ATENTIONβΌ New - CVE-2011-3611
π Read
via "National Vulnerability Database".
A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12.π Read
via "National Vulnerability Database".
π΄ Eight Flaws in MSP Software Highlight Potential Ransomware Vector π΄
π Read
via "Dark Reading: ".
An attack chain of vulnerabilities in ConnectWise's software for MSPs has similarities to some of the details of the August attack on Texas local and state agencies.π Read
via "Dark Reading: ".
Dark Reading
Eight Flaws in MSP Software Highlight Potential Ransomware Vector
An attack chain of vulnerabilities in ConnectWise's software for MSPs has similarities to some of the details of the August attack on Texas local and state agencies.
π 3 biggest threats cybersecurity professionals are facing in 2020 π
π Read
via "Security on TechRepublic".
Organizations are moving toward next-generation cybersecurity solutions this year, but security fragmentation is a looming threat.π Read
via "Security on TechRepublic".
TechRepublic
3 biggest threats cybersecurity professionals are facing in 2020
Organizations are moving toward next-generation cybersecurity solutions this year, but security fragmentation is a looming threat.
π How to disconnect devices and revoke app privileges from your Firefox cloud account π
π Read
via "Security on TechRepublic".
You'll be surprised at how many devices, apps, and services are associated with your Firefox cloud account. Find out how to remove them.π Read
via "Security on TechRepublic".
TechRepublic
How to disconnect devices and revoke app privileges from your Firefox cloud account
You'll be surprised at how many devices, apps, and services are associated with your Firefox cloud account. Find out how to remove them.
ATENTIONβΌ New - CVE-2011-3622
π Read
via "National Vulnerability Database".
A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18.π Read
via "National Vulnerability Database".
π΄ To Avoid Disruption, Ransomware Victims Continue to Pay Up π΄
π Read
via "Dark Reading: ".
For all the cautions against doing so, one-third of organizations in a Proofpoint survey said they paid their attackers after getting infected with ransomware.π Read
via "Dark Reading: ".
Darkreading
To Avoid Disruption, Ransomware Victims Continue to Pay Up
For all the cautions against doing so, one-third of organizations in a Proofpoint survey said they paid their attackers after getting infected with ransomware.
β Vivin Nets Thousands of Dollars Using Cryptomining Malware β
π Read
via "Threatpost".
A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn't going away anytime soon.π Read
via "Threatpost".
Threat Post
Vivin Nets Thousands of Dollars Using Cryptomining Malware
A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn't going away anytime soon.
π΄ For Mismanaged SOCs, The Price Is Not Right π΄
π Read
via "Dark Reading: ".
New research finds security operations centers suffer high turnover and yield mediocre results for the investment they require.π Read
via "Dark Reading: ".
Dark Reading
For Mismanaged SOCs, The Price Is Not Right
New research finds security operations centers suffer high turnover and yield mediocre results for the investment they require.
β Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment β
π Read
via "Threatpost".
The competition targets the systems that run critical infrastructure and more.π Read
via "Threatpost".
Threat Post
Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment
The competition targets the systems that run critical infrastructure and more.
π How to protect your organization against targeted phishing attacks π
π Read
via "Security on TechRepublic".
Companies should realize that any user could be a target and use threat data to build a security awareness training program, says Proofpoint.π Read
via "Security on TechRepublic".
TechRepublic
How to protect your organization against targeted phishing attacks
Companies should realize that any user could be a target and use threat data to build a security awareness training program, says Proofpoint.
β FBI issues warning about lucrative fake job scams β
π Read
via "Naked Security".
Whatβs the difference between a real job and a fake one found on the internet? The fake ones are suspiciously easy to get interviews for.π Read
via "Naked Security".
Naked Security
FBI issues warning about lucrative fake job scams
Whatβs the difference between a real job and a fake one found on the internet? The fake ones are suspiciously easy to get interviews for.
β Sonosβs tone-deaf legacy product policy angers customers β
π Read
via "Naked Security".
Stopping software updates for legacy kit is nothing new, but it's the way the company has done it that has Sonos customers' hackles up.π Read
via "Naked Security".
Naked Security
Sonosβs tone-deaf legacy product policy angers customers
Stopping software updates for legacy kit is nothing new, but itβs the way the company has done it that has Sonos customersβ hackles up.
β Apple allegedly made nice with FBI by dropping iCloud encryption plan β
π Read
via "Naked Security".
Sources told Reuters that Apple may have been convinced by arguments made during the legal fight over cracking the San Bernardino iPhone.π Read
via "Naked Security".
Naked Security
Apple allegedly made nice with FBI by dropping iCloud encryption plan
Sources told Reuters that Apple may have been convinced by arguments made during the legal fight over cracking the San Bernardino iPhone.
β UN report alleges that Saudi crown prince hacked Jeff Bezosβs phone β
π Read
via "Naked Security".
Digital forensic evidence points to the phone's massive, months-long data egress having likely been triggered by Pegasus mobile spyware.π Read
via "Naked Security".
Naked Security
UN report alleges that Saudi crown prince hacked Jeff Bezosβs phone
Digital forensic evidence points to the phoneβs massive, months-long data egress having likely been triggered by Pegasus mobile spyware.
β Google: Flaws in Appleβs Private-Browsing Technology Allow for Third-Party Tracking β
π Read
via "Threatpost".
New research outlines vulnerabilities in Safariβs Intelligent Tracking Protection that can reveal user browsing behavior to third parties.π Read
via "Threatpost".
Threat Post
Google: Flaws in Appleβs Private-Browsing Technology Allow for Third-Party Tracking
New research outlines vulnerabilities in Safariβs Intelligent Tracking Protection that can reveal user browsing behavior to third parties.
β Looking for silver linings in the CVE-2020-0601 crypto vulnerability β
π Read
via "Naked Security".
Is there some good news hidden in the story of the CVE-2020-0601 crypto vulnerability?π Read
via "Naked Security".
Naked Security
Looking for silver linings in the CVE-2020-0601 crypto vulnerability
Is there some good news hidden in the story of the CVE-2020-0601 crypto vulnerability?
π΄ Weathering the Privacy Storm from GDPR to CCPA & PDPA π΄
π Read
via "Dark Reading: ".
A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.π Read
via "Dark Reading: ".
Dark Reading
Weathering the Privacy Storm from GDPR to CCPA & PDPA
A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.
π΄ Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says π΄
π Read
via "Dark Reading: ".
Attackers 'weaponized' Active Directory to spread the ransomware.π Read
via "Dark Reading: ".
Darkreading
Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says
Attackers 'weaponized' Active Directory to spread the ransomware.
β Cisco Warns of Critical Network Security Tool Flaw β
π Read
via "Threatpost".
The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.π Read
via "Threatpost".
Threat Post
Cisco Warns of Critical Network Security Tool Flaw
The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.
π Why many small and midsized businesses remain vulnerable to cyberattack π
π Read
via "Security on TechRepublic".
Budget limitations and a lack of knowledge or training are two major factors hurting many SMBs, according to a survey from Untangle.π Read
via "Security on TechRepublic".
TechRepublic
Why many small and midsized businesses remain vulnerable to cyberattack
Budget limitations and a lack of knowledge or training are two major factors hurting many SMBs, according to a survey from Untangle.
π Falco 0.19.0 π
π Go!
via "Security Tool Files β Packet Storm".
Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Falco 0.19.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers