Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

November 18 2017


✌ Three more Android malware families invade Google Play Store

Researchers from a trio of cybersecurity companies have separately issued reports on Android malware they recently discovered smuggled into the Google Play


November 17 2017


✌ Massive US military social media spying archive left wide open in AWS S3 buckets

Dozens of terabytes exposed, your tax dollars at work


✌ Holiday Scams and Malware Campaigns | US-CERT

US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Emails and ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver attachments infected with malware. Spoofed email messages and phony posts on social networking sites may request support for fraudulent causes.To avoid seasonal campaigns that could result in security breaches, identity theft, or financial loss, users are encouraged to take the following actions:


✌ Oracle Products Affected by Critical JOLTandBLEED Vulnerabilities

Oracle has issued an out-of-band emergency security update to address five vulnerabilities, among which one is rated 10 out of 10 on the CVSSv3 bug severity scale, and a second was rated 9.9 out of 10.


✌ New White House Announcement on the Vulnerability Equities Process - Schneier on Security

The White House has released a new version of the Vulnerabilities Equities Process (VEP). This is the inter-agency process by which the US government decides whether to inform the software vendor of a vulnerability it finds, or keep it secret…

November 16 2017


✌ Oracle scrambles to sew up horrid security holes in PeopleSoft's Tuxedo

Nothing like unauth’d hijacking, Heartbleed-style bugs to patch ASAP


✌ Oracle Releases Security Alert

Oracle has released a security alert to address multiple vulnerabilities in Oracle Tuxedo. A remote attacker could exploit these vulnerabilities to take control of an affected system.


✌ McAfee's own anti-hacking service exposed users to banking malware

The purportedly safe link pointed users to a malicious Word document, laden with Emotet banking malware.


✌ Kaspersky defends its role in NSA breach

The Russian anti-virus company explains why it copied files off a PC used by a cyber-spy contractor.


✌ Cash Converters customer data breached

The High Street pawnbroker warns customers passwords and delivery addresses were exposed.


✌ Do Facebook and Google have control of their algorithms anymore? A sobering assessment and a warning

If you searched Google immediately after the recent mass shooting in Texas for information on the gunman, you would have seen what Justin Hendrix,

November 15 2017


✌ Locking Down Your Website Scripts with CSP, Hashes, Nonces and Report URI

I run a workshop titled Hack Yourself First in which people usually responsible for building web apps get to try their hand at breaking them. As it turns out, breaking websites is a heap of fun (with the obvious caveats) and people really get into the exercises. The first one


✌ Shut the front door: Jewson 'fesses up to data breach

Builder’s merchant tells punters their privates might be out in the cold

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!