π΄ Security 101: What Is a Man-in-the-Middle Attack? π΄
π Read
via "Dark Reading: ".
A breakdown of the common ways criminals employ MitM techniques to snare victims, and tips for protecting users from these dirty tricks.π Read
via "Dark Reading: ".
Dark Reading
Security 101: What Is a Man-in-the-Middle Attack?
A breakdown of the common ways criminals employ MitM techniques to snare victims, and tips for protecting users from these dirty tricks.
π΄ Blink Cameras Found with Multiple Vulnerabilities π΄
π Read
via "Dark Reading: ".
Researchers found three broad types of vulnerabilities, one of which should be particularly concerning to consumers.π Read
via "Dark Reading: ".
Dark Reading
Blink Cameras Found with Multiple Vulnerabilities
Researchers found three broad types of vulnerabilities, one of which should be particularly concerning to consumers.
π Executive Stole Trade Secrets, Then Lied About It π
π Read
via "Subscriber Blog RSS Feed ".
In a lawsuit filed last week, the company claims the ex-executive stole and retained confidential and trade secret data and lied to cover it up.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Executive Stole Trade Secrets, Then Lied About It
In a lawsuit filed last week, the company claims the ex-executive stole and retained confidential and trade secret data and lied to cover it up.
β Microsoft Zaps Actively Exploited Zero-Day Bug β
π Read
via "Threatpost".
December 2019's relatively light Patch Tuesday update also fixes seven critical flaws.π Read
via "Threatpost".
Threat Post
Microsoft Zaps Actively Exploited Zero-Day Bug
December 2019's relatively light Patch Tuesday update also fixes seven critical flaws.
ATENTIONβΌ New - CVE-2012-5620
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-1577
π Read
via "National Vulnerability Database".
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.π Read
via "National Vulnerability Database".
π Your open source gift giving guide for 2019 π
π Read
via "Security on TechRepublic".
'Tis the season for open source gifts. But what to buy? Jack Wallen has a few ideas that are sure to put a smile on the faces of the open source lovers in your life.π Read
via "Security on TechRepublic".
TechRepublic
Your open source gift giving guide for 2019
'Tis the season for open source gifts. But what to buy? Jack Wallen has a few ideas that are sure to put a smile on the faces of the open source lovers in your life.
π΄ Microsoft Fixes Windows Zero-Day on Lightest Patch Tuesday of 2019 π΄
π Read
via "Dark Reading: ".
This month's batch of security updates addresses 36 CVEs, seven of which are rated Critical and one of which has been exploited in the wild.π Read
via "Dark Reading: ".
Darkreading
Microsoft Fixes Windows Zero-Day on Lightest Patch Tuesday of 2019
This month's batch of security updates addresses 36 CVEs, seven of which are rated Critical and one of which has been exploited in the wild.
π΄ Data Leak Week: Billions of Sensitive Files Exposed Online π΄
π Read
via "Dark Reading: ".
A total of 2.7 billion email addresses, 1 billion email account passwords, and nearly 800,000 applications for copies of birth certificate were found on unsecured cloud buckets.π Read
via "Dark Reading: ".
Dark Reading
Data Leak Week: Billions of Sensitive Files Exposed Online
A total of 2.7 billion email addresses, 1 billion email account passwords, and nearly 800,000 applications for copies of birth certificate were found on unsecured cloud buckets.
π Zeek 3.0.1 π
π Go!
via "Security Tool Files β Packet Storm".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Zeek 3.0.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Ad industry groups ask that the CCPA keep its mitts off their cookies β
π Read
via "Naked Security".
Ad-blocking technologies can block the cookies that record consumers' privacy choices, they claim.π Read
via "Naked Security".
Naked Security
Ad industry groups ask that the CCPA keep its mitts off their cookies
Ad-blocking technologies can block the cookies that record consumersβ privacy choices, they claim.
β FTC warns Christmas buyers that smart toys are a security risk β
π Read
via "Naked Security".
Thinking of giving a young person an internet-connected βsmartβ toy this Christmas? You may want to think again.π Read
via "Naked Security".
