Thursday, July 19, 2018

Cisco fixes critical and high severity flaws in Policy Suite and SD-WAN products

Cisco has found over a dozen critical and high severity vulnerabilities in its Policy Suite, SD-WAN, WebEx and Nexus products. The tech giant has reported customers four critical vulnerabilities affecting the Policy Suite. The flaws tracked as CVE-2018-0374, CVE-2018-0375, CVE-2018-0376, and CVE-2018-0377 have been discovered during internal...

Code hosting service GitHub can now scan also for vulnerable Python code

The code hosting service GitHub added Python to the list of programming languages that it is able to auto-scan for known vulnerabilities. Good news for GitHub users, the platform added Python to the list of programming languages that it is...

Trump might ask Putin to extradite the 12 Russian intelligence officers

A few hours before the upcoming meeting between Donald Trump and Vladimir Putin, the US President said he might ask the extradition to the US of the 12 Russian intelligence officers accused of being involved in attacks against the 2016 presidential...

12 Russian Intel Officers charged of hacking into U.S. Democrats

The week closes with the indictment for twelve Russian intelligence officers by a US grand jury. The charges were formulated just three days before President Donald Trump is scheduled to meet with Vladimir Putin. The special Counsel Robert Mueller, who...

Spambot aims at targets WordPress sites in World Cup-Themed spam scam

Imperva observed a spambot targeting WordPress sites aimed at tricking victims into clicking on links to sites offering betting services on FIFA World Cup Security experts from Imperva recently observed a spike in spam activity directed at WordPress websites, attackers aimed...

Intel pays a $100K bug bounty for the new CPU Spectre 1.1 flaw

A team of researchers has discovered new variant of the famous Spectre attack (Spectre 1.1), and Intel has paid a $100,000 bug bounty as part of its bug bounty program. Intel has paid out a $100,000 bug bounty for new vulnerabilities...

Adobe July Patch Tuesday fixes over 100 flaws in Adobe Acrobat and Reader

Adobe released July Patch Tuesday security updates that address over 100 flaws in Acrobat and Reader, and other issues in Flash Player, Experience Manager, and Connect. Adobe on Tuesday has released July Patch Tuesday security updates that addressed more than...

Just using a $39 device it is possible to defeat new iOS USB Restricted Mode

Once USB Restricted Mode is enabled on a device, no data communications occur over the Lightning port, but experts found a way to reset the countdown timer. Recently Apple released the iOS 11.4.1 that introduced a new security feature, dubbed USB...

Polar fitness app broadcasted sensitive data of intelligence and military personnel

The Mobile fitness app Polar has suspended its location tracking feature due to the leakage of sensitive data on military and intelligence personnel. A new privacy incident involved Fitness application and military. this time the Mobile fitness app Polar has suspended...

HP iLO servers running outdated firmware could be remotely hacked

Hewlett Packard Integrated Lights-Out 4 (HP iLO 4) servers are affected by a critical Bypass Authentication vulnerability, technical details and a PoC code have been published online. The flaw, tracked as CVE-2017-12542, received a severity score of 9.8 out of 10 because...

Smart Speaker Banking Is Coming to a Device Near You, But Is It Secure?

Smart speaker Banking Is coming to a device near you, Which are the cyber risks associated with their use? Are they a new opportunity for attackers? The popularity of voice-activated smart speakers like the Google Home and Amazon Echo has...

Google July 2018 Android patches fixes critical vulnerabilities

This week Google released the July 2018 Android patches that address tens of vulnerabilities in the popular mobile operating system. Google released the July 2018 Android patches that address a total of 11 vulnerabilities, including three Critical issues and 8 High-risk...

Why the Best Defense Is a Good Offensive Security Strategy

When many people think about offensive security, they picture a mysterious figure wearing a hoodie, sitting behind a black-and-green terminal, diligently typing away as he probes enterprise networks. But the cybersecurity world has evolved well beyond this Hollywood hacker...

Google hit with $5.1b fine in EU’s Android antitrust case

This could mean the end of free Android. In the meantime, Google plans to appeal.

Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power

This bill making its way through Congress would allow law enforcement to more easily uncover location data for cell phones from mobile carriers in an emergency.

IDG Contributor Network: Hack like a CISO

I have written several times over the last couple of years about how the role of today’s CISOs have changed and are now more tuned to support business activities and the management of enterprise risk. Serving an organization as...

Cisco patches critical vulnerabilities in Policy Suite

One of the worst security flaws permits attackers to act as root and execute arbitrary code.