Troy Hunt

JULY 9, 2022

And we're finally done with this trip. 26 days, 14 different accommodations, 5,146km of driving through 4 states and the last 4 weekly vids all done on the road. Travel is great, but right now going home is even better 😊 Next week's vid will be back in my comfy office with good lighting, video, audio and better planning. Until then, here's a (late) weekly update 303: References If you're going to scrape someone else's content, don't embed the images directly

Data breaches 293

Data breaches Government 293

Security Affairs

JULY 9, 2022

Fortinet released security patches to address multiple High-Severity vulnerabilities in several products of the vendor. Fortinet addressed multiple vulnerabilities in several products of the vendor. Impacted products are FortiADC, FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiClient, FortiDeceptor, FortiEDR, FortiNAC, FortiSwitch, FortiRecorder, and FortiVoiceEnterprise.

Authentication 144

Authentication Passwords Hacking Accountability 144

Bleeping Computer

JULY 9, 2022

Manga comic reading app Mangatoon has suffered a data breach that exposed the account information of 23 million users after a hacker stole it from an Elasticsearch database. [.].

Data breaches 132

Data breaches Accountability 132

Security Affairs

JULY 9, 2022

Apple plans to introduce a security feature, called Lockdown Mode , to protect its users against “highly targeted cyberattacks.” The recent wave of sophisticated attacks against Apple users (i.e. Pegasus , DevilsTongue , and Hermit ) urged the tech giant to develop a new security feature, called Lockdown Mode, to protect its users against highly targeted cyberattacks.

Spyware 143

Spyware Mobile Hacking Technology 143

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

The Hacker News

JULY 9, 2022

A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems. "Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker's machine," Fortinet FortiGuard Labs researcher Cara Lin said in a report this week.

Phishing 125

Phishing Malware 125

CyberSecurity Insiders

JULY 9, 2022

By Vitaliy Lim. Coders along with their larger software development teams are under a tremendous amount of pressure to create vast amounts of code under strict deadlines. To expedite the process, it is common practice for front-end developers to turn to vast code repositories and JavaScript libraries rather than building every line of code from scratch.

Risk 125

Risk Software Retail Data breaches 125

Security Affairs

JULY 9, 2022

Threat actors are exploiting the disclosed Follina Windows vulnerability to distribute the previously undocumented Rozena backdoor. Fortinet FortiGuard Labs researchers observed a phishing campaign that is leveraging the recently disclosed Follina security vulnerability ( CVE-2022-30190 , CVSS score 7.8) to distribute a previously undocumented backdoor on Windows systems.

Phishing 117

Phishing Malware Hacking Information Security 117

Bleeping Computer

JULY 9, 2022

On Friday, the Python Package Index (PyPI), repository of open source Python projects announced plans to rollout two factor authentication for maintainers of "critical" projects. Although many praised the move, the developer of a popular Python project decided to delete his code from PyPI in retaliation. [.].

Authentication 107

Authentication 107

Security Affairs

JULY 9, 2022

Cybereason researchers are warning of a wave of attacks spreading the wormable Windows malware Raspberry Robin. Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL.

Malware 115

Malware Manufacturing Backups Technology 115

WIRED Threat Level

JULY 9, 2022

Plus: A duplicitous bug bounty scheme, the iPhone's new “lockdown mode,” and more of the week's top security news.

Hacking 99

Hacking 99

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Security Boulevard

JULY 9, 2022

For the third time in less than five years, international hotel corporation Marriott is back in the news with yet another data breach. Marriott was the victim of a social engineering attack where the hackers convinced an employee at the hotel near BWI Airport to give them access to his computer. The thieves then made off with 20GB of data that included some credit card details, as well as personal identifying information (PII) belonging to people who had stayed at the hotel.

Data breaches 97

Data breaches Social Engineering Engineering Hacking 97

Notice Bored

JULY 9, 2022

Following its exit from the EU, the UK is having to pick up on various important matters that were previously covered by EU laws and regulations. One such issue is to be addressed through a new law on online safety. "Online safety: what's that?" I hear you ask. "Thank you for asking, lady in the blue top over there! Kindly allow me to elaborate. errrr.

Mobile 113

Mobile InfoSec Media Risk 113

Security Boulevard

JULY 9, 2022

Our sincere thanks to Security BSides Athens for publishing their Presenter’s Security BSides Athens 2022 Conference content on the organization’s’ YouTube channel. Permalink. The post Security BSides Athens 2022 – Rodolpho Concurde’s ‘Workshop 1 – From SEH Overwrite With Egg Hunter To GEt A Shell!’ appeared first on Security Boulevard.

Education 80

Education 80

Security Boulevard

JULY 9, 2022

via the tremendous observational humor and satirical skillseta of Eugen Erhan (Illustrator) & Tudor Muscalu (Writer) at Fredo & Pidjin™. Permalink. The post Fredo & Pidjin™ ‘Strong’ appeared first on Security Boulevard.

Passwords 72

Passwords 72

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Boulevard

JULY 9, 2022

Here we will discuss top 10 Ways to Earn Money from Photography 1. Work as an Assistant Photographer Most professional photographers need an assistant to take photoshoots. The assistant photographer or the second photographer is the job role that helps you get great experience in photography and helps earn money. Benefits of Working as an […]. The post Top 10 Ways to Earn Money from Photography appeared first on Security Boulevard.

69

69

Security Boulevard

JULY 9, 2022

Our sincere thanks to Security BSides Athens for publishing their Presenter’s Security BSides Athens 2022 Conference content on the organization’s’ YouTube channel. Permalink. The post Security BSides Athens 2022 – Sam Stepanyan’s ‘Guest Talk 1 – OWASP Nettacker Project Presentation’ appeared first on Security Boulevard.

Education 69

Education InfoSec Cybersecurity 69

Security Boulevard

JULY 9, 2022

Many people use signatures at bottom of their mail. These Signature mostly contain name, mail, phone no, address and more. Here we discuss 2 easy ways to add signature in outlook Method 1 to add signature in outlook 1. Click on File 2. Select Options 3. In Options, Go to Mail Section and select Signatures… […]. The post 2 Easy ways to Add signature in Outlook appeared first on Security Boulevard.

59

59