π Hackers using coronavirus scare to spread Emotet malware in Japan π
π Read
via "Security on TechRepublic".
Cybercriminals are using global fears about the virus to spread the Emotet trojan.π Read
via "Security on TechRepublic".
TechRepublic
Hackers using coronavirus scare to spread Emotet malware in Japan
Cybercriminals are using global fears about the virus to spread the Emotet trojan.
β Monday review β the hot 25 stories of the week β
π Read
via "Naked Security".
From exposing private data on Trello to critical iPhone bugs - and everything in between. It's weekly roundup time.π Read
via "Naked Security".
Naked Security
Monday review β the hot 25 stories of the week
From exposing private data on Trello to critical iPhone bugs β and everything in between. Itβs weekly roundup time.
β Google launches open-source security key project, OpenSK β
π Read
via "Naked Security".
OpenSK is a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key.π Read
via "Naked Security".
Naked Security
Google launches open-source security key project, OpenSK
OpenSK is a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key.
β Fraudsters posed as art dealer, bilked museum for millions β
π Read
via "Naked Security".
Scammers got away with a $3.1m BEC heist, art dealer and museum blame each other, and ownership of a valuable landscape is up in the air.π Read
via "Naked Security".
Naked Security
Fraudsters posed as art dealer, bilked museum for millions
Scammers got away with a $3.1m BEC heist, art dealer and museum blame each other, and ownership of a valuable landscape is up in the air.
π΅ This Chinese company is secretly behind 24 popular apps seeking dangerous permissions π΅
π Read
via "VPNpro".
π Read
via "VPNpro".
VPNpro
This Chinese company is secretly behind 24 popular apps seeking dangerous permissions
Shenzhen HAWK is secretly behind these 24 popular apps requesting dangerous, with some apps guilty of spreading malware. Read our research to learn more.
β TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection β
π Read
via "Threatpost".
The tricky trojan evolves yet again, remaining one of the most advanced vehicles for delivering malware.π Read
via "Threatpost".
Threat Post
TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection
The tricky trojan evolves yet again, remaining one of the most advanced vehicles for delivering malware.
β FTC warns VoIP providers that help robocallers: we can and will sue β
π Read
via "Naked Security".
It put 19 internet-calling companies on notice that helping illegal robocalls is illegal. It has sued before, and it can do it again.π Read
via "Naked Security".
Naked Security
FTC warns VoIP providers that help robocallers: we can and will sue
It put 19 internet-calling companies on notice that helping illegal robocalls is illegal. It has sued before, and it can do it again.
β Apple proposes simple security upgrade for SMS 2FA codes β
π Read
via "Naked Security".
Apple thinks it's come up with a simple way to make SMS two-factor authentication (2FA) one-time codes less susceptible to phishing attacks.π Read
via "Naked Security".
Naked Security
Apple proposes simple security upgrade for SMS 2FA codes
Apple thinks itβs come up with a simple way to make SMS two-factor authentication (2FA) one-time codes less susceptible to phishing attacks.
π΄ How Device-Aware 2FA Can Defeat Social Engineering Attacks π΄
π Read
via "Dark Reading: ".
While device-aware two-factor authentication is no panacea, it is more secure than conventional SMS-based 2FA. Here's why.π Read
via "Dark Reading: ".
Dark Reading
How Device-Aware 2FA Can Defeat Social Engineering Attacks
While device-aware two-factor authentication is no panacea, it is more secure than conventional SMS-based 2FA. Here's why.
β Ashley Madison Breach Extortion Scam Targets Hundreds β
π Read
via "Threatpost".
A new extortion attack has targeted hundreds of users affected by the Ashley Madison breach over the past week.π Read
via "Threatpost".
Threat Post
Ashley Madison Breach Extortion Scam Targets Hundreds
A new extortion scam has targeted hundreds of users affected by the Ashley Madison breach over the past week.
π SQLMAP - Automatic SQL Injection Tool 1.4.2 π
π Go!
via "Security Tool Files β Packet Storm".
