ATENTIONβΌ New - CVE-2013-0737
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the fieldnames parameter.π Read
via "National Vulnerability Database".
β Python is dead. Long live Python! β
π Read
via "Naked Security".
Is Python 2 *really* dead. Or is it just shagged out after a long squawk?π Read
via "Naked Security".
Naked Security
Python is dead. Long live Python!
Is Python 2 *really* dead. Or is it just shagged out after a long squawk?
β Google Boots Security Camera Maker From Nest Hub After Private Images Go Public β
π Read
via "Threatpost".
The issue came to light after a Reddit user claimed being able to see strangers on his Xiaomi Mijia smart camera.π Read
via "Threatpost".
Threat Post
Google Boots Security Camera Maker From Nest Hub After Private Images Go Public
The issue came to light after a Reddit user claimed being able to see strangers on his Xiaomi Mijia smart camera.
π΄ Organizations May 'Uncloud' Over Security, Budgetary Concerns π΄
π Read
via "Dark Reading: ".
While most cloud vendors forecast continued adoption and growth, some customers are taking a harder look at the cloud services they're usingπ Read
via "Dark Reading: ".
Dark Reading
Organizations May 'Uncloud' Over Security, Budgetary Concerns
While most cloud vendors forecast continued adoption and growth, some customers are taking a harder look at the cloud services they're using
π΄ Continental Drift: Is Digital Sovereignty Splitting Global Data Centers? π΄
π Read
via "Dark Reading: ".
The recent proposal by Germany, backed by France, to fuse the infrastructures of Europe's cloud providers could challenge every data center storing a European's data.π Read
via "Dark Reading: ".
Dark Reading
Continental Drift: Is Digital Sovereignty Splitting Global Data Centers?
The recent proposal by Germany, backed by France, to fuse the infrastructures of Europe's cloud providers could challenge every data center storing a European's data.
π΄ Malware Hits Travelex Currency Exchange Service π΄
π Read
via "Dark Reading: ".
The New Year's Eve malware attack forced Travelex employees to resort to manual operations.π Read
via "Dark Reading: ".
Darkreading
Malware Hits Travelex Currency Exchange Service
The New Year's Eve malware attack forced Travelex employees to resort to manual operations.
π΄ The Edge Cartoon Caption Contest: Latest Winners, New Toon 'Like a Boss' π΄
π Read
via "Dark Reading: ".
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading: ".
Dark Reading
The Edge
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
β Travelex Knocked Offline by System-Wide Malware Attack β
π Read
via "Threatpost".
The foreign-currency-exchange giant said that it has been hit by a virus, affecting retail customers and banking partners alike.π Read
via "Threatpost".
Threat Post
Travelex Knocked Offline by System-Wide Malware Attack
The foreign-currency-exchange giant said that it has been hit by a virus, affecting retail customers and banking partners alike.
π Friday Five: 1/3 Edition π
π Read
via "Subscriber Blog RSS Feed ".
Ransomware takes down a USCG Maritime Facility, an email server belonging to the Special Olympics New York is hacked, and more - catch up on all the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 1/3 Edition
Ransomware takes down a USCG Maritime Facility, an email server belonging to the Special Olympics New York is hacked, and more - catch up on all the week's news with the Friday Five.
β Cryptocurrency exchange Poloniex issues password reset warning β
π Read
via "Naked Security".
Yes, there was a breach. But it's an old one that the crooks are trying to use again.π Read
via "Naked Security".
Naked Security
Cryptocurrency exchange Poloniex issues password reset warning
Yes, there was a breach. But itβs an old one that the crooks are trying to use again.
β Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline β
π Read
via "Threatpost".
Gas stations will become liable for card-skimming at their pay-at-the-pump mechanisms starting in October.π Read
via "Threatpost".
Threat Post
Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline
Gas stations will become liable for card-skimming at their pay-at-the-pump mechanisms starting in October.
β 3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches β
π Read
via "Threatpost".
Cisco patched three authentication bypass bugs tied to its DCNM platform used to manages NX-OS.π Read
via "Threatpost".
