RSS Reader for Computer Security Articles
Credit to Author: Chris McCormack| Date: Tue, 02 May 2017 14:04:49 +0000
‘This demands your attention no matter what size your organization’ – we couldn’t agree more!<img alt=”” border=”0″ src=”https://pixel.wp.com/b.gif?host=news.sophos.com&blog=834173&post=33537&subd=sophos&ref=&feed=1″ width=”1″ height=”1″ /><img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/DraWRAAlD3U” height=”1″ width=”1″ alt=””/>
Read More
Credit to Author: Michael Kan| Date: Tue, 02 May 2017 03:34:00 -0700
Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade.
The vulnerability, disclosed on Monday, affects features in Intel firmware that are designed for enterprise IT management.
Enterprises using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability on their systems should patch them as soon as possible, the company says.
The vulnerable firmware features can be found in some current Core processors and all the way back to Intel’s first-generation Core, called Nehalem, which shipped in 2008. They’re part of versions 6.0 through 11.6 of Intel’s manageability firmware.
To read this article in full or to leave a comment, please click here
Credit to Author: Maor Schwartz| Date: Mon, 01 May 2017 06:28:11 +0000
Vulnerability Summary The following advisory describes Java deserialization vulnerability found in CloudBees Jenkins version 2.32.1 that leads to a Remote Code Execution. Jenkins helps to automate the non-human part of the whole software development process with now common things like continuous integration and by empowering teams to implement the technical aspects of continuous delivery. It … Continue reading SSD Advisory – CloudBees Jenkins Unauthenticated Code Execution
Read MoreCredit to Author: Brian Barrett| Date: Mon, 01 May 2017 18:36:19 +0000
Putting an unreleased series on the Pirate Bay unless Netflix pays up? Good luck with that. The post That Orange Is the New Black Leak Was Never Going to Pay Off appeared first on WIRED.
Read MoreCredit to Author: Thomas Reed| Date: Mon, 01 May 2017 18:16:41 +0000
 | |
| On Friday a sophisticated Mac Trojan was discovered, called OSX.Dok, which installs malware designed to intercept all HTTP and HTTPS traffic. This morning, Adam Thomas, a Malwarebytes researcher, found a variant of the OSX.Dok dropper that behaves altogether differently and installs a completely different payload. Categories: Tags: AppleDokument.appmacmac malwareMac TrojanmalwareOSX.Doktrojan |
The post Another OSX.Dok dropper found installing new backdoor appeared first on Malwarebytes Labs.
Read MoreCredit to Author: Trend Micro| Date: Mon, 01 May 2017 18:12:37 +0000
As attacks increase and hackers realize the profit that stolen data from POS systems could bring, cybercriminals are creating more advanced malware to support their nefarious exploits.
Credit to Author: Matt Hamblen| Date: Mon, 01 May 2017 10:35:00 -0700
May 4 is coming up and has been designated as World Password Day to remind enterprise workers and consumers everywhere to use strong, updated passwords to protect cybersecurity.
The date was picked to align with one of the silliest puns yet: “May the Fourth Be with You” — also known as Star Wars Day. (Get it?) Well, maybe when Thursday, May 4 rolls around, it will still be a reminder for end-users to choose a stronger password and redouble security steps.
Security firm BullGuard cited recent studies showing that 90% of all passwords are vulnerable to attack in seconds. Also, 10,000 common passwords like “qwerty” or “12345678” allow access to 98% of all accounts, BullGuard said. Amazingly, 21% of online users rely on passwords that are 10 years old, the company said.
To read this article in full or to leave a comment, please click here
Credit to Author: Malwarebytes Labs| Date: Mon, 01 May 2017 17:07:19 +0000
 | |
| A compilation of notable security news and blog posts from the 24th of April to the 30th. We covered a lot of different subject, exploit kits, adware, Tech Support Scams, Android and Mac threats. And how to fight security fatigue. Categories: Tags: adwareeitestOSX.Doktech support scamsTerror EKweekly blog roundup |
The post A week in security (Apr 24 – Apr 30) appeared first on Malwarebytes Labs.
Read More