FreshRSS

πŸ”’
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Over 40,000 credentials for government portals found online

Malware operators have collected login credentials for government portals in Italy, Saudi Arabia, Portugal, Bulgaria, Romania, more.
  • December 11th 2018 at 12:46

Coming Together - Business Security Weekly #110

By paul@securityweekly.com

This week, Matt and Paul interview Brian Carey, Senior Security Consultant at Rapid7! Brian talks about emerging trends that he is seeing with his clients, and how they impact their clients’ security programs, including maturity, roadmap, and recommendations! In the Leadership Articles, Matt and Paul discuss how to collaborate with people you don’t like, the right way to solve complex business problems, what the habits are of successful people, three things to know before you land a tech job, and more!

Β 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode110

To learn more about Rapid7, go to: www.rapid7.com/securityweekly

Β 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!

Β 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • December 11th 2018 at 10:00

Hackers ramp up attacks on mining rigs before Ethereum price crashes into the gutter

Attackers scan for Ethereum wallets and mining rigs that have carelessly exposed port 8545 on the Internet.
  • December 10th 2018 at 23:06

Google+ hit by second API bug impacting 52.5 million users

Google moves Google+ sunset date forward, from August 2019 to April 2019.
  • December 10th 2018 at 19:20

Half of the Tor Project's funding now comes from the private sector

Tor Project reports $4.2 million income in 2017, of which only 51 percent came from government funds.
  • December 10th 2018 at 16:47

Android adware tricks ad networks into thinking it's an iPhone to make more money

New Android adware discovered in 22 apps downloaded over two million times.
  • December 10th 2018 at 05:30

Cybercrime and malware, 2019 predictions

Experts weigh in on what they believe will happen to the world of cybercrime, malware, and botnets in the coming year.
  • December 9th 2018 at 10:39

Malicious sites abuse 11-year-old Firefox bug that Mozilla failed to fix

Bug dealt with in Chrome and Edge, but still a problem for Firefox users.
  • December 8th 2018 at 23:44

The Bleeding Edge - Paul's Security Weekly #585

By paul@securityweekly.com

This week, how Docker containers can be exploited to mine for cryptocurrency, WordPress sites attacking other WordPress sites, why the Marriott breach is a valuable IT lesson, malicious Chrome extensions, why hospitals are the next frontier of cybersecurity, and how someone is claiming to sell a Mass Printer Hijacking service! In our first Technical Segment, we welcome Marcello Salvati, Security Consultant at BHIS, to talk about SILENTTRINITY, a post-exploitation agent powered by Python, IronPython, C#/.NET! In our second Technical Segment, we air a pre-recorded interview of Lenny Zeltser, VP of Products at Minerva! Lenny will be discussing Evasion Tactics in Malware from the Inside Out!

Β 

Full Show Notes: https://wiki.securityweekly.com/Episode585

Visit https://www.securityweekly.com/psw for all the latest episodes!

Β 

To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly

To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW

To look more into SILENTTRINITY, go to: https://github.com/byt3bl33d3r/SILENTTRINITY

Β 

Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • December 8th 2018 at 10:00

Those annoying sextortion scams are redirecting users to ransomware now

Sextortion emails take a dark turn and are now trying to infect users with the GandCrab ransomware.
  • December 8th 2018 at 08:30

Senator blasts FTC for failing to crack down on Google's ad fraud problems

US Senator says Google is profiting off advertising fraud and has no interest in addressing it.
  • December 7th 2018 at 22:34

DHS looking into tracking Monero and Zcash transactions

DHS has had great success with tracking and analyzing Bitcoin transactions already. They are now looking for similar solutions for tracking "privacy coins."
  • December 7th 2018 at 18:38

OpSec mistake brings down network of Dark Web money counterfeiter

European law enforcement conducts 300 house searches and makes 235 arrests.
  • December 7th 2018 at 17:04

Marriott to reimburse some guests for new passports after massive data breach

Hotel chain responds to US senator. Says it will foot the bill for some users' passport replacement costs.
  • December 7th 2018 at 14:53

Eastern European banks lose tens of millions of dollars in Hollywood-style hacks

Cybercriminals leave laptops, Raspberry Pi boards, and USB thumb drives connected to banks IT networks.
  • December 7th 2018 at 01:24

Industrial espionage fears arise over Chrome extension caught stealing browsing history

Company test runs own traffic analysis service and finds malicious Chrome extension in its own backyard. Ooops!
  • December 7th 2018 at 00:06

ESET discovers 21 new Linux malware families

All malware strains are trojanized versions of the OpenSSH server or client apps that include keylogger and backdoor capabilities.
  • December 6th 2018 at 15:05

Light Years - Enterprise Security Weekly #118

By paul@securityweekly.com

This week, Paul and John Strand interview Mike Nichols, the VP of Product for Endgame! Mike joins us to talk about the MITRE evaluation of Endgame, Open-Source Query Language EQL, and more! In the Enterprise Security News, Ixia extends collaboration with ProtectWise, Ping Identity brings in New Customer Identity as a service solution, Fortinet introduces new security automation capabilities on AWS, Yubico announces YubiHSM 2 integration with AWS IoT Greengrass, and more!