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
SQLMAP - Automatic SQL Injection Tool 1.4.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Phishing tournament finds employees falling prey to malicious emails π
π Read
via "Security on TechRepublic".
The Gone Phishing Tournament tested how susceptible people are to opening fraudulent emails and entering their login information.π Read
via "Security on TechRepublic".
TechRepublic
Phishing tournament finds employees falling prey to malicious emails
The Gone Phishing Tournament tested how susceptible people are to opening fraudulent emails and entering their login information.
π΄ How Enterprises Are Developing and Maintaining Secure Applications π΄
π Read
via "Dark Reading: ".
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.π Read
via "Dark Reading: ".
π΄ Coronavirus Phishing Attack Infects US, UK Inboxes π΄
π Read
via "Dark Reading: ".
Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus.π Read
via "Dark Reading: ".
Darkreading
Coronavirus Phishing Attack Infects US, UK Inboxes
Cybercriminals capitalize on fears of a global health emergency with phishing emails claiming to offer advice for protecting against coronavirus.
β Tesla Autopilot Duped By βPhantomβ Images β
π Read
via "Threatpost".
Researchers were able to fool popular autopilot systems into perceiving projected images as real - causing the cars to brake or veer into oncoming traffic lanes.π Read
via "Threatpost".
Threat Post
Tesla Autopilot Duped By βPhantomβ Images
Researchers were able to fool popular autopilot systems into perceiving projected images as real - causing the cars to brake or veer into oncoming traffic lanes.
π 3D map shows how the coronavirus spread worldwide π
π Read
via "Security on TechRepublic".
A UN aviation agency uses GIS software to track transmission lines while 20 US airports set up screening centers.π Read
via "Security on TechRepublic".
TechRepublic
American cases added to 3D map showing the spread of COVID-19
The outbreak is slowing down in China while the WHO warns the rest of the world to "pull out all the stops" to control the spread of the illness.
π Facebook's $550M Biometric Settlement Is a Data Privacy Law Landmark π
π Read
via "Subscriber Blog RSS Feed ".
The settlement, one of the highest in US history, is a testament to robust privacy legislation.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Facebook's $550M Biometric Settlement Is a Data Privacy Law Landmark
The settlement, one of the highest in US history, is a testament to robust privacy legislation.
β AZORult Campaign Adopts Novel Triple-Encryption Technique β
π Read
via "Threatpost".
Popular trojan is sneaking its way onto PCs via malspam campaign that uses three levels of encryption to sneak past cyber defenses.π Read
via "Threatpost".
Threat Post
AZORult Campaign Adopts Novel Triple-Encryption Technique
Popular trojan is sneaking its way onto PCs via malspam campaign that uses three levels of encryption to sneak past cyber defenses.
π΄ Attackers Actively Targeting Flaw in Door-Access Controllers π΄
π Read
via "Dark Reading: ".
There's been a sharp increase in scans for vulnerable Nortek Linear Emerge E3 systems, SonicWall says.π Read
via "Dark Reading: ".
Darkreading
Attackers Actively Targeting Flaw in Door-Access Controllers
There's been a sharp increase in scans for vulnerable Nortek Linear Emerge E3 systems, SonicWall says.
π΄ Researchers Find 24 'Dangerous' Android Apps with 382M Installs π΄
π Read
via "Dark Reading: ".
Shenzhen Hawk Internet Co. is identified as the parent company behind five app developers seeking excessive permissions in Android apps.π Read
via "Dark Reading: ".
Dark Reading
Researchers Find 24 'Dangerous' Android Apps with 382M Installs
Shenzhen Hawk Internet Co. is identified as the parent company behind five app developers seeking excessive permissions in Android apps.
π΄ C-Level & Studying for the CISSP π΄
π Read
via "Dark Reading: ".
One CTO tells us about his belated pursuit of a foundational infosecurity certification -- why he wanted it and what it took.π Read
via "Dark Reading: ".
Dark Reading
C-Level & Studying for the CISSP
One CTO tells us about his belated pursuit of a foundational infosecurity certification -- why he wanted it and what it took.