🛡 Cybersecurity & Privacy 🛡 - News

Sonos’s tone-deaf legacy product policy angers customers

Stopping software updates for legacy kit is nothing new, but it’s the way the company has done it that has Sonos customers’ hackles up.

107 views10:55

⚠ Apple allegedly made nice with FBI by dropping iCloud encryption plan ⚠

Sources told Reuters that Apple may have been convinced by arguments made during the legal fight over cracking the San Bernardino iPhone.

📖 Read

via "Naked Security".

Apple allegedly made nice with FBI by dropping iCloud encryption plan

Sources told Reuters that Apple may have been convinced by arguments made during the legal fight over cracking the San Bernardino iPhone.

112 views11:25

⚠ UN report alleges that Saudi crown prince hacked Jeff Bezos’s phone ⚠

Digital forensic evidence points to the phone's massive, months-long data egress having likely been triggered by Pegasus mobile spyware.

📖 Read

via "Naked Security".

UN report alleges that Saudi crown prince hacked Jeff Bezos’s phone

Digital forensic evidence points to the phone’s massive, months-long data egress having likely been triggered by Pegasus mobile spyware.

126 views11:55

❌ Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking ❌

New research outlines vulnerabilities in Safari’s Intelligent Tracking Protection that can reveal user browsing behavior to third parties.

📖 Read

via "Threatpost".

Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking

New research outlines vulnerabilities in Safari’s Intelligent Tracking Protection that can reveal user browsing behavior to third parties.

113 views12:49

⚠ Looking for silver linings in the CVE-2020-0601 crypto vulnerability ⚠

Is there some good news hidden in the story of the CVE-2020-0601 crypto vulnerability?

📖 Read

via "Naked Security".

Looking for silver linings in the CVE-2020-0601 crypto vulnerability

Is there some good news hidden in the story of the CVE-2020-0601 crypto vulnerability?

104 views13:55

🕴 Weathering the Privacy Storm from GDPR to CCPA & PDPA 🕴

A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.

📖 Read

via "Dark Reading: ".

Weathering the Privacy Storm from GDPR to CCPA & PDPA

A general approach to privacy, no matter the regulation, is the only way companies can avoid a data protection disaster in 2020 and beyond.

109 views15:19

Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says

🕴 Ryuk Ransomware Hit Multiple Oil & Gas Facilities, ICS Security Expert Says 🕴

Attackers 'weaponized' Active Directory to spread the ransomware.

📖 Read

via "Dark Reading: ".

Darkreading

Attackers 'weaponized' Active Directory to spread the ransomware.

106 views15:19

❌ Cisco Warns of Critical Network Security Tool Flaw ❌

The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.

📖 Read

via "Threatpost".

Cisco Warns of Critical Network Security Tool Flaw

The critical flaw exists in Cisco's administrative management tool, used with network security solutions like firewalls.

93 views16:19

Why many small and midsized businesses remain vulnerable to cyberattack

🔐 Why many small and midsized businesses remain vulnerable to cyberattack 🔐

Budget limitations and a lack of knowledge or training are two major factors hurting many SMBs, according to a survey from Untangle.

📖 Read

via "Security on TechRepublic".

TechRepublic

Budget limitations and a lack of knowledge or training are two major factors hurting many SMBs, according to a survey from Untangle.

91 views16:22

Falco 0.19.0 ≈ Packet Storm

🛠 Falco 0.19.0 🛠

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

📖 Go!

via "Security Tool Files ≈ Packet Storm".

Packetstormsecurity

Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

97 views16:37

ATENTION‼ New - CVE-2010-3295

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

📖 Read

via "National Vulnerability Database".

99 views17:42

ATENTION‼ New - CVE-2008-7314

mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname.

📖 Read

via "National Vulnerability Database".

99 views17:42

ATENTION‼ New - CVE-2007-6758

Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.

📖 Read

via "National Vulnerability Database".

100 views17:42

🕴 Severe Vulnerabilities Discovered in GE Medical Devices 🕴

CISA has released an advisory for six high-severity CVEs for GE Carescape patient monitors, Apex Pro, and Clinical Information Center systems.

📖 Read

via "Dark Reading: ".

Severe Vulnerabilities Discovered in GE Medical Devices

CISA has released an advisory for six high-severity CVEs for GE Carescape patient monitors, Apex Pro, and Clinical Information Center systems.

108 views18:49

🕴 Deconstructing Web Cache Deception Attacks: They're Bad; Now What? 🕴

Expect cache attacks to get worse before they get better. The problem is that we don't yet have a good solution.

📖 Read

via "Dark Reading: ".

Deconstructing Web Cache Deception Attacks: They're Bad; Now What? - Dark Reading

Expect cache attacks to get worse before they get better. The problem is that we don't yet have a good solution.

98 views19:19

❌ Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia ❌

The malware uses thousands of partner websites to spread malvertising code.

📖 Read

via "Threatpost".

Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia

The malware uses thousands of partner websites to spread malvertising code.

100 views19:19

❌ U.S. Gov Agency Targeted With Malware-Laced Emails ❌

The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.

📖 Read

via "Threatpost".

U.S. Gov Agency Targeted With Malware-Laced Emails

The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.

94 views19:19

CISA Warns of Uptick in Emotet Malware

🔏 CISA Warns of Uptick in Emotet Malware 🔏

CISA is spreading new guidance to ensure admins can properly defend against Emotet malware attacks, which the agency claims are on the rise.

📖 Read

via "Subscriber Blog RSS Feed ".

Digital Guardian

CISA is spreading new guidance to ensure admins can properly defend against Emotet malware attacks, which the agency claims are on the rise.

91 views19:38

❌ Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices ❌

The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.

📖 Read

via "Threatpost".

Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices

The Feds have warned on six vulnerabilities in GE medical equipment that could affect patient monitor alarms and more.

97 views20:19

🕴 NSA Offers Guidance on Mitigating Cloud Flaws 🕴

A new document separates cloud vulnerabilities into four classes and offers mitigations to help businesses protect cloud resources.

📖 Read

via "Dark Reading: ".

NSA Offers Guidance on Mitigating Cloud Flaws

A new document separates cloud vulnerabilities into four classes and offers mitigations to help businesses protect cloud resources.

95 views20:49

🕴 DHS Warns of Increasing Emotet Risk 🕴

Emotet is considered one of the most damaging banking Trojans, primarily through its ability to carry other malware into an organization.

📖 Read

via "Dark Reading: ".