Β 

Full Show Notes: https://wiki.securityweekly.com/ES_Episode118

Visit https://www.securityweekly.com/esw for all the latest episodes!

Β 

To learn more about Endgame, go to: www.endgame.com

Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • December 6th 2018 at 10:00

Twelve US states join for the first time to file multistate data breach lawsuit

Lawsuit details a long list of security fails on MIE's part.
  • December 6th 2018 at 01:41

A botnet of over 20,000 WordPress sites is attacking other WordPress sites

Botnet is still up and running but law enforcement has been notified.
  • December 5th 2018 at 23:44

BeatStars discloses security breach in Twitter live stream

BeatStars website mass-defaced after hacker intrusion. Website back up and running again.
  • December 5th 2018 at 18:55

Adobe releases out-of-band security update for newly discovered Flash zero-day

Zero-day spotted embedded in malicious Office documents uploaded on VirusTotal.
  • December 5th 2018 at 15:26

Cyber-espionage group uses Chrome extension to infect victims

Suspected North Korean APT uses Google Chrome extension to infect victims in the academic sector.
  • December 5th 2018 at 15:00

Stuck In My Teeth - Application Security Weekly #42

By paul@securityweekly.com

This week, Keith and Paul interview Aleksei Tiurin, Senior Security Researcher at Acunetix! Aleksei joins Keith and Paul this week for a Technical Segment on reverse proxies using WebLogic, Nginx, and Tomcat! In the Application Security News, hackers are opening SMB ports on routers to infect PC’s with NSA malware, bug detectives whip up smarter version of classic AFL fuzzer to hunt code vulnerabilities, malware & rogue users can spy on some apps' HTTPS crypto, exploiting developer infrastructure is insanely easy, and more!

Β 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode42

To learn more about Acunetix, go to: www.acunetix.com/securityweekly

Β 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!

Β 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • December 5th 2018 at 10:00

The CoAP protocol is the next big thing for DDoS attacks

CoAP DDoS attacks have already been detected in the wild, some clocking at 320Gbps.
  • December 5th 2018 at 04:13

Google releases Chrome 71 with a focus on security features

Google improves Chrome's ability to filter abusive ads and detect shady mobile subscription forms.
  • December 4th 2018 at 21:35

Over 100,000 PCs infected with new ransomware strain in China

Ransomware authors might have shot themselves in the foot by handling payments via WeChat. Local law enforcement could track ransom payments.
  • December 4th 2018 at 15:44

Hack Naked News #199 - December 4, 2018

By paul@securityweekly.com

This week, hijacking printers to promote a YouTube channel, fake iOS apps that steal money, Google patches 11 critical RCE Android Vulnerabilities, Marriott hack hits 500 million Starwood guests, and getting Pwned through an oscilloscope! Jason Wood from Paladin Security joins us for expert commentary to discuss how the "Iceman" hacker was charged with running a drone-smuggling ring from jail, and more!

Β 

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode199

Β 

Visit https://www.securityweekly.com/hnn for all the latest episodes!

Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • December 4th 2018 at 21:05

That's Success - Business Security Weekly #109

By paul@securityweekly.com

This week, Matt Alderman interviews Jay Prassl, CEO of Automox in a Pre-Recorded interview! Jay explains what Automox does, how Automox bridges the gap between ITOps and SecOps use case, and how Automox defines the way to patch systems in the MacOS, Linux, Windows, and MSP! In the Leadership Articles, Paul is joined by Jason Alburquerque to discuss the new math of leadership, how pragmatic leaders can transform stuck organizations, why building a work community is critical, and more!

Β 

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode109

Β 

To learn more about Automox, go to: www.automox.com

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!

Β 

Visit our website: https://www.securityweekly.com

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • December 4th 2018 at 10:00

Quora discloses mega breach impacting 100 million users

Account info, passwords, emails, private messages, and user votes were exposed.
  • December 4th 2018 at 02:17

Researchers discover SplitSpectre, a new Spectre-like CPU attack

Spectre-like variations continue to be discovered, just as academics predicted at the start of 2018.
  • December 4th 2018 at 01:36

Two iOS fitness apps tricked users into making TouchID payments

Both apps β€”"Fitness Balance app" and "Calories Tracker app"β€” removed from the Apple App Store.
  • December 3rd 2018 at 20:19

New online service will hack printers to spew out spam

PewDiePie hack has spawned a new web service over the weekend: Printer-Spam-as-a-Service.
  • December 3rd 2018 at 17:30

Czech Republic blames Russia for multiple government network hacks

Czech intelligence service says two Russian cyber-espionage groups hacked Ministry of Foreign Affairs, Ministry of Defense, and members of the Czech Army.
  • December 3rd 2018 at 15:23

Marriott sued hours after announcing data breach

One class-action lawsuit is seeking $12.5 billion in damages.
  • December 3rd 2018 at 00:52

ACLU wants court to release documents on the US' attempt at backdooring Facebook Messenger

While the FBI-vs-Apple battle played out in the public, the FBI-vs-Facebook encryption backdoor war remained a secret for months.
  • December 1st 2018 at 20:05

Donut Jokes - Paul's Security Weekly #584

By paul@securityweekly.com

This week, Wietse Venema and Dan Farmer, the Developers of Security Administrator Tool for Analyzing Networks (SATAN) Sven Morgenroth of Netsparker will talk about PHP Object injection vulnerabilities and explain the dangers of PHP's unserialize function, and the crew will wrap the show with the Security News!

