ATENTIONβΌ New - CVE-2012-0951
π Read
via "National Vulnerability Database".
A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-4661
π Read
via "National Vulnerability Database".
A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.π Read
via "National Vulnerability Database".
β Mozilla Firefox 73 Browser Update Fixes High-Severity RCE Bugs β
π Read
via "Threatpost".
The release of Firefox 73 fixed high-severity memory safety bugs that could cause arbitrary code execution and missing bounds check that could enable memory corruption.π Read
via "Threatpost".
Threat Post
Mozilla Firefox 73 Browser Update Fixes High-Severity RCE Bugs
The release of Firefox 73 fixed high-severity memory safety bugs that could cause arbitrary code execution and missing bounds check that could enable memory corruption.
π U.S. Counterintelligence Center Pledges to Focus on Supply Chains, Democracy π
π Read
via "Subscriber Blog RSS Feed ".
The National Counterintelligence and Security Center said this week it plans to double down on securing critical infrastructure, supply chain, the economy, democratic institutions, and cyber/technical operations.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
U.S. Counterintelligence Center Pledges to Focus on Supply Chains, Democracy
The National Counterintelligence and Security Center said this week it plans to double down on securing critical infrastructure, supply chain, the economy, democratic institutions, and cyber/technical operations.
ATENTIONβΌ New - CVE-2011-4338
π Read
via "National Vulnerability Database".
Shaman 1.0.9: Users can add the line askforpwd=false to his shaman.conf file, without entering the root password in shaman. The next time shaman is run, root privileges are granted despite the fact that the user never entered the root password.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-3901
π Read
via "National Vulnerability Database".
Android SQLite Journal before 4.0.1 has an information disclosure vulnerability.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-3336
π Read
via "National Vulnerability Database".
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2499
π Read
via "National Vulnerability Database".
Mambo CMS through 4.6.5 has multiple XSS.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2343
π Read
via "National Vulnerability Database".
The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.π Read
via "National Vulnerability Database".
π΄ FBI: Business Email Compromise Cost Businesses $1.7B in 2019 π΄
π Read
via "Dark Reading: ".
BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up.π Read
via "Dark Reading: ".
Dark Reading
FBI: Business Email Compromise Cost Businesses $1.7B in 2019
BEC attacks comprised nearly half of cybercrime losses last year, which totaled $3.5 billion overall as Internet-enabled crimes ramped up.
π΄ Avast Under Investigation by Czech Privacy Agency π΄
π Read
via "Dark Reading: ".
The software security maker is suspected of selling data about more than 100 million users to companies including Google, Microsoft, and Home Depot.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
ATENTIONβΌ New - CVE-2011-4908
π Read
via "National Vulnerability Database".
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-4906
π Read
via "National Vulnerability Database".
Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.π Read
via "National Vulnerability Database".
π΄ Third-Party Breaches - and the Number of Records Exposed - Increased Sharply in 2019 π΄
π Read
via "Dark Reading: ".
Each breach exposed an average of 13 million records, Risk Based Security found.π Read
via "Dark Reading: ".
Darkreading
Third-Party Breaches β and the Number of Records Exposed β Increased Sharply in 2019
Each breach exposed an average of 13 million records, Risk Based Security found.
β Google to force Nest users to turn on 2FA β
π Read
via "Naked Security".
Nest users who aren't using 2FA or a Google account will be required to take an extra step by verifying their identity via email.π Read
via "Naked Security".
Naked Security
Google to force Nest users to turn on 2FA
Nest users who arenβt using 2FA or a Google account will be required to take an extra step by verifying their identity via email.
β Google: Efforts Against Bad Android Apps on Play Store Are Working β
π Read
via "Threatpost".
The tech giant acknowledged some achievements in efforts to bolster mobile app security but recognized more needs to be done.π Read
via "Threatpost".
Threat Post
Google: Efforts Against Bad Android Apps on Play Store Are Working
The tech giant acknowledged some achievements in efforts to bolster mobile app security but recognized more needs to be done.
β FBI: Cybercrime tore a $3.5b hole in victimsβ pockets last year β
π Read
via "Naked Security".
The FBI's Internet Crime Report shows that business email comprise is the biggest money-maker for cybercriminals.π Read
via "Naked Security".
Naked Security
FBI: Cybercrime tore a $3.5b hole in victimsβ pockets last year
The FBIβs Internet Crime Report shows that business email comprise is the biggest money-maker for cybercriminals.
β IE zero day and heap of RDP flaws fixed in February Patch Tuesday β
π Read
via "Naked Security".
Microsoft has finally patched the Internet Explorer (IE) zero-day flaw the company said in January was being used in βlimited targeted attacksβ.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Dell fixes privilege elevation bug in support software β
π Read
via "Naked Security".
Users of Dell SupportAssist should patch their software immediately to fix a software bug that could lead to arbitrary code execution.π Read
via "Naked Security".
Naked Security
Dell fixes privilege elevation bug in support software
Users of Dell SupportAssist should patch their software immediately to fix a software bug that could lead to arbitrary code execution.
β Firefox six-weekly security fixes are out β get them now! β
π Read
via "Naked Security".
No zero-day bugs, so by updating promptly you are keeping ahead of the crooks, not merely catching up!π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π Why password management is critical to mitigating data breaches π
π Read
via "Security on TechRepublic".
The Identity Theft Resource Center warns that businesses of all sizes should be vigilant about data security. The COO offers advice about passwords, cloud security, and patch management.π Read
via "Security on TechRepublic".
TechRepublic
Why password management is critical to mitigating data breaches
The Identity Theft Resource Center warns that businesses of all sizes should be vigilant about data security. The COO offers advice about passwords, cloud security, and patch management.