Naked Security
FTC warns Christmas buyers that smart toys are a security risk
Thinking of giving a young person an internet-connected βsmartβ toy this Christmas? You may want to think again.
β DoItForState domain name thief gets 14 years for pistol-whipping plot β
π Read
via "Naked Security".
He hired his cousin to break in, hold the rightful domain holder at gunpoint, and force a transfer to his own GoDaddy account.π Read
via "Naked Security".
Naked Security
DoItForState domain name thief gets 14 years for pistol-whipping plot
He hired his cousin to break in, hold the rightful domain holder at gunpoint, and force a transfer to his own GoDaddy account.
β Windows 10 Mobile receives its last security patches β
π Read
via "Naked Security".
If youβre one of the tiny hardcore still using Windows 10 Mobile, 10 December 2019 is probably a day youβve been dreading for nearly a year.π Read
via "Naked Security".
Naked Security
Windows 10 Mobile receives its last security patches
If youβre one of the tiny hardcore still using Windows 10 Mobile, 10 December 2019 is probably a day youβve been dreading for nearly a year.
β Lazarus APT Collaborates with Trickbotβs Anchor Project β
π Read
via "Threatpost".
An unprecedented connection between the North Korean APT and the crimeware giant spells trouble for global banks and other cybercrime targets.π Read
via "Threatpost".
Threat Post
Lazarus APT Collaborates with Trickbotβs Anchor Project
An unprecedented connection between the North Korean APT and the crimeware giant spells trouble for global banks and other cybercrime targets.
π 63% of organizations face security breaches due to hardware vulnerabilities π
π Read
via "Security on TechRepublic".
While hardware-level attacks are high, only 59% of companies have implemented a hardware security strategy, Dell and Forrester found.π Read
via "Security on TechRepublic".
TechRepublic
63% of organizations face security breaches due to hardware vulnerabilities
While hardware-level attacks are high, only 59% of companies have implemented a hardware security strategy, Dell and Forrester found.
π΄ Big Changes Are Coming to Security Analytics & Operations π΄
π Read
via "Dark Reading: ".
New ESG research points to fundamental problems, a need for scalable security data pipelines, and a migration to the public cloud.π Read
via "Dark Reading: ".
Darkreading
Big Changes Are Coming to Security Analytics & Operations
New ESG research points to fundamental problems, a need for scalable security data pipelines, and a migration to the public cloud.
π΄ City of Pensacola, Fla., Confirms Ransomware Attack π΄
π Read
via "Dark Reading: ".
Most systems remain offline to prevent the attack from spreading.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Modern Intel CPUs Plagued By Plundervolt Attack β
π Read
via "Threatpost".
The Intel attack uses a similar technique that gamers commonly use to overclock their CPUs.π Read
via "Threatpost".
Threat Post
Modern Intel CPUs Plagued By Plundervolt Attack
The Intel attack uses a similar technique that gamers commonly use to overclock their CPUs.
π΄ Only Half of Malware Caught by Signature AV π΄
π Read
via "Dark Reading: ".
Machine learning and behavioral detection are necessary to catch threats, WatchGuard says in a new report. Meanwhile, network attacks have risen, especially against older vulnerabilities, such as those in Apache Struts.π Read
via "Dark Reading: ".
Darkreading
Only Half of Malware Caught by Signature AV
Machine learning and behavioral detection are necessary to catch threats, WatchGuard says in a new report. Meanwhile, network attacks have risen, especially against older vulnerabilities, such as those in Apache Struts.
π΄ Nation-State Attackers May Have Co-opted Vega Ransomware π΄
π Read
via "Dark Reading: ".
The tactics used by the latest version of the Vega cryptolocker program indicates the code may have been stolen from its authors and is now being used for destructive attacks, a new report suggests.π Read
via "Dark Reading: ".
Dark Reading
Nation-State Attackers May Have Co-opted Vega Ransomware - Dark Reading
The tactics used by the latest version of the Vega cryptolocker program indicates the code may have been stolen from its authors and is now being used for destructive attacks, a new report suggests.