Full Show Notes: https://wiki.securityweekly.com/Episode584

To learn more about Netsparker, go to: https://www.netsparker.com/securityweekly

Follow us on Twitter: https://www.twitter.com/securityweekly

  • December 1st 2018 at 10:00

Twitter user hacks 50,000 printers to tell people to subscribe to PewDiePie

Hacker lends a helping hand to YouTube star losing his crown.
  • December 1st 2018 at 01:09

Moscow's new cable car system infected with ransomware two days after launch

Cable car system is now back up and running after a two-day downtime.
  • November 30th 2018 at 15:45

Marriott reveals data breach affecting 500 million hotel guests

Hackers have had access to the Starwood guest reservation database since 2014.
  • November 30th 2018 at 14:26

These are the worst hacks, cyberattacks, and data breaches of 2018

Millions of records were lost, services were disrupted, and credit card data was stolen as hackers ran amok over the year.
  • November 30th 2018 at 14:19

This is how Docker containers can be exploited to mine for cryptocurrency

Containers are becoming a target for cryptojacking in rising numbers.
  • November 30th 2018 at 12:37

Samba Trojan becomes the bread and butter of fresh attack campaign

The malware's veteran operators go low and slow to compromise Linux machines without detection.
  • November 30th 2018 at 10:46

US Senate computers will use disk encryption

New security measure is meant to protect sensitive Senate data on stolen Senate laptops and computers.
  • November 30th 2018 at 00:48

Sky Brasil exposes data of 32 million subscribers

The cause of the data leak was an Internet-accessible ElasticSearch server that was left without a password.
  • November 29th 2018 at 18:06

Hackers can exploit this bug in surveillance cameras to tamper with footage

Researchers have uncovered a vulnerability which can be used to completely compromise surveillance cameras and feeds.
  • November 29th 2018 at 15:00

AriseBank CEO faces 120 years behind bars over alleged cryptocurrency scam

Millions of dollars in investor funds were allegedly spent by the suspect on a luxury lifestyle.
  • November 29th 2018 at 13:00

KingMiner malware hijacks the full power of Windows Server CPUs

Attack rates are rising and detection rates are falling.
  • November 29th 2018 at 11:54

Back on the Saddle - Enterprise Security Weekly #117

By paul@securityweekly.com

This week, Paul and John Strand to interview Jeremy Winter, Director of Azure Management at Microsoft, to talk about Microsoft's Azure program, what they have built, and how it helps further the evolving roles of Cloud Ops and Cloud Security! In the Enterprise News this week, StackPath launches EdgeEngine Serverless Computing, Alcide advances Cloud-Native security firewall platform, Orkus launches Access Governance platform for Cloud Security, Tufin announces a new Cloud Security solution, and more!

Β 

Full Show Notes: https://wiki.securityweekly.com/ES_Episode117

Visit https://www.securityweekly.com/esw for all the latest episodes!

Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!

Β 

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

  • November 29th 2018 at 10:00

Dunkin' Donuts accounts may have been hacked in credential stuffing attack

Hackers were after user accounts in the company's rewards points program.
  • November 29th 2018 at 01:19

Dell announces security breach

Company says it detected an intrusion at the start of the month, but financial data was not exposed.
  • November 28th 2018 at 22:14

Hackers are opening SMB ports on routers so they can infect PCs with NSA malware

Akamai says that over 45,000 routers have been compromised already.
  • November 28th 2018 at 20:04

New industrial espionage campaign leverages AutoCAD-based malware

Researchers warn about industrial espionage group targeting companies in the energy sector with AutoCAD-based malware.
  • November 28th 2018 at 15:57

ElasticSearch server exposed the personal data of over 57 million US citizens

Leaky database taken offline, but not after leaking user details for nearly two weeks.
  • November 28th 2018 at 15:00

Atrium Health data breach exposed 2.65 million patient records

The security incident also exposed an estimated 700,000 Social Security numbers.
  • November 28th 2018 at 12:19

Second time lucky: Cisco pushes fix for failed Webex vulnerability patch

New attack techniques have rendered the original patch useless.
  • November 28th 2018 at 11:30

IBM QRadar Advisor with Watson boosted with MITRE framework

The machine learning system is being given a crash course in cybercriminal techniques.
  • November 28th 2018 at 11:00

Pegasus gov't spyware used to target colleague of slain drug cartel journalist

Just days after the death of a reporter investigating drug cartels, the spyware appeared on the radar.
  • November 28th 2018 at 10:23
❌