β X.Org Flaw Allows Privilege Escalation in Linux Systems β
π Read
via "The first stop for security news | Threatpost ".
The issue impacts many large distros with GUI interfaces.π Read
via "The first stop for security news | Threatpost ".
Threat Post
X.Org Flaw Allows Privilege Escalation in Linux Systems
The issue impacts many large distros with GUI interfaces.
β Nation-State Phishing: A Country-Sized Catch β
π Read
via "The first stop for security news | Threatpost ".
Sophisticated nation-state groups now integrate phishing as a core component of their statecraft.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Nation-State Phishing: A Country-Sized Catch
Sophisticated nation-state groups now integrate phishing as a core component of their statecraft.
π΄ 7 Ways an Old Tool Still Teaches New Lessons About Web AppSec π΄
π Read
via "Dark Reading: ".
Are your Web application secure? WebGoat, a tool old enough to be in high school, continues to instruct.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
β Girl Scouts Issues Data Breach Warning to 2,800 Members β
π Read
via "The first stop for security news | Threatpost ".
Someone gained access to an email account for the Orange County chapter, which was rife with personal data.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Girl Scouts Issues Data Breach Warning to 2,800 Members
Someone gained access to an email account for the Orange County chapter, which was rife with personal data.
π΄ Protect DNS, Protect business π΄
π Read
via "Dark Reading: ".
DNS plays a critical role in every network. However, it is often overlooked by many security solutions and not integrated into cyber hygiene programs, leaving an easily-accessed back door open for criminals into many networks.π Read
via "Dark Reading: ".
Dark Reading
Protect DNS, Protect business
DNS plays a critical role in every network. However, it is often overlooked by many security solutions and not integrated into cyber hygiene programs, leaving an easily-accessed back door open for criminals into many networks.
ATENTIONβΌ New - CVE-2017-18281
π Read
via "National Vulnerability Database".
A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernelπ Read
via "National Vulnerability Database".
β IoT Flaw Allows Hijacking of Connected Construction Cranes β
π Read
via "The first stop for security news | Threatpost ".
An attacker can send spoofed commands to the crane's controller.π Read
via "The first stop for security news | Threatpost ".
Threat Post
IoT Flaw Allows Hijacking of Connected Construction Cranes
An attacker can send spoofed commands to the craneβs controller.
π΄ New Report: IoT Now Top Internet Attack Target π΄
π Read
via "Dark Reading: ".
IoT devices are the top targets of cyberattacks -- most of which originate on IoT devices, new report finds.π Read
via "Dark Reading: ".
Darkreading
New Report: IoT Now Top Internet Attack Target
IoT devices are the top targets of cyberattacks -- most of which originate on IoT devices, new report finds.
π΄ Security Implications of IBM-Red Hat Merger Unclear π΄
π Read
via "Dark Reading: ".
But enterprises and open source community likely have little to be concerned about, industry experts say.π Read
via "Dark Reading: ".
Dark Reading
Security Implications of IBM-Red Hat Merger Unclear
But enterprises and open source community likely have little to be concerned about, industry experts say.
β China hijacking internet traffic using BGP, claim researchers β
π Read
via "Naked Security".
Researchers claim that unusual BGP routing changes are actually man-in-the-middle surveillance.π Read
via "Naked Security".
Naked Security
China hijacking internet traffic using BGP, claim researchers
Researchers claim that unusual BGP routing changes are actually man-in-the-middle surveillance.
π How cybersecurity is developing to combat Russian hackers π
π Read
via "Security on TechRepublic".
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses phishing and Russia's involvement in the 2016 US presidential election with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
How cybersecurity is developing to combat Russian hackers
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses phishing and Russia's involvement in the 2016 US presidential election with CNET's Dan Patterson.
π US rubber stamps right to repair: What it means for IT, SMBs, and tinkerers π
π Read
via "Security on TechRepublic".
