β IoT Company Wyze Leaks Emails, Device Data of 2.4M β
π Read
via "Threatpost".
The Internet of Things vendor confirmed that customer data was left unsecured on an Elasticsearch database.π Read
via "Threatpost".
Threat Post
IoT Company Wyze Leaks Emails, Device Data of 2.4M
The Internet of Things vendor confirmed on Sunday that customer data was left unsecured on an Elasticsearch database.
β Celebrity addresses posted online in New Yearβs Honours List leak β
π Read
via "Naked Security".
Too much information.π Read
via "Naked Security".
Naked Security
Celebrity addresses posted online in New Yearβs Honours List leak
Too much information.
π How to choose the best MDM partner: 5 key considerations π
π Read
via "Security on TechRepublic".
Here's what organizations considering using a mobile device management server should keep in mind.π Read
via "Security on TechRepublic".
TechRepublic
How to choose the best MDM partner: 5 key considerations
Here's what organizations considering using a mobile device management server should keep in mind.
π΄ How AI and Cybersecurity Will Intersect in 2020 π΄
π Read
via "Dark Reading: ".
Understanding the new risks and threats posed by increased use of artificial intelligence.π Read
via "Dark Reading: ".
Dark Reading
How AI and Cybersecurity Will Intersect in 2020
Understanding the new risks and threats posed by increased use of artificial intelligence.
ATENTIONβΌ New - CVE-2012-5645
π Read
via "National Vulnerability Database".
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-5476
π Read
via "National Vulnerability Database".
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-5474
π Read
via "National Vulnerability Database".
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-2016
π Read
via "National Vulnerability Database".
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-0264
π Read
via "National Vulnerability Database".
An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-0196
π Read
via "National Vulnerability Database".
A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-5663
π Read
via "National Vulnerability Database".
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).π Read
via "National Vulnerability Database".
β 2020 Cybersecurity Trends to Watch β
π Read
via "Threatpost".
Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.π Read
via "Threatpost".
Threat Post
2020 Cybersecurity Trends to Watch
Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.
π΄ Cybercrime's Most Lucrative Careers π΄
π Read
via "Dark Reading: ".
Crime pays. Really well. Here's a look at just how much a cybercriminal can earn in a month.π Read
via "Dark Reading: ".
Dark Reading
Cybercrime's Most Lucrative Careers
Crime pays. Really well. Here's a look at just how much a cybercriminal can earn in a month.
β 7 Tips for Maximizing Your SOC β
π Read
via "Threatpost".
Use the seven points listed above to create an effective and efficient operational workflow and, importantly, happier analysts who aren't buried at the bottom of a pile of mostly irrelevant data.π Read
via "Threatpost".
Threat Post
7 Tips for Maximizing Your SOC
Use the seven points listed above to create an effective and efficient operational workflow and, importantly, happier analysts who aren't buried at the bottom of a pile of mostly irrelevant data.
π΄ Operational Technology: Why Old Networks Need to Learn New Tricks π΄
π Read
via "Dark Reading: ".
Cybercriminals are maximizing their opportunity by targeting older vulnerabilities in OT environments. It's time to fight back.π Read
via "Dark Reading: ".
Darkreading
Operational Technology: Why Old Networks Need to Learn New Tricks
Cybercriminals are maximizing their opportunity by targeting older vulnerabilities in OT environments. It's time to fight back.
π΄ Microsoft Shuts Down 50 Domains Used by North Korean Hacking Group π΄
π Read
via "Dark Reading: ".
'Thallium' nation-state threat group used the domains to target mostly US victims.π Read
via "Dark Reading: ".
Darkreading
Microsoft Shuts Down 50 Domains Used by North Korean Hacking Group
'Thallium' nation-state threat group used the domains to target mostly US victims.
π Is It Time To Outsource Your Data Security? π
π Read
via "Subscriber Blog RSS Feed ".
Access to advanced technology and expertise at a cost-effective price is making managed security services an increasingly attractive prospect for many organizations.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Is It Time To Outsource Your Data Security?
Access to advanced technology and expertise at a cost-effective price is making managed security services an increasingly attractive prospect for many organizations.
π Wearable industrial tech is coming to a production line near you π
π Read
via "Security on TechRepublic".
From VR training to heads-up schematics, industrial wearables may be the wave of the future.π Read
via "Security on TechRepublic".
TechRepublic
Wearable industrial tech is coming to a production line near you
From VR training to heads-up schematics, industrial wearables may be the wave of the future.
ATENTIONβΌ New - CVE-2013-4357
π Read
via "National Vulnerability Database".
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4161
π Read
via "National Vulnerability Database".
gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-3585
π Read
via "National Vulnerability Database".
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.π Read
via "National Vulnerability Database".