New Presentation Template: Incident Response Reporting for Management
For many security decision-makers, the real challenge is communicating the ongoing IR process to their management.
On-Board ‘Mystery Boxes’ Threaten Global Shipping Vessels
Unknown, vulnerable systems are present in nearly every ship environment that researchers have pen-tested.
Sudo Bug Opens Root Access on Linux Systems
The bug allows users to bypass privilege restrictions to execute commands as root.
Software, Supply-Chain Dangers Top List of 5G Cyber Risks
Without naming Huawei, the EU warns on state-backed 5G suppliers.
Fin7 Cybergang Retools With New Malicious Code
A new dropper and payload show that Fin7 isn’t going anywhere despite a crackdown on the infamous group by law enforcement in 2018.
Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics
A campaign first observed last year has ramped up its attack methods and appears to be linked to activity targeting President Trump’s 2020 re-election campaign.
vBulletin Flaw Exploited in Dutch Sex-Work Forum Breach
A hacker is selling the email addresses of 250,000 users of a Dutch sex-work forum — data that researchers say could be used for blackmail.
Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign
Attackers exploit an “unquoted path” flaw in the Bonjour updater in iTunes for Windows to deliver ransomware attacks.
HP Touchpoint Analytics Opens PCs to Code Execution Attack
The vulnerability stems from an issue with DLL loading in Open Source Hardware, used by tens of millions of computers, researchers say.
Gamers Warned of High-Severity Intel, Nvidia Flaws
The Intel NUC and Nvidia Shield both are vulnerable to high-severity flaws, Intel and Nvidia warned in dual advisories.
