Cyber security aggregate rss news

Cyber security aggregator - feeds history

image for The Best New Antivir ...

 Security

The days when antivirus solutions were only required on Windows are long gone, as pretty much any operating system out there is now being targeted by malicious actors out there. Android obviously makes no exception, and it’s not just because you can install applications from outside the Google Play Store using the   show more ...

stand-alone APK installers, but also because malware sometimes makes its way to the store too. So having an antivirus application installed on your Android device has become a recommended thing to do, though power users can very well stay protected by just following a set of simple recommendations, such as simply inspecting each app carefully and looking at ratings and reviews in the store. The security experts at AV-TEST have conducted new research to determine the best antivirus solutions of Android, and the results pretty much speak for themselves. Once again, they confirm third-party protection is better than first party, even if it’s available free ... (read more)

 Computer, Internet Security

Forescout released an open-source tool for detecting whether a network device runs one of the four open-source TCP/IP stacks (and their variations) affected by the Amnesia:33 vulnerabilities.

 Trends, Reports, Analysis

According to researchers at Armis, around 97 percent of the OT devices affected by URGENT/11 (a group of vulnerabilities) are not patched, even though fixes are being delivered.

 Malware and Vulnerabilities

Palo Alto’s Unit42 research team has recently found hacking group AridViper (aka APT-C-23) dropping a new malware called PyMicropsia to target victims in the Middle Eastern region.

 Trends, Reports, Analysis

In recent months, there has been a barrage of zero-day vulnerabilities affecting popular software and devices, including several WordPress plugins, VMware products, Google Chrome, and others.

 Feed

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

 Feed

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant   show more ...

to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

 Feed

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

 Feed

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the pre-built jar release.

 Feed

Red Hat Security Advisory 2020-5614-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

 Feed

Red Hat Security Advisory 2020-5645-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

 Feed

This document is intended to provide a detailed study on the Heartbleed attack. It covers the required topics for understanding the exploit. The proof of concept will help visualize and perform the attack in a virtual scenario to understand the attack vector of the process of exploitation.

 Feed

Red Hat Security Advisory 2020-5642-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.

 Feed

Red Hat Security Advisory 2020-5644-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.

 Feed

Red Hat Security Advisory 2020-5641-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.

 Feed

Red Hat Security Advisory 2020-5616-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a buffer overflow vulnerability.

 Feed

Red Hat Security Advisory 2020-5640-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.

 Feed

Red Hat Security Advisory 2020-5639-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.

 Feed

Red Hat Security Advisory 2020-5637-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.

 Feed

Three dozen journalists working for Al Jazeera had their iPhones stealthily compromised via a zero-click exploit to install spyware as part of a Middle East cyberespionage campaign. In a new report published yesterday by University of Toronto's Citizen Lab, researchers said personal phones of 36 journalists, producers, anchors, and executives at Al Jazeera, and a journalist at London-based Al

 Feed

Everyone makes mistakes. That one sentence was drummed into me in my very first job in tech, and it has held true since then. In the cybersecurity world, misconfigurations can create exploitable issues that can haunt us later - so let's look at a few common security misconfigurations. The first one is development permissions that don't get changed when something goes live. For example, AWS S3

 Feed

A team of researchers today unveils two critical security vulnerabilities it discovered in Dell Wyse Thin clients that could have potentially allowed attackers to remotely execute malicious code and access arbitrary files on affected devices. The flaws, which were uncovered by healthcare cybersecurity provider CyberMDX and reported to Dell in June 2020, affects all devices running ThinOS

 Feed only

Many thanks to the great folks at AV-Comparatives, who have sponsored my writing for the past week. Anti-malware testing lab AV-Comparatives carries out independent intensive tests of security software, and has just published its long-term test report into the performance of business and enterprise endpoint security   show more ...

products, taking a close look 19 products designed to … Continue reading "Business and enterprise anti-virus products put through a long-term test – which performed the best?"

2020-12
Aggregator history
Monday, December 21
TUE
WED
THU
FRI
SAT
SUN
MON
DecemberJanuaryFebruary