β OpenBSD devs patch authentication bypass bug β
π Read
via "Naked Security".
One of the internet's most popular free operating systems allowed attackers to bypass its authentication controls.π Read
via "Naked Security".
Naked Security
OpenBSD devs patch authentication bypass bug
One of the internetβs most popular free operating systems allowed attackers to bypass its authentication controls.
β Instagram trying to protect kids by getting dates of birth from new users β
π Read
via "Naked Security".
It's about showing age-appropriate content, it said. Though staying safe from child-privacy lawsuits doesn't hurt, either.π Read
via "Naked Security".
Naked Security
Instagram trying to protect kids by getting dates of birth from new users
Itβs about showing age-appropriate content, it said. Though staying safe from child-privacy lawsuits doesnβt hurt, either.
β US parents file class action against TikTok over childrenβs privacy β
π Read
via "Naked Security".
Collecting children's data without their guardians' consent is illegal under COPPA and already earned TikTok a huge fine.π Read
via "Naked Security".
Naked Security
US parents file class action against TikTok over childrenβs privacy
Collecting childrenβs data without their guardiansβ consent is illegal under COPPA and already earned TikTok a huge fine.
β Mac users targetted by Lazarus βfilelessβ Trojan β
π Read
via "Naked Security".
The Lazarus hacking group are trying to sneak a βfilelessβ Trojan on to Apple computers, disguised as a fake cryptocurrency trading program.π Read
via "Naked Security".
Naked Security
Mac users targetted by Lazarus βfilelessβ Trojan
The Lazarus hacking group are trying to sneak a βfilelessβ Trojan on to Apple computers, disguised as a fake cryptocurrency trading program.
β Stealthy MacOS Malware Tied to Lazarus APT β
π Read
via "Threatpost".
Researcher discovered a MacOS trojan hiding behind a fake crypto trading platform believed to be the work of the state-sponsored North Korean hackers behind WannaCry.π Read
via "Threatpost".
Threat Post
Stealthy MacOS Malware Tied to Lazarus APT
Researcher discovered a MacOS trojan hiding behind a fake crypto trading platform believed to be the work of the state-sponsored North Korean hackers behind WannaCry.
π Friday Five: 12/6 Edition π
π Read
via "Subscriber Blog RSS Feed ".
A new data breach report highlights risks for 2020, a website selling spying tools taken down, and more - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 12/6 Edition
A new data breach report highlights risks for 2020, a website selling spying tools taken down, and more - catch up on the week's news with the Friday Five.
β Facebook Alleges Company Infiltrated Thousands for Ad Fraud β
π Read
via "Threatpost".
Facebook has paid over $4 million to victims to reimburse them for the unauthorized ads purchased using their ad accounts.π Read
via "Threatpost".
Threat Post
Facebook Alleges Company Infiltrated User Accounts for Ad Fraud
Facebook has paid over $4 million to victims to reimburse them for the unauthorized ads purchased using their ad accounts.
π΄ Success Enablers or Silent Killers? π΄
π Read
via "Dark Reading: ".
These five success enablers will help CISOs report, measure, and demonstrate ROI to the C-suite.π Read
via "Dark Reading: ".
Dark Reading
Success Enablers or Silent Killers?
These five success enablers will help CISOs report, measure, and demonstrate ROI to the C-suite.
β Linux Bug Opens Most VPNs to Hijacking β
π Read
via "Threatpost".
In a coffee-shop scenario, attackers can hijack "secure" VPN sessions of those working remotely, injecting data into their TCP streams.π Read
via "Threatpost".
Threat Post
Linux Bug Opens Most VPNs to Hijacking
In a coffee-shop scenario, attackers can hijack "secure" VPN sessions of those working remotely, injecting data into their TCP streams.
π΄ Mega Breaches Are Forcing Us to a Passwordless World. Are We Finally Ready? π΄
π Read
via "Dark Reading: ".
Passwordless authentication advocates see 2020 as a potential turning point year for the technology. But can the industry get off the dime?π Read
via "Dark Reading: ".
Dark Reading
Mega Breaches Are Forcing Us to a Passwordless World. Are We Finally Ready?
Passwordless authentication advocates see 2020 as a potential turning point year for the technology. But can the industry get off the dime?
π΄ Senators Call for End to Controversial NSA Program π΄
π Read
via "Dark Reading: ".
The program for collecting telephone call metadata has faced increased scrutiny and restrictions since Edward Snowden revealed its existence in 2013.π Read
via "Dark Reading: ".
Dark Reading
Senators Call for End to Controversial NSA Program
The program for collecting telephone call metadata has faced increased scrutiny and restrictions since Edward Snowden revealed its existence in 2013.
ATENTIONβΌ New - CVE-2012-1615
π Read
via "National Vulnerability Database".
A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file.π Read
via "National Vulnerability Database".
π΄ Data Center Provider CyrusOne Confirms Ransomware Attack π΄
π Read
via "Dark Reading: ".
The attack struck CyrusOne's managed services division and compromised six customers primarily serviced by a New York data center.π Read
via "Dark Reading: ".
Darkreading
Data Center Provider CyrusOne Confirms Ransomware Attack
The attack struck CyrusOne's managed services division and compromised six customers primarily serviced by a New York data center.
β News Wrap: Authorities Target Evil Corp., Imminent Monitor, Money Mules β
π Read
via "Threatpost".
In this past week, the authorities have cracked down on various BEC scams and cybercrime gangs.π Read
via "Threatpost".
Threatpost
News Wrap: Authorities Target Evil Corp., Imminent Monitor, Money Mules
In this past week, the authorities have cracked down on various BEC scams and cybercrime gangs.
β Feds Crack Down on Money Mules, Warn of BEC Scams β
π Read
via "Threatpost".
Authorities say they have halted over 600 domestic money mules β exceeding the 400 money mules stopped last year.π Read
via "Threatpost".
Threat Post
Feds Crack Down on Money Mules, Warn of BEC Scams
Authorities say they have halted over 600 domestic money mules β exceeding the 400 money mules stopped last year.
π TeamViewer unveils new patch management system π
π Read
via "Security on TechRepublic".
The new tool will provide IT departments with system-wide visibility of all the patches needed.π Read
via "Security on TechRepublic".
TechRepublic
TeamViewer unveils new patch management system
The new tool will provide IT departments with system-wide visibility of all the patches needed.
π Analysts worry about tech security threats ahead of 2020 elections π
π Read
via "Security on TechRepublic".
Security experts say most voting machines are safe and secure, but disinformation campaigns on platforms like Facebook and Twitter need to be addressed.π Read
via "Security on TechRepublic".
TechRepublic
Analysts worry about tech security threats ahead of 2020 elections
Security experts say most voting machines are safe and secure, but disinformation campaigns on platforms like Facebook and Twitter need to be addressed.
ATENTIONβΌ New - CVE-2012-2148
π Read
via "National Vulnerability Database".
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policiesπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-2130
π Read
via "National Vulnerability Database".
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-2092
π Read
via "National Vulnerability Database".
A Security Bypass vulnerability exists in Ubuntu Cobbler before 2,2,2 in the cobbler-ubuntu-import script due to an error when verifying the GPG signature.π Read
via "National Vulnerability Database".
π΄ How Attackers Used Look-Alike Domains to Steal $1 Million From a Chinese VC π΄
π Read
via "Dark Reading: ".
Money meant to fund an Israeli startup wound up directly deposited to the scammers.π Read
via "Dark Reading: ".
Dark Reading
How Attackers Used Look-Alike Domains to Steal $1 Million From a Chinese VC
Money meant to fund an Israeli startup wound up directly deposited to the scammers.