π How to install and use Firejail on Linux π
π Read
via "Security on TechRepublic".
Firejail allows you to easily sandbox Linux applications. Find out how to add this extra layer of security.π Read
via "Security on TechRepublic".
TechRepublic
How to install and use Firejail on Linux
Firejail allows you to easily sandbox Linux applications. Find out how to add this extra layer of security.
π How to enable 2FA for Docker Hub π
π Read
via "Security on TechRepublic".
If you're concerned about the security of your code within Docker Hub, you might want to enable two-factor authentication.π Read
via "Security on TechRepublic".
π How to enable 2FA for Docker Hub π
π Read
via "Security on TechRepublic".
If you're concerned about the security of your code within Docker Hub, you might want to enable two-factor authentication.π Read
via "Security on TechRepublic".
TechRepublic
How to enable 2FA for Docker Hub
If you're concerned about the security of your code within Docker Hub, you might want to enable two-factor authentication.
β Happy Holidays β and big thanks to everyone whoβs working today! β
π Read
via "Naked Security".
Yes. there's a message in the Christmas tree.π Read
via "Naked Security".
Naked Security
Happy Holidays β and big thanks to everyone whoβs working today!
Yes. thereβs a message in the Christmas tree.
ATENTIONβΌ New - CVE-2018-18288
π Read
via "National Vulnerability Database".
CrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection.π Read
via "National Vulnerability Database".
π΄ The Year of Magecart: How the E-Commerce Raiders Reigned in 2019 π΄
π Read
via "Dark Reading: ".
π Read
via "Dark Reading: ".
Dark Reading
The Year of Magecart: How the E-Commerce Raiders Reigned in 2019
Breaching British Airways, Ticketmaster, and Macy's, Magecart attack groups sharply rose in sophistication and pervasiveness this year -- and show no signs of slowing down.
π΄ Ransomware Situation Goes From Bad to Worse π΄
π Read
via "Dark Reading: ".
New malware distribution techniques and functionality updates are sure to put more pressure on enterprise organizations in 2020.π Read
via "Dark Reading: ".
Darkreading
Ransomware Situation Goes From Bad to Worse
New malware distribution techniques and functionality updates are sure to put more pressure on enterprise organizations in 2020.
β Top 10 Breaches and Leaky Server Screw Ups of 2019 β
π Read
via "Threatpost".
2019 was a banner year for data exposures, with billions of people affected by cloud misconfigurations, hacks and poor security practices in general. Here's the Threatpost Top 10 for data-breach news of the year, featuring all the low-lights.π Read
via "Threatpost".
Threat Post
Top 10 Breaches and Leaky Server Screw Ups of 2019
2019 was a banner year for data exposures, with billions of people affected.
β Combining AI and Playbooks to Predict Cyberattacks β
π Read
via "Threatpost".
Mature machine learning can analyze attack strategies and look for underlying patterns that the AI system can use to predict an attacker's next move.π Read
via "Threatpost".
Threat Post
Combining AI and Playbooks to Predict Cyberattacks
Mature machine learning can analyze attack strategies and look for underlying patterns that the AI system can use to predict an attacker's next move.
β Apple iCloud βdata dumpβ extortionist avoids prison β
π Read
via "Naked Security".
He claimed to have logins for millions of iCloud accounts, and told Apple he'd shut them all down unless he received a payoff.π Read
via "Naked Security".
Naked Security
Apple iCloud βdata dumpβ extortionist avoids prison
He claimed to have logins for millions of iCloud accounts, and told Apple heβd shut them all down unless he received a payoff.
π΄ 'Honoring' CCPA's Binding Principles Nationally Won't Be Easy π΄
π Read
via "Dark Reading: ".
Even companies with the reach, capital, and innovative capacity of Microsoft or Google will struggle to adhere to the tenets of California's new consumer privacy law.π Read
via "Dark Reading: ".
Darkreading
'Honoring' CCPA's Binding Principles Nationally Won't Be Easy
Even companies with the reach, capital, and innovative capacity of Microsoft or Google will struggle to adhere to the tenets of California's new consumer privacy law.
β Critical Citrix Bug Puts 80,000 Corporate LANs at Risk β
π Read
via "Threatpost".
The flaw resides in the Citrix Application Delivery Controller and Gateway.π Read
via "Threatpost".
Threat Post
Critical Citrix Bug Puts 80,000 Corporate LANs at Risk
The flaw resides in the Citrix Application Delivery Controller and Gateway.
ATENTIONβΌ New - CVE-2018-20492
π Read
via "National Vulnerability Database".
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-2736
π Read
via "National Vulnerability Database".
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-1474
π Read
via "National Vulnerability Database".
A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap after a MAP_GROWSDOWN mmap will create an infinite loop condition without releasing the VM semaphore eventually leading to a system crash.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-5290
π Read
via "National Vulnerability Database".
ircd-ratbox 3.0.9 mishandles the MONITOR command which allows remote attackers to cause a denial of service (system out-of-memory event).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4318
π Read
via "National Vulnerability Database".
File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-2011
π Read
via "National Vulnerability Database".
WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-4420
π Read
via "National Vulnerability Database".
An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-3462
π Read
via "National Vulnerability Database".
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-3088
π Read
via "National Vulnerability Database".
Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging".π Read
via "National Vulnerability Database".