Clik here to view.
Cisco Talos: Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems...
Tyler Bohan of Cisco Talos discovered these vulnerabilities. Vanja Svajcer authored this blog post.Cisco Talos is disclosing several vulnerabilities in ACD Systems' Canvas Draw 5, a graphics-editing...
View ArticleClik here to view.
Zero in a bit: What Goals Are Right for Your AppSec Program?
Clear objectives and goals are key to success for any initiative, and AppSec is no exception. But many organizations struggle to establish application security goals, or focus on the wrong goals to the...
View ArticleClik here to view.
Cisco Talos: Cisco Job Posting Targets Korean Candidates
Edmund Brumaghin and Paul Rascagneres authored this post, with contributions from Jungsoo An.Executive summaryCisco Talos recently observed a targeted malware campaign being leveraged in an attempt to...
View ArticleWired: Security: Hackers Are Passing Around a Megaleak of 2.2 Billion Records
The so-called Collections #1-5 represent a gargantuan, patched-together Frankenstein of rotting personal data.
View ArticleWired: Security: Facebook Hires Up Three of Its Biggest Privacy Critics
Can a trio of privacy advocates effect change from within Facebook—or will they be stifled by corporate bureaucracy?
View ArticleWired: Security: Why Facebook's Banned 'Research' App Was So Invasive
Until Apple revoked its privileges Wednesday, Facebook was paying iOS users $20 a month to download and install the data-sucking application.
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Thursday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
AlienVault Blogs: APT10 Group Targets Multiple Sectors, But Seems to Really...
Threat Actors That Don’t Discriminate When it comes to threat actors and the malware variants they use, let’s talk dating — or rather, the way people date — because one could argue there are marked...
View ArticleClik here to view.
Zero in a bit: Unchecked open source components introducing more risk to...
At Veracode, we’ve been the first and the loudest in proclaiming that companies need to be vigilant in how they use open source components in their software.Our research shows that open source...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Friday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: Sextortion: Follow the Money Part...
There hasn't been much to update in the several months since the Sexploitation: Follow the money updates in Diary 1 and Diary 2. For those of you who didn't read those diaries. When the Sextortion...
View ArticleCarnal0wnage Blog: Abusing Docker API | Socket
Notes on abusing open Docker socketsThis wont cover breaking out of docker containersPorts: usually 2375 & 2376 but can be...
View ArticleClik here to view.
AlienVault Blogs: Things I Hearted This Week, 1st Feb 2019
Hello February! I was doing some research last night and was surprised to discover that the Target breach is over five years old! Five years! I was sure it only happened a couple of years ago - but...
View ArticleClik here to view.
Cisco Talos: Threat Roundup for Jan. 25 to Feb. 1
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 25 and Feb. 01. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Cisco Talos: Cyber Security Week in Review (Feb. 1)
Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign...
View ArticleClik here to view.
Un informático en el lado del mal: AI, Robots, Ética, Big Data & Hacking. La...
Un sábado más. Seis de la mañana y arriba. El reloj que llevo dentro sigue funcionando mejor que un Casio de esos que tanto gustan. Arriba. A ponerse en marcha y trabajar. Solo un poco antes de llevar...
View ArticleWired: Security: A Facebook Crackdown, Amazon Facial Recognition, and More...
Hackers use SS7 flaws to rob banks, Japan goes after IoT vulnerabilities, and more security news this week.
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: Scanning for WebDAV PROPFIND...
Over the last several months, I have noticed more scans for WebDAV PROPFIND showing up in my honeypot. This is likely an attempt to exploit and launch calc.exe on the server to test if the web...
View ArticleClik here to view.
Un informático en el lado del mal: The Originals
Siempre he creído que hacer las cosas solo es una manera de no cargarse con responsabilidades de otros en la cabeza, pero que para una persona solo hay objetivos que están fuera de su alcance. Es...
View ArticleSANS Internet Storm Center, InfoCON: green: Video: Analyzing a Simple HTML...
Reader Carlos submitted an email with an attachment. It's a phishing email, the attachment is an HTML file, although the criminals try to make the recipient believe that it is a PDF file.In this video,...
View Article