π SafeBreach catches 3 major vulnerabilities with Trend Micro, Autodesk and Kaspersky π
π Read
via "Security on TechRepublic".
The issues have been patched or solved but researchers say they represent a worrying step in how attackers can manipulate trusted security systems.π Read
via "Security on TechRepublic".
TechRepublic
SafeBreach catches 3 major vulnerabilities with Trend Micro, Autodesk and Kaspersky
The issues have been patched or solved but researchers say they represent a worrying step in how attackers can manipulate trusted security systems.
π Synack's Trust Report uses Attacker Resistance Score to rate cybersecurity defenses π
π Read
via "Security on TechRepublic".
Manufacturers and utilities rank highest while e-commerce companies come in last.π Read
via "Security on TechRepublic".
TechRepublic
Synack's Trust Report uses Attacker Resistance Score to rate cybersecurity defenses
Manufacturers and utilities rank highest while e-commerce companies come in last.
π Report: APT gang increased cyberattacks on businesses in Q3 π
π Read
via "Security on TechRepublic".
Hackers used email addresses, malicious Word docs, and compromised SharePoint sites to deliver malware.π Read
via "Security on TechRepublic".
TechRepublic
Report: APT gang increased cyberattacks on businesses in Q3
Hackers used email addresses, malicious Word docs, and compromised SharePoint sites to deliver malware.
π΄ Data from 21M Mixcloud Users Compromised in Breach π΄
π Read
via "Dark Reading: ".
The music streaming service received reports indicating attackers gained unauthorized access to its systems.π Read
via "Dark Reading: ".
Darkreading
Data from 21M Mixcloud Users Compromised in Breach
The music streaming service received reports indicating attackers gained unauthorized access to its systems.
π΄ Sharing Is Caring π΄
π Read
via "Dark Reading: ".
Do you do any cybersecurity-related volunteer work?π Read
via "Dark Reading: ".
Dark Reading
Sharing Is Caring
Do you do any cybersecurity-related volunteer work?
π΄ Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition π΄
π Read
via "Dark Reading: ".
Make your favorite security experts laugh with these affordable holiday gifts.π Read
via "Dark Reading: ".
Dark Reading
Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition
Make your favorite security experts laugh with these affordable holiday gifts.
β Authorities Break Up Imminent Monitor Spyware Organization β
π Read
via "Threatpost".
The infrastructure behind a remote access tool (RAT) allowing full remote takeover of a victim machine has been dismantled.π Read
via "Threatpost".
Threat Post
Authorities Break Up Imminent Monitor Spyware Organization
The infrastructure behind a remote access tool (RAT) allowing full remote takeover of a victim machine has been dismantled.
π SQLMAP - Automatic SQL Injection Tool 1.3.12 π
π Go!
via "Security Tool Files β Packet Storm".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.3.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π I2P 0.9.44 π
π Go!
via "Security Tool Files β Packet Storm".
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
I2P 0.9.44 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Microsoft Fixes Flaw Threatening Azure Accounts π΄
π Read
via "Dark Reading: ".
Researchers detail a bug they found in some of Microsoft's OAuth 2.0 applications.π Read
via "Dark Reading: ".
Dark Reading
Cloud Security recent news | Dark Reading
Explore the latest news and expert commentary on Cloud Security, brought to you by the editors of Dark Reading
β Microsoft OAuth Flaw Opens Azure Accounts to Takeover β
π Read
via "Threatpost".
The Microsoft applications are vulnerable to an OAuth authentication flaw that could enable Azure account takeover.π Read
via "Threatpost".
Threat Post
Microsoft OAuth Flaw Opens Azure Accounts to Takeover
Some Microsoft applications are vulnerable to an OAuth authentication flaw that could enable Azure account takeover.
π΄ Poll Results: Security Pros Make The (Hypothetically) Ultimate Data Decision π΄
π Read
via "Dark Reading: ".
What if you could protect only one category of your organization's data?π Read
via "Dark Reading: ".
Dark Reading
Poll Results: Security Pros Make The (Hypothetically) Ultimate Data Decision
What if you could protect only one category of your organization's data?
π΄ StrandHogg Vulnerability Affects All Versions of Android π΄
π Read
via "Dark Reading: ".
The bug enables malware to pose as any legitimate Android app, letting attackers track messages, photos, credentials, and phone conversations.π Read
via "Dark Reading: ".
Dark Reading
StrandHogg Vulnerability Affects All Versions of Android
The bug enables malware to pose as any legitimate Android app, letting attackers track messages, photos, credentials, and phone conversations.
π΄ DHS to Require Federal Agencies Set Vulnerability Disclosure Policies π΄
π Read
via "Dark Reading: ".
The Cybersecurity and Infrastructure Security Agency (CISA) publishes a draft document mandating a vulnerability disclosure policy and a strategy for handling reports of security weaknesses.π Read
via "Dark Reading: ".
Dark Reading
DHS to Require Federal Agencies to Set Vulnerability Disclosure Policies
The Cybersecurity and Infrastructure Security Agency (CISA) publishes a draft document mandating a vulnerability disclosure policy and a strategy for handling reports of security weaknesses.
π΄ Kali Linux Gets New Desktop Environment & Undercover Theme π΄
π Read
via "Dark Reading: ".
Updates to pen-testing platform are designed to improve performance and user interface, says Offensive Security, maintainer of the open source project.π Read
via "Dark Reading: ".
Dark Reading
Kali Linux Gets New Desktop Environment & Undercover Theme
Updates to pen-testing platform are designed to improve performance and user interface, says Offensive Security, maintainer of the open source project.
β Ad fraud: Fake local news sites are rolling in the dough β
π Read
via "Naked Security".
"forbesbusinessinsider.com?" Names like that sound close enough to real news domains to pass, but bots are the only ones visiting.π Read
via "Naked Security".
Naked Security
Ad fraud: Fake local news sites are rolling in the dough
βforbesbusinessinsider.com?β Names like that sound close enough to real news domains to pass, but bots are the only ones visiting.
β IM RAT spy tool seller raided, busted, kicked offline β
π Read
via "Naked Security".
The spyware gave complete control of victimized computers, sold for as little as$25, and was bought by 14,500 hackers worldwide.π Read
via "Naked Security".
Naked Security
IM RAT spy tool seller raided, busted, kicked offline
The spyware gave complete control of victimized computers, sold for as little as$25, and was bought by 14,500 hackers worldwide.
β Mixcloud user accounts up for sale on dark web β
π Read
via "Naked Security".
A hacker is ransoming account data stolen from music streaming service Mixcloud, according to reports.π Read
via "Naked Security".
Naked Security
Mixcloud user accounts up for sale on dark web
A hacker is ransoming account data stolen from music streaming service Mixcloud, according to reports.
β SMS company exposes millions of text messages, credentials online β
π Read
via "Naked Security".
Researchers at VpnMentor claim that the TrueDialog data leak exposure could have compromised tens of millions of people.π Read
via "Naked Security".
Naked Security
SMS company exposes millions of text messages, credentials online
Researchers at VpnMentor claim that the TrueDialog data leak exposure could have compromised tens of millions of people.
β βStrandHoggβ Vulnerability Allows Malware to Pose as Legitimate Android Apps β
π Read
via "Threatpost".
The flaw can allow hackers to take over typical device functions like sending messages and taking photos because users think malicious activity is a mobile app they use regularly.π Read
via "Threatpost".
Threat Post
βStrandHoggβ Vulnerability Allows Malware to Pose as Legitimate Android Apps
The flaw can allow hackers to take over typical device functions like sending messages and taking photos because users think malicious activity is a mobile app they use regularly.