google Play, its operators are back with new evasive techniques.
β TrickBot Evolves to Go After SSH Keys β
π Read
via "Threatpost".
The info-stealing malware has updated its password-grabbing module.π Read
via "Threatpost".
Threat Post
TrickBot Evolves to Go After SSH Keys
The info-stealing malware has updated its password-grabbing module.