Threat Post
3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches
Cisco patched three authentication bypass bugs tied to its DCNM platform used to manages NX-OS.
β Ransomware Attack Topples Telemarketing Firm, Leaving Hundreds Jobless β
π Read
via "Threatpost".
Days before Christmas, employees found out that The Heritage Company had been hit by a ransomware attack and was "temporarily suspending operations."π Read
via "Threatpost".
Threat Post
Ransomware Attack Topples Telemarketing Firm, Leaving Hundreds Jobless
Days before Christmas, employees found out that The Heritage Company had been hit by a ransomware attack and was "temporarily suspending operations."
ATENTIONβΌ New - CVE-2012-4451
π Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorator, (5) Uri, (6) View\Helper\HeadStyle, (7) View\Helper\Navigation\Sitemap, or (8) View\Helper\Placeholder\Container\AbstractStandalone, related to Escaper.π Read
via "National Vulnerability Database".
π΄ Cisco Drops a Dozen Vulnerability Patches π΄
π Read
via "Dark Reading: ".
Among them are three for critical authentication bypass flaws.π Read
via "Dark Reading: ".
Dark Reading
Cisco Drops a Dozen Vulnerability Patches
Among them are three for critical authentication bypass flaws.
π΄ Ransomware Victim Southwire Sues Maze Operators π΄
π Read
via "Dark Reading: ".
Attackers demanded $6 million from the wire and cable manufacturer when they launched a December ransomware campaign.π Read
via "Dark Reading: ".
Darkreading
Ransomware Victim Southwire Sues Maze Operators
Attackers demanded $6 million from the wire and cable manufacturer when they launched a December ransomware campaign.
ATENTIONβΌ New - CVE-2012-5878
π Read
via "National Vulnerability Database".
Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath parameter to frameworkgui/attachMobileModem.pl.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-5693
π Read
via "National Vulnerability Database".
Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddressTB parameter to (1) remoteAttack.pl or (2) guessPassword.pl in frameworkgui/; the filename parameter to (3) CSAttack.pl or (4) SEAttack.pl in frameworkgui/; the phNo2Attack parameter to (5) CSAttack.pl or (6) SEAttack.pl in frameworkgui/; the (7) platformDD2 parameter to frameworkgui/SEAttack.pl; the (8) agentURLPath or (9) agentControlKey parameter to frameworkgui/attach2agents.pl; or the (10) controlKey parameter to frameworkgui/attachMobileModem.pl. NOTE: The hostingPath parameter to CSAttack.pl and SEAttack.pl vectors and the appURLPath parameter to attachMobileModem.pl vector are covered by CVE-2012-5878.π Read
via "National Vulnerability Database".
π 5 predictions for protecting data in the payments and security ecosystem π
π Read
via "Security on TechRepublic".
As demand for personalization and seamless consumer experiences grow, security must keep up, said VISA's chief risk officer.π Read
via "Security on TechRepublic".
TechRepublic
5 predictions for protecting data in the payments and security ecosystem
As demand for personalization and seamless consumer experiences grow, security must keep up, said VISA's chief risk officer.
β Monday review β the hot stories of the holidays β
π Read
via "Naked Security".
From 'Greta Thunberg' malware to Python 3, get yourself up to date with everything we've written since Christmas.π Read
via "Naked Security".
Naked Security
Monday review β the hot stories of the holidays
From βGreta Thunbergβ malware to Python 3, get yourself up to date with everything we've written since Christmas.
π΄ What Tools Will Find Misconfigurations in My AWS S3 Cloud Buckets? π΄
π Read
via "Dark Reading: ".
Misconfigured cloud buckets leak sensitive data. Here's how to keep your Amazon Web Services (AWS) Simple Server Storage (S3) buckets secured.π Read
via "Dark Reading: ".
Dark Reading
What Tools Will Find Misconfigurations in My AWS S3 Cloud Buckets?
Misconfigured cloud buckets leak sensitive data. Here's how to keep your Amazon Web Services (AWS) Simple Server Storage (S3) buckets secured.