Facebook Reveals New Data Leak Incident Affecting Groups' Members

Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorized...

Phishing Detection via Analytic Networks

As mentioned in previous Akamai blogs, phishing is an ecosystem of mostly framework developers and buyers who purchase kits to harvest credentials and other sensitive information. Like many framework developers, those focusing on phishing kits want to create an efficient...

python-requests bug fix update

An update is available for python-requests. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-requests package contains a library designed to make HTTP...

py-matrix-synapse -- missing signature checks on some federation APIs

Matrix developers report: Make sure that ... events sent over /sendjoin, /sendleave, and /invite, are correctly signed and come from the expected servers...

Trend Micro Acquires Cloud Conformity

Developers who are responsible for managing their business’s IT infrastructure day-to-day often have to work with the technology providers they’re given. Our goal is to make sure our security solutions work for developers, providing seamless, automated security, rather than a roadblock to work...

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service - The All-Stars | McAfee Blogs

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – The All-Stars John Fokker · OCT 02, 2019 Episode 2: The All-Stars Analyzing Affiliate Structures in Ransomware-as-a-Service Campaigns This is the second installment of the McAfee Advanced Threat Research ATR analysis of Sodinokibi...

Tachyon - Fast HTTP Dead File Finder

Tachyon is a fast web application security reconnaissance tool. It is specifically meant to crawl web application and look for left over or non-indexed files with the addition of reporting pages or scripts leaking internal data. User Requirements Linux Python 3.5.2 User Installation Install: $...

Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica

Facebook said it has suspended tens of thousands of apps as part of its ongoing investigation into how third-party apps on its platform collect, handle and utilize users’ personal data. The results of the investigation, launched in March 2018 in response to Facebook’s infamous Cambridge Analytica...

Fedora Update for python34 FEDORA-2019-5dc275c9f2

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 29 Update: python34-3.4.10-3.fc29

Python 3.4 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 30 Update: python34-3.4.10-3.fc30

Python 3.4 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 31 Update: python34-3.4.10-6.fc31

Python 3.4 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 31 Update: python38-3.8.0~b4-1.fc31

Python 3.8 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, update your Fedora to a newer version once Python 3.8 is stable...

[SECURITY] Fedora 29 Update: python38-3.8.0~b4-1.fc29

Python 3.8 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, update your Fedora to a newer version once Python 3.8 is stable...

[SECURITY] Fedora 30 Update: python38-3.8.0~b4-1.fc30

Python 3.8 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, update your Fedora to a newer version once Python 3.8 is stable...

CVE-2019-10753

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

Facebook Sues Two Android App Developers for Click Injection Fraud

Facebook has filed a lawsuit against two shady Android app developers accused of making illegal money by hijacking users' smartphones to fraudulently click on Facebook ads. According to Facebook, Hong Kong-based 'LionMobi' and Singapore-based 'JediMobi' app developers were distributing malicious...

New Android ransomware uses pornographic posts to infect devices

By Uzair Amir The new Android ransomware was initially spread through Reddit and XDA-Developers' forum. This is a post from HackRead.com Read the original post: New Android ransomware uses pornographic posts to infect devices...

Android Ransomware Spreads Via 'Sex Simulation Game' Links on Reddit, SMS

Researchers are warning of a new Android ransomware being spread via links in online forums and SMS messages. The malicious links purport to connect back to a sex simulation game, but in reality lead to ransomware that encrypts victims’ files. The Android ransomware, dubbed Android/Filecoder.C, h...

Software Developers and Security

According to a survey: "68% of the security professionals surveyed believe it's a programmer's job to write secure code, but they also think less than half of developers can spot security holes." And that's a problem. Nearly half of security pros surveyed, 49%, said they struggle to get developer...