β Dropbox Passes $1M Milestone for Bug-Bounty Payouts β
π Read
via "Threatpost".
The file-sharing service also disclosed details of past notable bugs for the first time.π Read
via "Threatpost".
Threat Post
Dropbox Passes $1M Milestone for Bug-Bounty Payouts
The file-sharing service also disclosed details of past notable bugs for the first time.
β Charming Kitten Uses Fake Interview Requests to Target Public Figures β
π Read
via "Threatpost".
APT group poses as a former Wall Street Journal journalist to launch phishing campaigns and steal victim email account details.π Read
via "Threatpost".
Threat Post
Charming Kitten Uses Fake Interview Requests to Target Public Figures
APT group poses as a former Wall Street Journal journalist to launch phishing campaigns and steal victim email account details.
β Googleβs Chrome 80 clamps down on cookies and notification spam β
π Read
via "Naked Security".
Version 80 of the Chrome browser is out with some new features designed to save your security and your sanity.π Read
via "Naked Security".
Naked Security
Googleβs Chrome 80 clamps down on cookies and notification spam
Version 80 of the Chrome browser is out with some new features designed to save your security and your sanity.
π΄ RSAC Sets Finalists for Innovation Sandbox π΄
π Read
via "Dark Reading: ".
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.π Read
via "Dark Reading: ".
β Twitter bans deepfakes, but only those βlikely to cause harmβ β
π Read
via "Naked Security".
Twitter isn't interested in how the βsynthetic or manipulatedβ media is created, but if it has the potential to cause harm it'll be removed.π Read
via "Naked Security".
Naked Security
Twitter bans deepfakes, but only those βlikely to cause harmβ
Twitter isnβt interested in how the βsynthetic or manipulatedβ media is created, but if it has the potential to cause harm itβll be removed.
π IoT is a gold mine for hackers using fileless malware for cyberattacks π
π Read
via "Security on TechRepublic".
Data exposure is one of the biggest threats from attacks on IoT devices. A new report recommends a shift to perimeter-less security strategies.π Read
via "Security on TechRepublic".
TechRepublic
IoT is a gold mine for hackers using fileless malware for cyberattacks
Data exposure is one of the biggest threats from attacks on IoT devices. A new report recommends a shift to perimeter-less security strategies.
π΄ How Can We Make Election Technology Secure? π΄
π Read
via "Dark Reading: ".
In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.π Read
via "Dark Reading: ".
Darkreading
How Can We Make Election Technology Secure?
In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.
ATENTIONβΌ New - CVE-2012-2593
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-3917
π Read
via "National Vulnerability Database".
Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.π Read
via "National Vulnerability Database".
β Update now β WhatsApp flaw gave attackers access to local files β
π Read
via "Naked Security".
The flaw affecting WhatsApp's desktop client when it's paired with the iPhone app allowed attackers access to local file systems.π Read
via "Naked Security".
Naked Security
Update now β WhatsApp flaw gave attackers access to local files
The flaw affecting WhatsAppβs desktop client when itβs paired with the iPhone app allowed attackers access to local file systems.
π΄ RSAC Sets Finalists for Innovation Sandbox π΄
π Read
via "Dark Reading: ".
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.π Read
via "Dark Reading: ".
Dark Reading
RSAC Sets Finalists for Innovation Sandbox
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.
β S2 Ep25: Youβve seen WHAT on public Trello boards? β Naked Security Podcast β
π Read
via "Naked Security".
New episode available now.π Read
via "Naked Security".
Naked Security
S2 Ep25: Youβve seen WHAT on public Trello boards? β Naked Security Podcast
New episode available now.
π Beware of malware disguised as Oscar-nominated movies including Joker and Parasite π
π Read
via "Security on TechRepublic".
Joker was the hottest film among cybercriminals with 304 malicious files named after Batman's arch-nemesis, says security firm Kaspersky.π Read
via "Security on TechRepublic".
TechRepublic
Beware of malware disguised as Oscar-nominated movies including Joker and Parasite
Joker was the hottest film among cybercriminals with 304 malicious files named after Batman's arch-nemesis, says security firm Kaspersky.
β The RSAC 2020 Trend Report β
π Read
via "Threatpost".
Whatβs trending in cybersecurity? This yearβs session submissions tell us.π Read
via "Threatpost".
Threat Post
The RSAC 2020 Trend Report
The RSAC 2020 Trend Report examines data from this year's submissions to provide a peek into what will be on the minds of security professionals in 2020.
π΄ Invisible Pixel Patterns Can Communicate Data Covertly π΄
π Read
via "Dark Reading: ".
University researchers show that changing the brightness of monitor pixels can communicates data from air-gapped systems in a way not visible to human eyes.π Read
via "Dark Reading: ".
Darkreading
Invisible Pixel Patterns Can Communicate Data Covertly
University researchers show that changing the brightness of monitor pixels can communicate data from air-gapped systems in a way not visible to human eyes.
π Why shortcuts lead to failure: Lessons from app disaster in Iowa π
π Read
via "Security on TechRepublic".
Quality control and standard software dev process could have prevented extended delays in reporting the results of the 2020 Iowa Caucus.π Read
via "Security on TechRepublic".
TechRepublic
Why shortcuts lead to failure: Lessons from app disaster in Iowa caucus
Quality control and standard software dev process could have prevented extended delays in reporting the results of the 2020 Iowa Caucus.
π΄ A Matter of Trust π΄
π Read
via "Dark Reading: ".
Has working in the cybersecurity industry affected your ability to trust? Take the poll now.π Read
via "Dark Reading: ".
Dark Reading
A Matter of Trust
Has working in the cybersecurity industry affected your ability to trust? Take the poll now.
β U.S. Finance Sector Hit with Targeted Backdoor Campaign β
π Read
via "Threatpost".
The powerful Minebridge backdoor gives cyberattackers full run of a victim's machine.π Read
via "Threatpost".
Threat Post
U.S. Finance Sector Hit with Targeted Backdoor Campaign
The powerful Minebridge backdoor gives cyberattackers full run of a victim's machine.
β Metamorfo Returns with Keylogger Trick to Target Financial Firms β
π Read
via "Threatpost".
The malware uses a tactic to force victims to retype passwords into their systems - which it tracks via a keylogger.π Read
via "Threatpost".
Threat Post
Metamorfo Returns with Keylogger Trick to Target Financial Firms
The malware uses a tactic to force victims to retype passwords into their systems - which it tracks via keylogging.
π΄ Facebook Tops Imitated Brands as Attackers Target Tech π΄
π Read
via "Dark Reading: ".
Brand impersonators favor Facebook, Yahoo, Network, and PayPal in phishing attempts to steal credentials from victims.π Read
via "Dark Reading: ".
Dark Reading
Facebook Tops Imitated Brands as Attackers Target Tech
Brand impersonators favor Facebook, Yahoo, Network, and PayPal in phishing attempts to steal credentials from victims.
π The postmortem: Shadow took lots of shortcuts with Iowa 2020 caucus app π
π Read
via "Security on TechRepublic".
Extreme delays in reporting results shows "move fast and break things" is the wrong approach for election infrastructure, developers and business leaders say.π Read
via "Security on TechRepublic".
TechRepublic
The postmortem: Shadow took lots of shortcuts with Iowa 2020 caucus app
Extreme delays in reporting results shows "move fast and break things" is the wrong approach for election infrastructure, developers and business leaders say.