Microsoft Windows: LPT port redirection (Remote Desktop Services)

This policy setting specifies whether to prevent the redirection of data to client LPT ports during a Remote Desktop Services session. You can use this setting to prevent users from mapping local LPT ports and redirecting data from the remote computer to local LPT port peripherals. By default,...

WordPress Plugin Advanced Order Export For WooCommerce 1.5.4 - CSV Injection

WordPress Plugin Advanced Order Export For WooCommerce 1.5.4 - CSV Injection Exploit Title: Wordpress Plugin Advanced Order Export For WooCommerce 1.5.4 - CSV Injection Google Dork: N/A Date: 2018-06-24 Exploit Author: Bhushan B. Patil Software Link:...

Apple Removes iPhone USB Access Feature, Blocking Out Hackers, Law Enforcement

Apple said an upcoming iOS software update will remove the infamous iPhone USB access feature, blocking out both hackers – and law enforcement – from accessing a locked phones’ data via the device port. Apple confirmed that new upcoming default settings will disable the iPhone’s Lightning port, i...

Monitoring Data & Data Access to Support Ongoing GDPR Compliance – Part III: Tools

The new European Union EU-wide General Data Protection Regulation GDPR was signed into law in late April 2016, and the compliance deadline came into effect on May 25, 2018. The Regulation is expansive and covers a variety of subject areas, provisions, and actions in the form of documented Article...

Threat Outbreak Alert RuleID32950: Email Messages Distributing Malicious Software on June 12, 2018

Medium Alert ID: 58161 First Published: 2018 June 12 15:55 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32950 may contain the following files: Name | Siz...

Creative Spam Thinks Outside the Macro with .IQY Attachments

The Necurs botnet is driving a fresh spam campaign that uses Excel Web Query .IQY file attachments to skim under the antivirus radar. If successful, the attack ultimately delivers the remote access trojan RAT known as FlawedAmmyy. This is the third wave in an offensive that started in late May. T...

CVE-2018-10583

creationtimestamp| type| source ---|---|--- 2018-06-06 16:36:03+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/fileformat/odtbadodt.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:02+00:00| seen|...

CVE-2014-5073

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/vmturbovmtadminexecnoauth.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:30+00:00| see...

Remote Authentication GeoFeasibility Tool - GeoLogonalyzer

Users have long needed to access important resources such as virtual private networks VPNs, web applications, and mail servers from anywhere in the world at any time. While the ability to access resources from anywhere is imperative for employees, threat actors often leverage stolen credentials t...

See If You’re GDPR-Ready With Our Last-Minute Checklist

Time’s just about run out to get all your ducks in a row for the EU’s General Data Protection Regulation GDPR going into effect on May 25, and we’ve put together a little refresher toolkit to help you dot your Is and cross your Ts. Whether you’re planning on sticking to the new GDPR guidelines or...

GDPR Is Here: Achieve Superior Data Breach Prevention and Detection with Qualys

Turned into law in 2016, the EU’s General Data Protection Regulation GDPR finally goes into effect this week, slapping strict requirements on millions of businesses and subjecting violators to severe penalties. The complex regulation applies to any organization worldwide -- not just in Europe --...

StalinLocker ransomware: Put unlock code or say goodbye to your data

By Waqas StalinLocker ransomware gives victim ten minutes to put the code This is a post from HackRead.com Read the original post: StalinLocker ransomware: Put unlock code or say goodbye to your data...

CVE-2018-6920

In FreeBSD before 11.1-STABLEr332303, 11.1-RELEASE-p10, 10.4-STABLEr332321, and 10.4-RELEASE-p9, due to insufficient initialization of memory copied to userland in the Linux subsystem and Atheros wireless driver, small amounts of kernel memory may be disclosed to userland processes. Unprivileged...

The US Is Unprepared for Election-Related Hacking in 2018

This survey and report is not surprising: The survey of nearly forty Republican and Democratic campaign operatives, administered through November and December 2017, revealed that American political campaign staff -- primarily working at the state and congressional levels -- are not only unprepare...

8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs

A team of security researchers has reportedly discovered a total of eight new "Spectre-class" vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation, or Spectre-NG, the partial...

Configuring Imperva SecureSphere for GDPR Compliance: Part One

Time is running out. 23 days until GDPR enforcement The GDPR effective date is less than a month away and, given the significant risk and potential costs associated with a failure to comply, organizational readiness efforts continue to mount. GDPR non-compliance penalties can be severe up to 79...

Facebook Introduces “Clear History” Option Amid Data Scandal

Facebook unveiled new updates to its social-media platform this week aimed at securing private data – including a new privacy control called “Clear History.” CEO Mark Zuckerberg outlined the new data privacy measure in a post. Clear History essentially brings the capabilities that users are...

CVE-2017-14012

Mode C: The CVE-2017-14012 entry concerns Boston Scientific ZOOM LATITUDE PRM Model 3120. The vulnerability is due to a hard-coded cryptographic key used to encrypt PHI before transfer to removable media, resulting in PHI not being encrypted at rest. Affected product: ZOOM LATITUDE PRM – Model 31...

The Internet of Everything and digital privacy: what you need to know

If you don’t already own Internet of Things IoT devices, you likely will soon. IoT-enabled devices are physical gadgets with built-in Internet connectivity that allow data transmission; often this happens in the background with no indication to the user that anything is happening. The IoT is more...

Hackers build a 'Master Key' that unlocks millions of Hotel rooms

If you often leave your valuable and expensive stuff like laptop and passports in the hotel rooms, then beware. Your room can be unlocked by not only a malicious staff having access to the master key, but also by an outsider. A critical design vulnerability in a popular and widely used electronic...