β U.S. Pipeline Disrupted by Ransomware Attack β
π Read
via "Threatpost".
The attack took a gas compression facility offline for two days, disrupting the supply chain.π Read
via "Threatpost".
Threat Post
U.S. Pipeline Disrupted by Ransomware Attack
The attack took a gas compression facility offline for two days, disrupting the supply chain.
π΄ User Have Risky Security Habits, but Security Pros Aren't Much Better π΄
π Read
via "Dark Reading: ".
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.π Read
via "Dark Reading: ".
Dark Reading
User Have Risky Security Habits, but Security Pros Aren't Much Better
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.
π΄ Users Have Risky Security Habits, but Security Pros Aren't Much Better π΄
π Read
via "Dark Reading: ".
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.π Read
via "Dark Reading: ".
Dark Reading
Users Have Risky Security Habits, but Security Pros Aren't Much Better
Researchers spot gaps in users' and IT practitioners' security habits, and between security tools and user preferences.
π΄ Researchers Fool Smart Car Camera with a 2-Inch Piece of Electrical Tape π΄
π Read
via "Dark Reading: ".
McAfee researchers say they were able to get a Tesla to autonomously accelerate by tricking its camera platform into misreading a speed-limit sign.π Read
via "Dark Reading: ".
Darkreading
Researchers Fool Smart Car Camera with a 2-Inch Piece of Electrical Tape
McAfee researchers say they were able to get a Tesla to autonomously accelerate by tricking its camera platform into misreading a speed-limit sign.
ATENTIONβΌ New - CVE-2013-2018
π Read
via "National Vulnerability Database".
Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.π Read
via "National Vulnerability Database".
π Data privacy: What consumers want businesses to know π
π Read
via "Security on TechRepublic".
A new PwC report reveals what customers expect when it comes to expectations of privacy surrounding their data.π Read
via "Security on TechRepublic".
TechRepublic
Data privacy: What consumers want businesses to know
A new PwC report reveals what customers expect when it comes to expectations of privacy surrounding their data.
ATENTIONβΌ New - CVE-2014-3484
π Read
via "National Vulnerability Database".
Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2012-2629
π Read
via "National Vulnerability Database".
Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator account via an addnew action to admin/administrators_add.php; or (2) conduct cross-site scripting (XSS) attacks via the page_title parameter to admin/content_pages_edit.php; the (3) category_name[] parameter to admin/products_category.php; the (4) site_name, (5) seo_title, or (6) meta_keywords parameter to admin/settings_siteinfo.php; the (7) company_name, (8) address1, (9) address2, (10) city, (11) state, (12) country, (13) author_first_name, (14) author_last_name, (15) author_email, (16) contact_first_name, (17) contact_last_name, (18) contact_email, (19) general_email, (20) general_phone, (21) general_fax, (22) sales_email, (23) sales_phone, (24) support_email, or (25) support_phone parameter to admin/settings_company.php; or the (26) system_email, (27) sender_name, (28) smtp_server, (29) smtp_username, (30) smtp_password, or (31) order_notice_email parameter to admin/settings_email.php.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2011-2498
π Read
via "National Vulnerability Database".
The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.π Read
via "National Vulnerability Database".
β Ring makes 2FA mandatory to keep hackers out of your doorbell account β
π Read
via "Naked Security".
Amazon is following Google's lead by forcing all users to use two-factor authentication when logging into their Ring accounts.π Read
via "Naked Security".
Naked Security
Ring makes 2FA mandatory to keep hackers out of your doorbell account
Amazon is following Googleβs lead by forcing all users to use two-factor authentication when logging into their Ring accounts.
β Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles β
π Read
via "Naked Security".
Firefox version 73 has only been out for a week but already Mozilla has had to update it to v73.0.1 to fix a range of browser problems.π Read
via "Naked Security".
Naked Security
Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles
Firefox version 73 has only been out for a week but already Mozilla has had to update it to v73.0.1 to fix a range of browser problems.
β MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer β
π Read
via "Threatpost".
This week a hacking forum posted data from the breachβwhich included personal and contact details for celebrities, tech CEOs, government officials and employees at large tech companies.π Read
via "Threatpost".
Threat Post
MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer
This week a hacking forum posted data from the breachβwhich included personal and contact details for celebrities, tech CEOs, government officials and employees at large tech companies.
β Critical Adobe Flaws Fixed in Out-of-Band Update β
π Read
via "Threatpost".
Two critical Adobe vulnerabilities have been fixed in Adobe After Effects and Adobe Media Encoder.π Read
via "Threatpost".
Threat Post
Critical Adobe Flaws Fixed in Out-of-Band Update
Two critical Adobe vulnerabilities have been fixed in Adobe After Effects and Adobe Media Encoder.
β Nearly half of hospital Windows systems still vulnerable to RDP bugs β
π Read
via "Naked Security".
Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced, according to a report released this week.π Read
via "Naked Security".
Sophos News
Nearly half of hospital Windows systems still vulnerable to RDP bugs
Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced, according to a report released this week.
π Cloud misconfigurations cost companies nearly $5 trillion π
π Read
via "Security on TechRepublic".
A DivvyCloud report finds 196 data breaches exposed more than 33 billion records due to environments without appropriate security.π Read
via "Security on TechRepublic".
π΄ Firms Improve Threat Detection but Face Increasingly Disruptive Attacks π΄
π Read
via "Dark Reading: ".
In addition, more third parties are discovering the attacks rather than the companies themselves.π Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
π΄ 10 Tough Questions CEOs Are Asking CISOs π΄
π Read
via "Dark Reading: ".
CEOs today are prepared with better questions than 'Are we secure,' and chief information security officers had better be ready to answer.π Read
via "Dark Reading: ".
Dark Reading
10 Tough Questions CEOs Are Asking CISOs
CEOs today are prepared with better questions than 'Are we secure,' and chief information security officers had better be ready to answer.
β Ransomware attack forces 2-day shutdown of natural gas pipeline β
π Read
via "Naked Security".
The attacker(s) infected both IT and operational networks with an unspecified ransomware strain, though the facility never lost control.π Read
via "Naked Security".
Naked Security
Ransomware attack forces 2-day shutdown of natural gas pipeline
The attacker(s) infected both IT and operational networks with an unspecified ransomware strain, though the facility never lost control.
π΄ 5 Strategies to Secure Cloud Operations Against Today's Cyber Threats π΄
π Read
via "Dark Reading: ".
With these fundamentals in mind, organizations can reduce their security and compliance risks as they reap the cloud's many benefits:π Read
via "Dark Reading: ".
Dark Reading
5 Strategies to Secure Cloud Operations Against Today's Cyber Threats
With these fundamentals in mind, organizations can reduce their security and compliance risks as they reap the cloud's many benefits:
π How Shadow IT could put your organization at risk π
π Read
via "Security on TechRepublic".
Employees who create external accounts but use them internally pose a risk to your security, says password manager company 1Password.π Read
via "Security on TechRepublic".
TechRepublic
How Shadow IT could put your organization at risk
Employees who create external accounts but use them internally pose a risk to your security, says password manager company 1Password.
π How some presidential campaigns use DMARC to protect their domains from being spoofed π
π Read
via "Security on TechRepublic".
DMARC can prevent spammers from using a trusted domain name to send junk mail, a useful tactic for the presidential campaigns and for your organization, according to security provider Valimail.π Read
via "Security on TechRepublic".
TechRepublic
How some presidential campaigns use DMARC to protect their domains from being spoofed
DMARC can prevent spammers from using a trusted domain name to send junk mail, a useful tactic for the presidential campaigns and for your organization, according to security provider Valimail.