Lucene search
K

65 matches found

ThreatPost
ThreatPost
added 2020/05/21 3:44 p.m.965 views

Critical Cisco Bug in Unified CCX Allows Remote Code Execution

Cisco has hurried out a fix out for a critical remote code-execution flaw in its customer interaction management solution, Cisco Unified Contact Center Express CCX. Cisco’s Unified CCX software is touted as a “contact center in a box” that allows companies to deploy customer-care applications. Th...

10CVSS1AI score0.26869EPSS
Exploits1References7
ThreatPost
ThreatPost
added 2020/05/14 12:38 p.m.71 views

BEC Gang Exploits G Suite, Long Domain Names in Cyberattacks

Business email compromise BEC attacks continue to be a thorn in companies’ sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitaliz...

0.2AI score
Exploits0References7
Schneier on Security
Schneier on Security
added 2020/01/14 7:0 p.m.18 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at Indiana University Bloomington on January 30, 2020. I'll be at RSA Conference 2020 in San Francisco. On Wednesday, February 26, at 2:50 PM, I'll be part of a panel on "How to Reduce Supply Chain Risk: Lessons from...

1.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/09/14 11:16 p.m.98 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at University College London on September 23, 2019. I'm speaking at World's Top 50 Innovators 2019 at the Royal Society in London on September 24, 2019. I'm speaking at Cyber Security Nordic in Helsinki, Finland on...

1.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/06/14 6:30 p.m.215 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking on "Securing a World of Physically Capable Computers" at Oxford University on Monday, June 17, 2019. The list is maintained on this page...

2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/03/15 7:15 p.m.187 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm teaching a live online class called "Spotlight on Cloud: The Future of Internet Security with Bruce Schneier" on O'Reilly's learning platform, Thursday, April 4, at 10:00 AM PT/1:00 PM ET. The list is maintained on this page...

1.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/11/30 8:29 p.m.75 views

Click Here to Kill Everybody News

My latest book is doing well. And I've been giving lots of talks and interviews about it. I can recommend three interviews: the Cyberlaw podcast with Stewart Baker, the Lawfare podcast with Ben Wittes, and Le Show with Henry Shearer. My book talk at Google is also available. The Audible version w...

2.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/19 5:8 p.m.100 views

A week in security (November 12 – 18)

Last week on Malwarebytes Labs, we found out that TrickBot became a top business threat, so we took a deeper look at what's new with it. With Christmas just around the corner, the Secret Sister scam returned. We also touched on the security and privacy or lack thereof in smart jewelry, air traffi...

7.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/10/09 6:23 p.m.19 views

bruce-clarke.com XSS vulnerability

Open Bug Bounty ID: OBB-684316 Description| Value ---|--- Affected Website:| bruce-clarke.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

0.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/01/09 9:26 p.m.18 views

Daniel Miessler on My Writings about IoT Security

Daniel Miessler criticizes my writings about IoT security: I know it's super cool to scream about how IoT is insecure, how it's dumb to hook up everyday objects like houses and cars and locks to the internet, how bad things can get, and I know it's fun to be invited to talk about how everything i...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/08/25 12:0 a.m.165 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3609)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3609 advisory. - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 - dentry name snapshots Al Viro Orabug:...

10CVSS7.6AI score0.17827EPSS
Exploits40References3
ThreatPost
ThreatPost
added 2017/08/01 3:39 p.m.19 views

Legislation Proposed to Secure Connected IoT Devices

A Senate bill introduced today would prioritize security in connected devices, requiring providers who sell to the U.S. government to implement measures that would have been an impediment to the IoT botnet-fueled attacks against DNS provider Dyn and webhost OVH. The Internet of Things Cybersecuri...

0.3AI score
Exploits0References5
Openbugbounty
Openbugbounty
added 2017/05/10 10:21 p.m.13 views

eddiebruce.ca XSS vulnerability

Vulnerable URL: http://www.eddiebruce.ca/listingresults.asp Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check eddiebruce.ca SSL...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2017/03/06 10:15 a.m.13 views

Bruce Schneier on IoT Regulation

Mike Mimoso talks to Bruce Schneier, CTO of IBM Resilient, at RSA 2017 about the early days of the conference, his campaign for IoT regulation, and how the technical community needs to get involved with policy. Music by Chris Gonsalves...

3.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2017/02/14 6:36 p.m.14 views

Schneier Brings Campaign for IoT Regulation to RSA

SAN FRANCISCO—Bruce Schneier on Tuesday called on technologists to get involved with policy, insisting that as the Internet of things continues to unfold, the knowledge security experts have will become more applicable. Schneier, CTO of IBM Resilient, stressed in a talk here at the RSA Conference...

7.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2016/12/08 11:27 a.m.11 views

New Call to Regulate IoT Security By Design

A Washington, D.C. think tank whose mission is critical infrastructure security has joined the call for lawmakers to consider regulating the security of connected devices. In a report published this week, the Institute for Critical Infrastructure Technology pinned the blame for a rash of Mirai...

0.7AI score
Exploits0References5
OpenSSL
OpenSSL
added 2016/09/26 12:0 a.m.53 views

Vulnerability in OpenSSL - Missing CRL sanity check

This issue only affects OpenSSL 1.0.2i, released on 22nd September 2016. A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. Found by Bruce...

8.5AI score0.30216EPSS
Exploits1Affected Software1
hackapp
hackapp
added 2016/04/01 9:45 a.m.9 views

Bruce Lee: Enter The Game - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Bruce Lee: Enter The Game published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2014/05/15 3:31 p.m.17 views

Al Qaeda Homegrown Encryption Likely Aids NSA Intelligence

Terrorist organization Al Qaeda has reportedly stepped up its development of homegrown encryption technology since the Edward Snowden leaks began last June. The question puzzling some security experts is: Why? “This is hard, and the odds they are doing it correctly are low,” said cryptographer an...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/02/24 11:37 a.m.10 views

Bruce Schneier on Surveillance and Trust

Dennis Fisher talks with Bruce Schneier about the differences between bulk and targeted surveillance, the most concerning NSA revelations and making surveillance more expensive for intelligence agencies. Download: digitalunderground145.mp3...

2.8AI score
Exploits0References2
Rows per page
Query Builder