π Why 5G (and even 6G) could put your business at risk for a cyberattack π
π Read
via "Security on TechRepublic".
The next generation of wireless networking standards could leave critical security gaps open, according to University of Dundee research.π Read
via "Security on TechRepublic".
TechRepublic
Why 5G (and even 6G) could put your business at risk for a cyberattack
The next generation of wireless networking standards could leave critical security gaps open, according to University of Dundee research.
β DemonBot Fans DDoS Flames with Hadoop Enslavement β
π Read
via "The first stop for security news | Threatpost ".
An unsophisticated but effective botnet is targeting exposed cloud servers and racking up millions of infections.π Read
via "The first stop for security news | Threatpost ".
Threat Post
DemonBot Fans DDoS Flames with Hadoop Enslavement
An unsophisticated but effective botnet is targeting exposed cloud servers and racking up millions of infections.
β British Airways Data Breach Takes Off Again with 185K More Victims β
π Read
via "The first stop for security news | Threatpost ".
The news comes on the heels of a breach at Cathay Pacific exposing 9.4 million people.π Read
via "The first stop for security news | Threatpost ".
Threat Post
British Airways Data Breach Takes Off Again with 185K More Victims
The news comes on the heels of a breach at Cathay Pacific exposing 9.4 million people.
π΄ DeepPhish: Simulating Malicious AI to Act Like an Adversary π΄
π Read
via "Dark Reading: ".
How researchers developed an algorithm to simulate cybercriminals' use of artificial intelligence and explore the future of phishing.π Read
via "Dark Reading: ".
Darkreading
DeepPhish: Simulating Malicious AI to Act Like an Adversary
How researchers developed an algorithm to simulate cybercriminals' use of artificial intelligence and explore the future of phishing.
β PoC Attack Leverages Microsoft Office and YouTube to Deliver Malware β
π Read
via "The first stop for security news | Threatpost ".
Microsoft has been notified, but no patch is yet available.π Read
via "The first stop for security news | Threatpost ".
Threat Post
PoC Attack Leverages Microsoft Office and YouTube to Deliver Malware
The attack executes with no warning to the user.
π΄ British Airways: 185K Affected in Second Data Breach π΄
π Read
via "Dark Reading: ".
The carrier discovered another breach while investigating its largest-ever data breach, disclosed in September.π Read
via "Dark Reading: ".
Darkreading
British Airways: 185K Affected in Second Data Breach
The carrier discovered another breach while investigating its largest-ever data breach, disclosed in September.
β ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach β
π Read
via "The first stop for security news | Threatpost ".
A full 21 percent of survey respondents would walk away from a business permanently after a major hack.π Read
via "The first stop for security news | Threatpost ".
Threat Post
ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach
A full 21 percent of survey respondents would walk away from a business permanently after a major hack.
π Dark Web: A cheat sheet for business professionals π
π Read
via "Security on TechRepublic".
Nefarious profiteers use the encrypted internet to sell stolen data, drugs, and weapons. Facebook and the UN use it to protect dissidents and journalists. This guide shines a light on the Dark Web.π Read
via "Security on TechRepublic".
TechRepublic
Dark Web: A cheat sheet for business professionals
Nefarious profiteers use the encrypted internet to sell stolen data, drugs, and weapons. Facebook and the UN use it to protect dissidents and journalists. This guide shines a light on the Dark Web.
β Researchers exploit Microsoft Word through embedded video β
π Read
via "Naked Security".
A group of researchers has found a way to infect computers via Word documents without triggering a security warning.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Cybersecurity no. 1 challenge for CXOs, but only 39% have a defense strategy π
π Read
via "Security on TechRepublic".
More than 85% of companies have experienced a cyber breach in the past three years, according to an A.T. Kearny report.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity no. 1 challenge for CXOs, but only 39% have a defense strategy
More than 85% of companies have experienced a cyber breach in the past three years, according to an A.T. Kearny report.
β Monday review β the hot 22 stories of the week β
π Read
via "Naked Security".
From a popular WordPress plugin harbouring a zero-day to punishments for phone-slowing Apple and Samsung, and all the stories in between. Catch up with everything we've written in the last seven days - it's weekly roundup time.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Call of Duty players caught up in cryptocurrency theft racket β
π Read
via "Naked Security".
The FBI recently busted a group of criminals who seem to be using Call of Duty to coordinate cryptocurrency thefts.π Read
via "Naked Security".
Naked Security
Call of Duty players caught up in cryptocurrency theft racket
The FBI recently busted a group of criminals who seem to be using Call of Duty to coordinate cryptocurrency thefts.
β βRight to repairβ gets a boost from new DCMA software rules β
π Read
via "Naked Security".
It just got easier for owners of a wide range of home devices to hack and repair their software.π Read
via "Naked Security".
Naked Security
βRight to repairβ gets a boost from new DMCA software rules
It just got easier for owners of a wide range of home devices to hack and repair their software.
π Election hacking: The myths vs. realities π
π Read
via "Security on TechRepublic".
Cris Thomas, space rogue, global strategy lead at IBM X-Force Red, discusses the myths and realities of hacking election machines with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
Election hacking: The myths vs. realities | TechRepublic
Cris Thomas, space rogue, global strategy lead at IBM X-Force Red, discusses the myths and realities of hacking election machines with CNET's Dan Patterson.
β Self driving cars learn (from us) about who to sacrifice in a cash β
π Read
via "Naked Security".
It's bad news for overweight, elderly, male jaywalkers.π Read
via "Naked Security".
Naked Security
Self driving cars learn (from us) about who to sacrifice in a cash
Itβs bad news for overweight, elderly, male jaywalkers.
ATENTIONβΌ New - CVE-2018-0735
π Read
via "National Vulnerability Database".
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10734
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10733
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10732
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10731
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status, process-zip-download.php with the request parameter file, or home-log.php with the request parameter action.π Read
via "National Vulnerability Database".
π΄ AppSec is Dead, but Software Security Is Alive & Well π΄
π Read
via "Dark Reading: ".
Application security must be re-envisioned to support software security. It's time to shake up your processes.π Read
via "Dark Reading: ".
Darkreading
AppSec Is Dead, but Software Security Is Alive & Well
Application security must be re-envisioned to support software security. It's time to shake up your processes.