The previous copyright law that only allowed big manufacturers to fix tech products has finally been lifted. Here's what that means for techies.π Read
via "Security on TechRepublic".
TechRepublic
US rubber stamps right to repair: What it means for IT, SMBs, and tinkerers
The previous copyright law that only allowed big manufacturers to fix tech products has finally been lifted. Here's what that means for techies.
π Illinois focuses on voter registration security for 2018 midterms in response to 2016 Russian breach π
π Read
via "Security on TechRepublic".
Illinois had the only state voter registration database that Russian hackers successfully broke into in the 2016 election. Since then, it has spent millions on new cybersecurity protections.π Read
via "Security on TechRepublic".
TechRepublic
Illinois focuses on voter registration security for 2018 midterms in response to 2016 Russian breach
Illinois had the only state voter registration database that Russian hackers successfully broke into in the 2016 election. Since then, it has spent millions on new cybersecurity protections.
π How companies are amping up cybersecurity to prevent election meddling π
π Read
via "Security on TechRepublic".
Theresa Payton, CEO at Fortalice Solutions, discusses cybersecurity, election meddling, and Russia's involvement in 2016 US presidential election with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
How companies are amping up cybersecurity to prevent election meddling
Theresa Payton, CEO at Fortalice Solutions, discusses cybersecurity, election meddling, and Russia's involvement in 2016 US presidential election with CNET's Dan Patterson.
π How companies are amping up cybersecurity to prevent election meddling π
π Read
via "Security on TechRepublic".
Theresa Payton, CEO at Fortalice Solutions, discusses cybersecurity, election meddling, and Russia's involvement in 2016 US presidential election with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
How companies are amping up cybersecurity to prevent election meddling
Theresa Payton, CEO at Fortalice Solutions, discusses cybersecurity, election meddling, and Russia's involvement in 2016 US presidential election with CNET's Dan Patterson.
π How the FBI weighs cybersecurity risks against other criminal threats π
π Read
via "Security on TechRepublic".
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses the continuous challenge of balancing incoming cyber threats with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
How the FBI weighs cybersecurity risks against other criminal threats
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses the continuous challenge of balancing incoming cyber threats with CNET's Dan Patterson.
π How the FBI weighs cybersecurity risks against other criminal threats π
π Read
via "Security on TechRepublic".
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses the continuous challenge of balancing incoming cyber threats with CNET's Dan Patterson.π Read
via "Security on TechRepublic".
TechRepublic
How the FBI weighs cybersecurity risks against other criminal threats
Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses the continuous challenge of balancing incoming cyber threats with CNET's Dan Patterson.
β Snakes in the grass! Malicious code slithers into Python PyPI repository β
π Read
via "Naked Security".
Not for the first time, typosquatting malware made its way into an open source code repository.π Read
via "Naked Security".
Naked Security
Snakes in the grass! Malicious code slithers into Python PyPI repository
Not for the first time, typosquatting malware made its way into an open source code repository.
β Gov worker visits 9k porn sites without protection, spreads infection β
π Read
via "Naked Security".
A now very βexβ-government employee provides a teachable moment.π Read
via "Naked Security".
Naked Security
Gov worker visits 9k porn sites without protection, spreads infection
A now very βexβ-government employee provides a teachable moment.
ATENTIONβΌ New - CVE-2018-0734
π Read
via "National Vulnerability Database".
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a-dev (Affected 1.1.1). Fixed in OpenSSL 1.1.0j-dev (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q-dev (Affected 1.0.2-1.0.2p).π Read
via "National Vulnerability Database".
π΄ 10 Steps for Creating Strong Customer Authentication π΄
π Read
via "Dark Reading: ".
Between usability goals and security/regulatory pressures, setting up customer-facing security is difficult. These steps and best practices can help.π Read
via "Dark Reading: ".
Darkreading
10 Steps for Creating Strong Customer Authentication
Between usability goals and security/regulatory pressures, setting up customer-facing security is difficult. These steps and best practices can help.