security threats – Page 2 – PossibleThreat Articles

DDoS attack on US Health agency part of coordinated campaign

March 18, 2020 0 Comments coronavirus, covid-19, DDoS, disinformation campaigns, Government security, hhs, human services, Law & order, nation state hacking, nation-state, security threats, us department of health

Credit to Author: John E Dunn| Date: Wed, 18 Mar 2020 11:54:20 +0000

It coincided with a disinformation campaign carried out via SMS, email and social media claiming that national quarantine was imminent.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/eIFGE7W8MpI” height=”1″ width=”1″ alt=””/>

Security Sophos

Slack fixes account-stealing bug

March 17, 2020 0 Comments Bug, bug bounty program, evan custodio, Flaw, hackerone, http, http smuggling, security threats, Slack, software bug, vulnerability

Credit to Author: Danny Bradbury| Date: Tue, 17 Mar 2020 12:33:43 +0000

Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/i-F9hS91EoQ” height=”1″ width=”1″ alt=””/>

Security Sophos

Tor browser fixes bug that allows JavaScript to run when disabled

March 17, 2020 0 Comments anonymity, browser privacy, firefox, java, JavaScript, noscript, Privacy, security threats, the onion router, Tor, tor browser, vulnerability, Web Browsers

Credit to Author: John E Dunn| Date: Tue, 17 Mar 2020 12:16:27 +0000

The Tor browser has a bug that could allow JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/es39u8LUhmk” height=”1″ width=”1″ alt=””/>

Security Sophos

WordPress to get automatic updates for plugins and themes

March 17, 2020 0 Comments security threats, vulnerability, Wordpress, wordpress plugins

Credit to Author: John E Dunn| Date: Tue, 17 Mar 2020 12:10:14 +0000

Good news for website admins: the ability to automatically update plugins and themes is being beta-tested for WordPress 5.5, due in August.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/25i98IfHHJE” height=”1″ width=”1″ alt=””/>

Security Sophos

Europol busts up two SIM-swapping hacking rings

March 17, 2020 0 Comments 2-factor Authentication, 2fa, europol, Law & order, malware, operation quinientos dusim, operation smart cash, security threats, sim hijackers, SIM hijacking, sim jacking, sim swap, sim swap fraud, SIM swapping, SIM swaps, sim-swapping attacks, two-factor authentication

Credit to Author: Lisa Vaas| Date: Tue, 17 Mar 2020 10:51:21 +0000

What a nightmare: your phone goes dead, and you can’t log into your bank account because it’s controlled by a hacker who’s draining you dry.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ORrtEW70IY8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Microsoft patches wormable Windows 10 ‘SMBGhost’ flaw

March 17, 2020 0 Comments Flaw, Microsoft, notpetya, Operating Systems, Patching, security threats, smb, smbghost, vulnerability, WannaCry, Windows, Windows 10

Credit to Author: John E Dunn| Date: Mon, 16 Mar 2020 11:58:56 +0000

What’s the difference between a scheduled security update and one that’s out-of-band? In this case, it’s two days.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/OqgpMudTrew” height=”1″ width=”1″ alt=””/>

Security Sophos

Open source bugs have soared in the past year

March 17, 2020 0 Comments bugs, common vulnerability scoring system, cross-site scripting, cvss, open source bugs, open-source, security threats, software bugs, vulnerability, whitesource

Credit to Author: Danny Bradbury| Date: Mon, 16 Mar 2020 10:55:41 +0000

Open source bugs have skyrocketed, according to a report from WhiteSource, with XSS flaws account for a quarter of those bugs.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ex96Deh5Pk4″ height=”1″ width=”1″ alt=””/>

Security Sophos

GoodRx stops sharing personal medical data with Google, Facebook

March 3, 2020 0 Comments adtech, advertising, branch, braze, data loss, Data Sharing, facebook, goodrx, Google, hipaa, Marketing, medical information, Mobile, mobile marketing, personal data deletion, prescription drugs, Privacy, security threats, Social networks, surveillance, targeted advertising, targeted marketing

Credit to Author: Lisa Vaas| Date: Tue, 03 Mar 2020 12:47:27 +0000

The mobile app saves people money but was letting 20 companies know who’s taking antipsychotics, erectile dysfunction and HIV meds, and more.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Mjy_qyNwWEk” height=”1″ width=”1″ alt=””/>

Security Sophos

Nvidia patches severe flaws affecting GeForce, Quadro NVS and Tesla

March 3, 2020 0 Comments cve vulnerabilities, cve‑2020‑5957, cve‑2020‑5958, cve‑2020‑5959, cve‑2020‑5960, cve‑2020‑5961, CVEs, geforce, gpu display, Linux, malware, Microsoft, NVIDIA, nvidia gpu, nvs, Operating Systems, Patches, Patching, quadro, security threats, tesla, vulnerability, Windows, windows gpu display driver

Credit to Author: John E Dunn| Date: Tue, 03 Mar 2020 11:09:05 +0000

In all, the update covers five Windows and Linux desktop CVE vulnerabilities, including one rated as critical.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/YitOMgSO498″ height=”1″ width=”1″ alt=””/>

Security Sophos

XSS plugin vulnerabilities plague WordPress users

March 3, 2020 0 Comments async, cross-site scripting, flexible checkout fields, JavaScript, plugins, security threats, vulnerability, woocommerce, Wordpress, WordPress plugin, XSS

Credit to Author: Danny Bradbury| Date: Tue, 03 Mar 2020 10:44:44 +0000

Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Bjh4-1ye-9E” height=”1″ width=”1″ alt=””/>