β Machine-raiding Python libraries squashed by community β
π Read
via "Naked Security".
Python developers have once again fallen victim to malicious software libraries lurking in their favourite package manager.π Read
via "Naked Security".
Naked Security
Machine-raiding Python libraries squashed by community
Python developers have once again fallen victim to malicious software libraries lurking in their favourite package manager.
π NERC Refocusing Cybersecurity Efforts π
π Read
via "Subscriber Blog RSS Feed ".
In the face of mounting attacks against critical infrastructure, NERC, which oversees the United States' electrical grid, is retooling how it addresses cybersecurity.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
NERC Refocusing Cybersecurity Efforts
In the face of mounting attacks against critical infrastructure, NERC, which oversees the United States' electrical grid, is retooling how it addresses cybersecurity.
β iCloud-hacking politician to be sentenced on Christmas eve β
π Read
via "Naked Security".
Former Dutch city council member Mitchel van der K invaded hundreds of iCloud accounts βfrequently and repeatedlyβ.π Read
via "Naked Security".
Naked Security
iCloud-hacking politician to be sentenced on Christmas eve
Former Dutch city council member Mitchel van der K invaded hundreds of iCloud accounts βfrequently and repeatedlyβ.
β Cookie-stealing malware wants to know your Facebook ad budget β
π Read
via "Naked Security".
The AdKoob malware that sneakily peeks at how much you're spending on ads is back.π Read
via "Naked Security".
Naked Security
Cookie-stealing malware wants to know your Facebook ad budget
The AdKoob malware that sneakily peeks at how much youβre spending on ads is back.
β Feds Offer $5M Reward to Nab βEvil Corpβ Dridex Hacker β
π Read
via "Threatpost".
Authorities cracked down on cybercrime group Evil Corp. with sanctions and charges against its leader, known for his lavish lifestyle.π Read
via "Threatpost".
Threat Post
Feds Offer $5M Reward to Nab βEvil Corpβ Dridex Hacker
Authorities cracked down on cybercrime group Evil Corp. with sanctions and charges against its leader, known for his lavish lifestyle.
β AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web β
π Read
via "Threatpost".
Names, addresses, phone numbers, call and text message records and account PINs were all caught up in a cloud misconfiguration.π Read
via "Threatpost".
Threat Post
AT&T, Verizon Subscribers Exposed as Mobile Bills Turn Up on the Open Web
Names, addresses, phone numbers, call and text message records and account PINs were all caught up in a cloud misconfiguration.
π΄ SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit π΄
π Read
via "Dark Reading: ".
Assessments can be used against your company in court proceedings. Here's how to mitigate this potential risk.π Read
via "Dark Reading: ".
Dark Reading
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Assessments can be used against your company in court proceedings. Here's how to mitigate this potential risk.
π΄ 10 Security 'Chestnuts' We Should Roast Over the Open Fire π΄
π Read
via "Dark Reading: ".
These outdated security rules we all know (and maybe live by) no longer apply.π Read
via "Dark Reading: ".
Dark Reading
10 Security 'Chestnuts' We Should Roast Over the Open Fire
These outdated security rules we all know (and maybe live by) no longer apply.
ATENTIONβΌ New - CVE-2012-1104
π Read
via "National Vulnerability Database".
A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.π Read
via "National Vulnerability Database".
π΄ With Aporeto, Palo Alto Looks Away from the Firewall and Toward the Future π΄
π Read
via "Dark Reading: ".
Seeing its firewall sales softening, the security vendor makes another acquisition to reorient itself for the cloud era.π Read
via "Dark Reading: ".
Dark Reading
With Aporeto, Palo Alto Looks Away from the Firewall and Toward the Future
Seeing its firewall sales softening, the security vendor makes another acquisition to reorient itself for the cloud era.
π΄ US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts π΄
π Read
via "Dark Reading: ".
Maksim Yakubets and his crew stole tens of millions using Zeus and Dridex, with victims including Bank of America, Key Bank, GenLabs, and United Dairy, DoJ says.π Read
via "Dark Reading: ".
Dark Reading
US Sets $5 Million Bounty For Russian Hacker Behind Zeus Banking Thefts
Maksim Yakubets and his crew stole tens of millions using Zeus and Dridex, with victims including Bank of America, Key Bank, GenLabs, and United Dairy, DoJ says.
π΄ VPN Flaw Allows Criminal Access to Everything on Victims' Computers π΄
π Read
via "Dark Reading: ".
Vulnerability in the Aviatrix VPN client, since patched, gives an attacker unlimited access to a breached system.π Read
via "Dark Reading: ".
Darkreading
VPN Flaw Allows Criminal Access to Everything on Victims' Computers
Vulnerability in the Aviatrix VPN client, since patched, gives an attacker unlimited access to a breached system.
β Ransomware Attack Hits Data Center Provider CyrusOne: Report β
π Read
via "Threatpost".
Security experts say the incident shows that cybercriminals are using ransomware to hit companies where it hurts.π Read
via "Threatpost".
Threat Post
Ransomware Attack Hits Data Center Provider CyrusOne: Report
Security experts say the incident shows that cybercriminals are using ransomware to hit companies where it hurts.
ATENTIONβΌ New - CVE-2012-1105
π Read
via "National Vulnerability Database".
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.π Read
via "National Vulnerability Database".
π How to use iCloud Keychain to manage passwords on your iPhone or iPad π
π Read
via "Security on TechRepublic".
Learn how iCloud Keychain can help you keep track of your app and website passwords.π Read
via "Security on TechRepublic".
TechRepublic
How to use iCloud Keychain to manage passwords on your iPhone or iPad
Learn how iCloud Keychain can help you keep track of your app and website passwords.
ATENTIONβΌ New - CVE-2012-1592
π Read
via "National Vulnerability Database".
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-1115
π Read
via "National Vulnerability Database".
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-1114
π Read
via "National Vulnerability Database".
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.π Read
via "National Vulnerability Database".
β OpenBSD devs patch authentication bypass bug β
π Read
via "Naked Security".
One of the internet's most popular free operating systems allowed attackers to bypass its authentication controls.π Read
via "Naked Security".
Naked Security
OpenBSD devs patch authentication bypass bug
One of the internetβs most popular free operating systems allowed attackers to bypass its authentication controls.
β Instagram trying to protect kids by getting dates of birth from new users β
π Read
via "Naked Security".
It's about showing age-appropriate content, it said. Though staying safe from child-privacy lawsuits doesn't hurt, either.π Read
via "Naked Security".
Naked Security
Instagram trying to protect kids by getting dates of birth from new users
Itβs about showing age-appropriate content, it said. Though staying safe from child-privacy lawsuits doesnβt hurt, either.
β US parents file class action against TikTok over childrenβs privacy β
π Read
via "Naked Security".
Collecting children's data without their guardians' consent is illegal under COPPA and already earned TikTok a huge fine.π Read
via "Naked Security".
Naked Security
US parents file class action against TikTok over childrenβs privacy
Collecting childrenβs data without their guardiansβ consent is illegal under COPPA and already earned TikTok a huge fine.