Assessing the Human Element in Cyber Risk Analysis
The human factor doesn’t have to be an intangible when assessing cyber risks within a company. Go to Source
Tricky DoS Attack Crashes Mozilla Firefox
There are currently no mitigations for the Firefox attack, a researcher told Threatpost. Go to Source
Podcast: Two Billion IoT Devices Still Vulnerable to BlueBorne Bug
Up to two billion devices are still vulnerable to the BlueBorne IoT attack – and may not ever get a patch. Go to Source
Critical Vulnerability Found in Cisco Video Surveillance Manager
Cisco has patched vulnerability in its video surveillance manager software that could give an unauthenticated, remote attacker the ability to execute arbitrary commands on targeted systems. Go to Source
Twitter Flaw Exposed Direct Messages To External Developers
The company said it has issued a patch for the issue, which has been ongoing since May 2017. Go to Source
Delphi Packer Looks for Human Behavior Before Deploying Payload
Many different threat actors are using this crypting service/tool for their operations, possibly buying it from the developer itself. Go to Source
Unpatched Microsoft Zero-Day in JET Allows Remote Code-Execution
Microsoft said that it’s working on a fix for a zero-day flaw in its JET Database Engine. Go to Source
Lucy Gang Debuts with Unusual Android MaaS Package
The threat actor’s Android-focused cyber-arms package, dubbed Black Rose Lucy, is limited in reach for now, but clearly has global ambitions. Go to Source
Cisco Issues New Warning for 6-Month-Old Critical Bug in IOS XE
Vulnerability allowed an unauthenticated remote attacker to log in to a device at the time the system initially boots up. Go to Source
Magecart Strikes Again, Siphoning Payment Info from Newegg
The incident, hard on the heels of the British Airways breach, shows that Magecart is quickly evolving and shows no signs of slowing down. Go to Source