β Fake Android apps uploaded to Play store by notorious Sandworm hackers β
π Read
via "Naked Security".
The Russian βSandwormβ hacking group has been caught repeatedly uploading fake and modified Android apps to Googleβs Play Store.π Read
via "Naked Security".
Naked Security
Fake Android apps uploaded to Play store by notorious Sandworm hackers
The Russian βSandwormβ hacking group has been caught repeatedly uploading fake and modified Android apps to Googleβs Play Store.
β Insecure Database Exposes Millions of Private SMS Messages β
π Read
via "Threatpost".
Researchers discovered an unprotected TrueDialog database hosted by Microsoft Azure with diverse and business-related data from tens of millions of users.π Read
via "Threatpost".
Threat Post
Insecure Database Exposes Millions of Private SMS Messages
Researchers discovered an unprotected TrueDialog database hosted by Microsoft Azure with diverse and business-related data from tens of millions of users.
π΄ 3 Modern Myths of Threat Intelligence π΄
π Read
via "Dark Reading: ".
More intelligence does not lead to more security. Here's why.π Read
via "Dark Reading: ".
Darkreading
3 Modern Myths of Threat Intelligence
More intelligence does not lead to more security. Here's why.
β Smart TVs: The Cyberthreat Lurking in Your Living Room, Feds Warn β
π Read
via "Threatpost".
TV takeover, privacy threats, botnet concerns and Wi-Fi network compromise are all big concerns when it comes to connected TVs.π Read
via "Threatpost".
Threat Post
Smart TVs: The Cyberthreat Lurking in Your Living Room, Feds Warn
TV takeover, privacy threats, botnet concerns and Wi-Fi network compromise are all big concerns when it comes to connected TVs.
π΄ New: State of the Internet: Web Attacks and Gaming Abuse π΄
π Read
via "Dark Reading: ".
Attackers see credential abuse as a low-risk venture with potential for a high payout, at least for now.π Read
via "Dark Reading: ".
Dark Reading
New: State of the Internet: Web Attacks and Gaming Abuse
Attackers see credential abuse as a low-risk venture with potential for a high payout, at least for now.
β CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies β
π Read
via "Threatpost".
A newly proposed CISA directive would require all U.S. agencies to develop and implement vulnerability disclosure processes for their internet connected systems.π Read
via "Threatpost".
Threat Post
CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies
A newly proposed CISA directive would require all U.S. agencies to develop and implement vulnerability disclosure processes for their internet connected systems.
π SafeBreach catches 3 major vulnerabilities with Trend Micro, Autodesk and Kaspersky π
π Read
via "Security on TechRepublic".
The issues have been patched or solved but researchers say they represent a worrying step in how attackers can manipulate trusted security systems.π Read
via "Security on TechRepublic".
TechRepublic
SafeBreach catches 3 major vulnerabilities with Trend Micro, Autodesk and Kaspersky
The issues have been patched or solved but researchers say they represent a worrying step in how attackers can manipulate trusted security systems.
π Synack's Trust Report uses Attacker Resistance Score to rate cybersecurity defenses π
π Read
via "Security on TechRepublic".
Manufacturers and utilities rank highest while e-commerce companies come in last.π Read
via "Security on TechRepublic".
TechRepublic
Synack's Trust Report uses Attacker Resistance Score to rate cybersecurity defenses
Manufacturers and utilities rank highest while e-commerce companies come in last.
π Report: APT gang increased cyberattacks on businesses in Q3 π
π Read
via "Security on TechRepublic".
Hackers used email addresses, malicious Word docs, and compromised SharePoint sites to deliver malware.π Read
via "Security on TechRepublic".
TechRepublic
Report: APT gang increased cyberattacks on businesses in Q3
Hackers used email addresses, malicious Word docs, and compromised SharePoint sites to deliver malware.
π΄ Data from 21M Mixcloud Users Compromised in Breach π΄
π Read
via "Dark Reading: ".
The music streaming service received reports indicating attackers gained unauthorized access to its systems.π Read
via "Dark Reading: ".
Darkreading
Data from 21M Mixcloud Users Compromised in Breach
The music streaming service received reports indicating attackers gained unauthorized access to its systems.
π΄ Sharing Is Caring π΄
π Read
via "Dark Reading: ".
Do you do any cybersecurity-related volunteer work?π Read
via "Dark Reading: ".
Dark Reading
Sharing Is Caring
Do you do any cybersecurity-related volunteer work?
π΄ Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition π΄
π Read
via "Dark Reading: ".
Make your favorite security experts laugh with these affordable holiday gifts.π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition
Make your favorite security experts laugh with these affordable holiday gifts.
β Authorities Break Up Imminent Monitor Spyware Organization β
π Read
via "Threatpost".
The infrastructure behind a remote access tool (RAT) allowing full remote takeover of a victim machine has been dismantled.π Read
via "Threatpost".
Threat Post
Authorities Break Up Imminent Monitor Spyware Organization
The infrastructure behind a remote access tool (RAT) allowing full remote takeover of a victim machine has been dismantled.
π SQLMAP - Automatic SQL Injection Tool 1.3.12 π
π Go!
via "Security Tool Files β Packet Storm".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.3.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π I2P 0.9.44 π
π Go!
via "Security Tool Files β Packet Storm".
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
I2P 0.9.44 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Microsoft Fixes Flaw Threatening Azure Accounts π΄
π Read
via "Dark Reading: ".
Researchers detail a bug they found in some of Microsoft's OAuth 2.0 applications.π Read
via "Dark Reading: ".
Dark Reading
Cloud Security recent news | Dark Reading
Explore the latest news and expert commentary on Cloud Security, brought to you by the editors of Dark Reading
β Microsoft OAuth Flaw Opens Azure Accounts to Takeover β
π Read
via "Threatpost".
The Microsoft applications are vulnerable to an OAuth authentication flaw that could enable Azure account takeover.π Read
via "Threatpost".
Threat Post
Microsoft OAuth Flaw Opens Azure Accounts to Takeover
Some Microsoft applications are vulnerable to an OAuth authentication flaw that could enable Azure account takeover.
π΄ Poll Results: Security Pros Make The (Hypothetically) Ultimate Data Decision π΄
π Read
via "Dark Reading: ".
What if you could protect only one category of your organization's data?π Read
via "Dark Reading: ".
Dark Reading
Poll Results: Security Pros Make The (Hypothetically) Ultimate Data Decision
What if you could protect only one category of your organization's data?
π΄ StrandHogg Vulnerability Affects All Versions of Android π΄
π Read
via "Dark Reading: ".
The bug enables malware to pose as any legitimate Android app, letting attackers track messages, photos, credentials, and phone conversations.π Read
via "Dark Reading: ".
Dark Reading
StrandHogg Vulnerability Affects All Versions of Android
The bug enables malware to pose as any legitimate Android app, letting attackers track messages, photos, credentials, and phone conversations.
π΄ DHS to Require Federal Agencies Set Vulnerability Disclosure Policies π΄
π Read
via "Dark Reading: ".
The Cybersecurity and Infrastructure Security Agency (CISA) publishes a draft document mandating a vulnerability disclosure policy and a strategy for handling reports of security weaknesses.π Read
via "Dark Reading: ".
Dark Reading
DHS to Require Federal Agencies to Set Vulnerability Disclosure Policies
The Cybersecurity and Infrastructure Security Agency (CISA) publishes a draft document mandating a vulnerability disclosure policy and a strategy for handling reports of security weaknesses.