RSA Conference 2019: How to Be Better, on Trust, AI and IoT
Tuesday’s keynotes kicking off RSA tackled both light and dark visions of the future, the imperative to become obsessed with trust, IoT and
[...]
Web Security
Articles targeted at Web App Security, hacks, guides, how to’s and the latest vulnerabilities.
RSAC 2019: Joomla! Mail Flaw Exploited to Create Mass Phishing Infrastructure
The Jmail Breaker attack leverages an old vulnerability in Joomla! along with a newly found flaw in the mail module.
Source: Threat
[...]
RSAC 2019: Most Consumers Say ‘No’ to Cumbersome Data Privacy Practices
Consumer confidence in companies keeping their data safe is at an all-time low, but password hygiene and not reading EULAs and app permissions
[...]
BSides SF 2019: Remote-Root Bug in Logitech Harmony Hub Patched and Explained
Users of Logitech’s Harmony Hub get long-awaited answers about the critical bugs that left their home networks wide open to attack.
Source:
[...]
Adobe Patches Critical ColdFusion Vulnerability With Active Exploit
Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product.
Source: Threat Post – Web
[...]
Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
Using an on-again, off-again strategy of C2 communication helps it hide from researchers.
Source: Threat Post – Web Security – Necurs Botnet
[...]
Coinhive to Mine Its Last Monero in March
The controversial cryptomining service is shutting down.
Source: Threat Post – Web Security – Coinhive to Mine Its Last Monero in March
[...]
Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers
Cisco said that CVE-2019-1663, which has a CVSS score of 9.8, allows unauthenticated, remote attackers to execute arbitrary code.
Source: Threat Post
[...]
Card-Skimming Scripts Hide Behind Google Analytics, Angular
The campaign is marked by a significant level of customization, with an “individualized yet very consistent approach to every compromise.
Source: Threat
[...]
Ring Doorbell Flaw Opens Door to Spying
Researchers are urging Ring users to update to the latest version of the smart doorbell after a serious flaw triggered privacy concerns.
[...]