π΄ How Can We Make Election Technology Secure? π΄
π Read
via "Dark Reading: ".
In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.π Read
via "Dark Reading: ".
Darkreading
How Can We Make Election Technology Secure?
In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.
ATENTIONβΌ New - CVE-2012-2593
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2010-3917
π Read
via "National Vulnerability Database".
Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.π Read
via "National Vulnerability Database".
β Update now β WhatsApp flaw gave attackers access to local files β
π Read
via "Naked Security".
The flaw affecting WhatsApp's desktop client when it's paired with the iPhone app allowed attackers access to local file systems.π Read
via "Naked Security".
Naked Security
Update now β WhatsApp flaw gave attackers access to local files
The flaw affecting WhatsAppβs desktop client when itβs paired with the iPhone app allowed attackers access to local file systems.
π΄ RSAC Sets Finalists for Innovation Sandbox π΄
π Read
via "Dark Reading: ".
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.π Read
via "Dark Reading: ".
Dark Reading
RSAC Sets Finalists for Innovation Sandbox
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.
β S2 Ep25: Youβve seen WHAT on public Trello boards? β Naked Security Podcast β
π Read
via "Naked Security".
New episode available now.π Read
via "Naked Security".
Naked Security
S2 Ep25: Youβve seen WHAT on public Trello boards? β Naked Security Podcast
New episode available now.
π Beware of malware disguised as Oscar-nominated movies including Joker and Parasite π
π Read
via "Security on TechRepublic".
Joker was the hottest film among cybercriminals with 304 malicious files named after Batman's arch-nemesis, says security firm Kaspersky.π Read
via "Security on TechRepublic".
TechRepublic
Beware of malware disguised as Oscar-nominated movies including Joker and Parasite
Joker was the hottest film among cybercriminals with 304 malicious files named after Batman's arch-nemesis, says security firm Kaspersky.
β The RSAC 2020 Trend Report β
π Read
via "Threatpost".
Whatβs trending in cybersecurity? This yearβs session submissions tell us.π Read
via "Threatpost".
Threat Post
The RSAC 2020 Trend Report
The RSAC 2020 Trend Report examines data from this year's submissions to provide a peek into what will be on the minds of security professionals in 2020.
π΄ Invisible Pixel Patterns Can Communicate Data Covertly π΄
π Read
via "Dark Reading: ".
University researchers show that changing the brightness of monitor pixels can communicates data from air-gapped systems in a way not visible to human eyes.π Read
via "Dark Reading: ".
Darkreading
Invisible Pixel Patterns Can Communicate Data Covertly
University researchers show that changing the brightness of monitor pixels can communicate data from air-gapped systems in a way not visible to human eyes.
π Why shortcuts lead to failure: Lessons from app disaster in Iowa π
π Read
via "Security on TechRepublic".
Quality control and standard software dev process could have prevented extended delays in reporting the results of the 2020 Iowa Caucus.π Read
via "Security on TechRepublic".
TechRepublic
Why shortcuts lead to failure: Lessons from app disaster in Iowa caucus
Quality control and standard software dev process could have prevented extended delays in reporting the results of the 2020 Iowa Caucus.
π΄ A Matter of Trust π΄
π Read
via "Dark Reading: ".
Has working in the cybersecurity industry affected your ability to trust? Take the poll now.π Read
via "Dark Reading: ".
Dark Reading
A Matter of Trust
Has working in the cybersecurity industry affected your ability to trust? Take the poll now.
β U.S. Finance Sector Hit with Targeted Backdoor Campaign β
π Read
via "Threatpost".
The powerful Minebridge backdoor gives cyberattackers full run of a victim's machine.π Read
via "Threatpost".
Threat Post
U.S. Finance Sector Hit with Targeted Backdoor Campaign
The powerful Minebridge backdoor gives cyberattackers full run of a victim's machine.
β Metamorfo Returns with Keylogger Trick to Target Financial Firms β
π Read
via "Threatpost".
The malware uses a tactic to force victims to retype passwords into their systems - which it tracks via a keylogger.π Read
via "Threatpost".
Threat Post
Metamorfo Returns with Keylogger Trick to Target Financial Firms
The malware uses a tactic to force victims to retype passwords into their systems - which it tracks via keylogging.
π΄ Facebook Tops Imitated Brands as Attackers Target Tech π΄
π Read
via "Dark Reading: ".
Brand impersonators favor Facebook, Yahoo, Network, and PayPal in phishing attempts to steal credentials from victims.π Read
via "Dark Reading: ".
Dark Reading
Facebook Tops Imitated Brands as Attackers Target Tech
Brand impersonators favor Facebook, Yahoo, Network, and PayPal in phishing attempts to steal credentials from victims.
π The postmortem: Shadow took lots of shortcuts with Iowa 2020 caucus app π
π Read
via "Security on TechRepublic".
Extreme delays in reporting results shows "move fast and break things" is the wrong approach for election infrastructure, developers and business leaders say.π Read
via "Security on TechRepublic".
TechRepublic
The postmortem: Shadow took lots of shortcuts with Iowa 2020 caucus app
Extreme delays in reporting results shows "move fast and break things" is the wrong approach for election infrastructure, developers and business leaders say.
π΄ Cybersecurity Vendor Landscape Transforming as Symantec, McAfee Enter New Eras π΄
π Read
via "Dark Reading: ".
Two years ago, Symantec and McAfee were both primed for a comeback. Today, both face big questions about their future.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ Forescout Acquired by Private Equity Team π΄
π Read
via "Dark Reading: ".
The deal, valued at $1.9 billion, is expected to close next quarter.π Read
via "Dark Reading: ".
Dark Reading
Forescout Acquired by Private Equity Team
The deal, valued at $1.9 billion, is expected to close next quarter.
ATENTIONβΌ New - CVE-2012-6340
π Read
via "National Vulnerability Database".
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6309
π Read
via "National Vulnerability Database".
A vulnerability exists in Arctic Torrent 1.4 via unspecified vectors in .torrent file handling, which could let a malicious user cause a Denial of Service.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6307
π Read
via "National Vulnerability Database".
A vulnerability exists in JPEGsnoop 1.5.2 due to an unspecified issue in JPEG file handling, which could let a malicious user execute arbitrary codeπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-6306
π Read
via "National Vulnerability Database".
A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a write access violation with a GIF file.π Read
via "National Vulnerability Database".