β Critical Cisco βCDPwnβ Flaws Break Network Segmentation β
π Read
via "Threatpost".
Cisco has released patches to address the five vulnerabilities, which could lead to remote code-execution and denial of service.π Read
via "Threatpost".
Threat Post
Critical Cisco βCDPwnβ Flaws Break Network Segmentation
Cisco has released patches to address the five vulnerabilities, which could lead to remote code-execution and denial of service.
β Critical Cisco βCDPwnβ Protocol Flaws Explained: Podcast β
π Read
via "Threatpost".
The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities.π Read
via "Threatpost".
Threat Post
Critical Cisco βCDPwnβ Protocol Flaws Explained: Podcast
The researcher behind the five critical Cisco flaws, collectively called CDPwn, talks about why Layer 2 protocols are under-researched when it comes to security vulnerabilities.
β WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE β
π Read
via "Threatpost".
A high-severity vulnerability could allow cybercriminals to push malware or remotely execute code, using seemingly innocuous messages.π Read
via "Threatpost".
Threat Post
WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE
A high-severity vulnerability could allow cybercriminals to push malware or remotely execute code, using seemingly innocuous messages.
ATENTIONβΌ New - CVE-2013-0507
π Read
via "National Vulnerability Database".
IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerabilityπ Read
via "National Vulnerability Database".
β PayPal SMS scams β donβt fall for them! β
π Read
via "Naked Security".
Text messages may be old hat - but SMS is still a handy tool for crooks out to find more about you.π Read
via "Naked Security".
Naked Security
PayPal SMS scams β donβt fall for them!
Text messages may be old hat β but SMS is still a handy tool for crooks out to find more about you.
β Coronavirus βsafety measuresβ email is a phishing scam β
π Read
via "Naked Security".
Sadly, cybercrooks love a crisis, because it gives them a believable reason to contact you with a phishing scam. Take care out there!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers β
π Read
via "Threatpost".
Malware campaign targets global manufacturers that are still dependent on Windows 7 subsystems to run fleets of IoT endpoints.π Read
via "Threatpost".
Threat Post
New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers
Malware campaign targets global manufacturers that are still dependent on Windows 7 subsystems to run fleets of IoT endpoints.
π΄ Keeping Compliance Data-Centric Amid Accelerating Regulation π΄
π Read
via "Dark Reading: ".
As the regulatory landscape transforms, it's still smart to stay strategically focused on protecting your data.π Read
via "Dark Reading: ".
Dark Reading
Keeping Compliance Data-Centric Amid Accelerating Regulation
As the regulatory landscape transforms, it's still smart to stay strategically focused on protecting your data.
π ISO-8385 Protocol Fuzzer π
π Go!
via "Security Tool Files β Packet Storm".
This python script is a fuzzer for the ISO-8385 financial protocol. It is compatible with sulley and bofuzz and is now part of the official bofuzz release.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
ISO-8385 Protocol Fuzzer β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π nfstream 3.1.2 π
π Go!
via "Security Tool Files β Packet Storm".
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
nfstream 3.1.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Clam AntiVirus Toolkit 0.102.2 π
π Go!
via "Security Tool Files β Packet Storm".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Clam AntiVirus Toolkit 0.102.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π SEC Issues Cybersecurity and Resiliency Best Practices π
π Read
via "Subscriber Blog RSS Feed ".
Data loss prevention is one of eight key practices outlined by the SEC last week to enhance cybersecurity preparedness and operational resiliency.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
SEC Issues Cybersecurity and Resiliency Best Practices
Data loss prevention is one of eight key practices outlined by the SEC last week to enhance cybersecurity preparedness and operational resiliency.
π Tips on keeping a Google Photos-type video bug from impacting cloud-based files π
π Read
via "Security on TechRepublic".
The private videos of some Google Photos users were accidentally shared with other people. Here's how to secure online files to protect them from exposure.π Read
via "Security on TechRepublic".
TechRepublic
Tips on keeping a Google Photos-type video bug from impacting cloud-based files
The private videos of some Google Photos users were accidentally shared with other people. Here's how to secure online files to protect them from exposure.
β CamuBot Banking Trojan Returns In Targeted Attacks β
π Read
via "Threatpost".
The malware is back in targeted attacks against Brazilian banking customers, this time using a new technique that involves mobile app authorization.π Read
via "Threatpost".
Threat Post
CamuBot Banking Trojan Returns In Targeted Attacks
The banking malware is bank in targeted attacks against Brazilian banking customers.
π΄ What is a Privileged Access Workstation (PAW)? π΄
π Read
via "Dark Reading: ".
Ask the Experts -- about a technological game of keep-away that protects the most precious resources from the greatest dangers.π Read
via "Dark Reading: ".
Dark Reading
What Is a Privileged Access Workstation (PAW)?
Ask the Experts -- about a technological game of keep-away that protects the most precious resources from the greatest dangers.
π΄ Emotet Preps for Tax Season with New Phishing Campaign π΄
π Read
via "Dark Reading: ".
Malicious emails in a new attack campaign contain links and attachments claiming to lead victims to W-9 forms.π Read
via "Dark Reading: ".
Darkreading
Emotet Preps for Tax Season with New Phishing Campaign
Malicious emails in a new attack campaign contain links and attachments claiming to lead victims to W-9 forms.
ATENTIONβΌ New - CVE-2011-0220
π Read
via "National Vulnerability Database".
Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-5304
π Read
via "National Vulnerability Database".
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-4815
π Read
via "National Vulnerability Database".
Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-4662
π Read
via "National Vulnerability Database".
PmWiki before 2.2.21 has XSS.π Read
via "National Vulnerability Database".
π΄ IoT Malware Campaign Infects Global Manufacturing Sites π΄
π Read
via "Dark Reading: ".
The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.π Read
via "Dark Reading: ".
Darkreading
IoT Malware Campaign Infects Global Manufacturing Sites
The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.