Thursday, October 1, 2020
Security Affairs

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Last week, the source code for MS Windows XP and Windows Server 2003 OSs were leaked online, now a developer successfully compiled them. Last week, the source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published...
Security Affairs

Cisco fixes actively exploited issues in IOS XR Network OS

Cisco addressed two actively exploited DoS vulnerabilities that reside in the IOS XR software that runs on multiple carrier-grade routers. Cisco addressed two high severity memory exhaustion DoS vulnerabilities that reside in the IOS XR Network OS that runs on multiple carrier-grade...
Security Affairs

Apple addresses four vulnerabilities in macOS

Apple this week released security updates to address a total of four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. Apple on Thursday announced to have patched four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. “This document describes the security...
Security Affairs

Twitter warns developers of possible API keys leak

Twitter is warning developers that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. Twitter is sending emails to developers to warn them that their API keys, access tokens, and access token...
Security Affairs

Cisco fixes 34 High-Severity flaws in IOS and IOS XE software

Cisco patched 34 high-severity flaws affecting its IOS and IOS XE software, some of them can be exploited by a remote unauthenticated attacker. Cisco on Thursday released security patches for 34 high-severity vulnerabilities affecting its IOS and IOS XE software. The...
Security Affairs

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol...
Security Affairs

DHS CISA orders federal agencies to fix Zerologon flaw by Monday

DHS CISA issued an emergency directive to tells government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The Department of Homeland Security’s CISA issued an emergency directive to order government agencies to address the Zerologon vulnerability (CVE-2020-1472) by Monday. The CVE-2020-1472 flaw...
Security Affairs

Twitter announces measures to protect accounts of people involved in 2020 Presidential election

Twitter announced that it will adopt new security measures to protect high-profile accounts during the upcoming election in the United States. Twitter announced new measures to protect high-profile accounts during the upcoming US Presidential election. The types of accounts that...
Security Affairs

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic, it accounted for 46 percent of the total number of fake web pages. Singapore, 09/18/2020 — Group-IB, a global threat hunting and intelligence company headquartered in Singapore, evidenced the...
Security Affairs

CISA Named Top-Level Root CVE Numbering Authority (CNA)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA). The US Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA), it will be overseeing...
Graham Cluley

What to do first when your company suffers a ransomware attack

For many companies it would be a nightmare to discover that they are the latest unwitting victim of a ransomware attack, capable of crippling computer systems and locking up data if a payment isn’t made to cybercriminals. There’s no magic...
SecurityWeek

New RiskLens Solution Helps Organizations Optimize Cybersecurity Spending

Cyber risk management solutions provider RiskLens on Thursday announced a new capability designed to help organizations improve investment and budget decisions. read more

When Coffee Machines Demand Ransom, You Know IoT Is Screwed

A researcher reverse engineered an internet-connected coffee maker to see what kinds of hacks he could do with it. The answer: quite a lot.
Tripwire

Russian Gets 7 Years in Prison for Linkedin, Dropbox & Formspring Hacks

A Russian man received a seven-year prison sentence for having hacked into computers belonging to LinkedIn, Dropbox and Formspring. On September 30, Honorable William H. Alsup, U.S. District Judge for the Northern District of California, sentenced Yevgeniy Alexandrovich Nikulin,...
Bruce Schneier

Detecting Deep Fakes with a Heartbeat

Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face: In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these...