NHTSA odometer disclosure rule might pave way for e-signature authentication
On October 2, 2019, the Department of Transportation’s (DOT) National Highway Traffic Safety Administration (NHTSA), published its Final Rule for Odometer Disclosure Requirement, which would enable states to allow electronic odometer disclosure statements in conjunction with electronic titling systems. This rule, if adopted widely by the states, could hasten the acceptance of e-signatures as a means […] more…Louisiana Sheriff’s Offices Targeted in Cyberattack Attempt
Three Louisiana parish sheriff’s offices were targeted by hackers over the weekend in a suspected cyberattack, officials confirmed. read more more…Atlassian Application Links CVE-2019-15011 Information Disclosure Vulnerability
Type: Vulnerability. Atlassian Application Links is prone to an information-disclosure vulnerability; fixes are available. more…Ansible Tower CVE-2019-19341 Information Disclosure Vulnerability
Type: Vulnerability. Ansible Tower is prone to an information-disclosure vulnerability; fixes are available. more…Siemens SCALANCE W700/W1700 CVE-2018-14526 Information Disclosure Vulnerability
Type: Vulnerability. Siemens SCALANCE W700 and W1700 is prone to an information disclosure vulnerability; fixes are available. more…Troj/MsilKlo-AK
more…The iPhone 11’s U1 chip necessitates constant geolocation checks, Apple says
The iPhone 11’s U1 chip necessitates constant geolocation checks, Apple says l33tdawg Fri, 12/06/2019 – 03:04 more…Microsoft Warns of Persistent Windows Hello for Business Orphaned Keys
Microsoft this week issued guidance regarding Windows Hello for Business (WHfB) public keys that persist even after the devices they are tied to are removed from Active Directory. read more more…Payment card-skimming malware targeting 4 sites found on Heroku cloud platform
Payment card-skimming malware targeting 4 sites found on Heroku cloud platform l33tdawg Wed, 12/04/2019 – 22:15 more…Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
by William Gamazo Sanchez and Joseph C. Chen In November 2019, we published a blog analyzing an exploit kit we named Capesand that exploited Adobe Flash and Microsoft Internet Explorer flaws. During our analysis of the indicators of compromise (IoCs) in the deployed samples that were infecting the victim’s machines, we noticed some interesting characteristics: […] more…Ad fraud: Fake local news sites are rolling in the dough
“forbesbusinessinsider.com?” Names like that sound close enough to real news domains to pass, but bots are the only ones visiting. more…IBM Cloud Pak System CVE-2019-4098 Cross Site Scripting Vulnerability
Type: Vulnerability. IBM Cloud Pak System is prone to an unspecified cross-site scripting vulnerability; fixes are available. more…Microsoft Windows Kernel ‘BasicRender.sys’ Driver Local Denial of Service Vulnerability
Type: Vulnerability. Microsoft Windows is prone to a denial-of-service vulnerability. more…SMS Replacement is Exposing Users to Text, Call Interception Thanks to Sloppy Telecos
SMS Replacement is Exposing Users to Text, Call Interception Thanks to Sloppy Telecos l33tdawg Fri, 11/29/2019 – 11:03 more…Linux Kernel CVE-2019-18660 Side Channel Attack Information Disclosure Vulnerability
Type: Vulnerability. Linux kernel is prone to an information-disclosure vulnerability; fixes are available. more…More information
- Goatse hacker Auernheimer found guilty of breaching AT&T to access customer iPad data
- Resolved: Planned power disruption: Penn State Wilkes-Barre
- NSA finally admits to spying on Americans by purchasing sensitive data
- 2.4 Million Impacted by WebTPA Data Breach
- South Korea suffers 110,000 cyberattacks in five years
- Heat-free optical switch would enable optical quantum computing chips
- RIP Leonard Nimoy: a hero to Trekkies, but so much more than "Spock"
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- China calls for global hacking rules
- Millions of LinkedIn passwords reportedly leaked – take action NOW