β ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach β
π Read
via "The first stop for security news | Threatpost ".
A full 21 percent of survey respondents would walk away from a business permanently after a major hack.π Read
via "The first stop for security news | Threatpost ".
Threat Post
ThreatList: 1 Out of 5 Would Ditch a Business After a Data Breach
A full 21 percent of survey respondents would walk away from a business permanently after a major hack.
π Dark Web: A cheat sheet for business professionals π
π Read
via "Security on TechRepublic".
Nefarious profiteers use the encrypted internet to sell stolen data, drugs, and weapons. Facebook and the UN use it to protect dissidents and journalists. This guide shines a light on the Dark Web.π Read
via "Security on TechRepublic".
TechRepublic
Dark Web: A cheat sheet for business professionals
Nefarious profiteers use the encrypted internet to sell stolen data, drugs, and weapons. Facebook and the UN use it to protect dissidents and journalists. This guide shines a light on the Dark Web.
β Researchers exploit Microsoft Word through embedded video β
π Read
via "Naked Security".
A group of researchers has found a way to infect computers via Word documents without triggering a security warning.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Cybersecurity no. 1 challenge for CXOs, but only 39% have a defense strategy π
π Read
via "Security on TechRepublic".
More than 85% of companies have experienced a cyber breach in the past three years, according to an A.T. Kearny report.π Read
via "Security on TechRepublic".
TechRepublic
Cybersecurity no. 1 challenge for CXOs, but only 39% have a defense strategy
More than 85% of companies have experienced a cyber breach in the past three years, according to an A.T. Kearny report.
β Monday review β the hot 22 stories of the week β
π Read
via "Naked Security".
From a popular WordPress plugin harbouring a zero-day to punishments for phone-slowing Apple and Samsung, and all the stories in between. Catch up with everything we've written in the last seven days - it's weekly roundup time.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Call of Duty players caught up in cryptocurrency theft racket β
π Read
via "Naked Security".
The FBI recently busted a group of criminals who seem to be using Call of Duty to coordinate cryptocurrency thefts.π Read
via "Naked Security".
Naked Security
Call of Duty players caught up in cryptocurrency theft racket
The FBI recently busted a group of criminals who seem to be using Call of Duty to coordinate cryptocurrency thefts.
β βRight to repairβ gets a boost from new DCMA software rules β
π Read
via "Naked Security".
It just got easier for owners of a wide range of home devices to hack and repair their software.π Read
via "Naked Security".
Naked Security
βRight to repairβ gets a boost from new DMCA software rules
It just got easier for owners of a wide range of home devices to hack and repair their software.
π Election hacking: The myths vs. realities π
π Read
via "Security on TechRepublic".
Cris Thomas, space rogue, global strategy lead at IBM X-Force Red, discusses the myths and realities of hacking election machines with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
Election hacking: The myths vs. realities | TechRepublic
Cris Thomas, space rogue, global strategy lead at IBM X-Force Red, discusses the myths and realities of hacking election machines with CNET's Dan Patterson.
β Self driving cars learn (from us) about who to sacrifice in a cash β
π Read
via "Naked Security".
It's bad news for overweight, elderly, male jaywalkers.π Read
via "Naked Security".
Naked Security
Self driving cars learn (from us) about who to sacrifice in a cash
Itβs bad news for overweight, elderly, male jaywalkers.
ATENTIONβΌ New - CVE-2018-0735
π Read
via "National Vulnerability Database".
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10734
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10733
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10732
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-10731
π Read
via "National Vulnerability Database".
ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status, process-zip-download.php with the request parameter file, or home-log.php with the request parameter action.π Read
via "National Vulnerability Database".
π΄ AppSec is Dead, but Software Security Is Alive & Well π΄
π Read
via "Dark Reading: ".
Application security must be re-envisioned to support software security. It's time to shake up your processes.π Read
via "Dark Reading: ".
Darkreading
AppSec Is Dead, but Software Security Is Alive & Well
Application security must be re-envisioned to support software security. It's time to shake up your processes.
π How cybersecurity is developing to combat Russian hackers π
π Read
via "Security on TechRepublic".
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses phishing and Russia's involvement in the 2016 US presidential election with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
How cybersecurity is developing to combat Russian hackers
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses phishing and Russia's involvement in the 2016 US presidential election with CNET's Dan Patterson.
π΄ Windows Defender: First Full Antivirus Tool to Run in a Sandbox π΄
π Read
via "Dark Reading: ".
Sandboxed version now available to Windows Insiders and anyone else who force-enables it in Windows 10 version 1703 and above.π Read
via "Dark Reading: ".
Dark Reading
Windows Defender: First Full Antivirus Tool to Run in a Sandbox
Sandboxed version now available to Windows Insiders and anyone else who force-enables it in Windows 10 version 1703 and above.
β X.Org Flaw Allows Privilege Escalation in Linux Systems β
π Read
via "The first stop for security news | Threatpost ".
The issue impacts many large distros with GUI interfaces.π Read
via "The first stop for security news | Threatpost ".
Threat Post
X.Org Flaw Allows Privilege Escalation in Linux Systems
The issue impacts many large distros with GUI interfaces.
β Nation-State Phishing: A Country-Sized Catch β
π Read
via "The first stop for security news | Threatpost ".
Sophisticated nation-state groups now integrate phishing as a core component of their statecraft.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Nation-State Phishing: A Country-Sized Catch
Sophisticated nation-state groups now integrate phishing as a core component of their statecraft.
π΄ 7 Ways an Old Tool Still Teaches New Lessons About Web AppSec π΄
π Read
via "Dark Reading: ".
Are your Web application secure? WebGoat, a tool old enough to be in high school, continues to instruct.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
β Girl Scouts Issues Data Breach Warning to 2,800 Members β
π Read
via "The first stop for security news | Threatpost ".
Someone gained access to an email account for the Orange County chapter, which was rife with personal data.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Girl Scouts Issues Data Breach Warning to 2,800 Members
Someone gained access to an email account for the Orange County chapter, which was rife with personal data.