Daily Archives: July 18, 2018

Ebook Cyber Crime, Security and Digital Intelligence Free Download | CONTENT MARKETING, CYBER SECURITY E COMMERCE, INTERNET PRIVACY, SEARCH ENGINES, SOCIAL MEDIA, TECHNOLOGY

megalegit.com - Contributed by Tracy Bush on July 19, 2018 at 5:43 am Ebook|Books} Cyber Crime, Security and Digital Intelligence Free Download Click Here http://bit.ly/2apIGOR Originally posted 2017-10-15 20:48:28.…


Tweeted by @anonym_email https://twitter.com/anonym_email/status/1019820131055259648

CVE-2018-14394

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.

CVE-2018-14395

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.

CVE-2018-14399

libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content] JSON data to the index.php?m=member&c=index&a=register URI.

CVE-2018-14403

MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.

Google Fined $5.05 Billion By EU: Android Illegally Used Dominate Search

The European Commission has imposed a fine of $5.05 Billion for violating EU antitrust rules stating that Google has imposed

Google Fined $5.05 Billion By EU: Android Illegally Used Dominate Search on Latest Hacking News.

Chicago pode se tornar a maior cidade dos EUA a adotar renda básica universal

O vereador de Chicago Ameya Pawar está preocupado com o futuro.

O que o preocupa é que uma iminente onda de automação possa deixar milhões de pessoas desempregadas e causar ainda mais extremismo político.

Apontando para os investimentos que empresas como Tesla, Amazon e Uber estão fazendo em veículos autônomos, Pawar observou que em breve as funções ligadas ao transporte rodoviário de longa distância, uma fonte tradicional de emprego para a classe média, podem se tornar obsoletas. Ele considera que o aumento no número de pessoas desempregadas implica maior polarização política. “Precisamos começar a discutir raça, classe e geografia, mas também precisamos começar a discutir o futuro do trabalho e sua relação com a automação. Todas essas coisas estão interligadas.”

Pawar estava em campanha para ser o candidato do Partido Democrata ao governo de Illinois, até sair da disputa por não conseguir competir com os gastos de dois candidatos bilionários. Um dos temas de sua candidatura foi o uso dado pelos políticos a vários grupos raciais ou étnicos como bodes expiatórios dos problemas materiais de seus eleitores.

“Você sabe, os britânicos colocam hindus e muçulmanos uns contra os outros”, disse Pawar ao The Intercept à época, falando de sua origem indiana. “Colocam as pessoas umas contra as outras com base em classe social, geografia, casta […] isso não é diferente. Chicago contra o resto do estado. O resto do estado contra Chicago. Negros, brancos, pardos, uns contra os outros. Todos, pessoas pobres brigando por restos.”

Pawar atualmente considera que uma onda de automação em massa irá complicar esse problema.

“De uma perspectiva de raça e de classe, deve-se levar em conta que 66% dos caminhoneiros são homens brancos de meia idade”, ele comentou. “Então, se você os deixar sem trabalho e não fizer nenhum investimento em novos empregos ou em um sistema social de suporte para que eles façam a transição de um emprego para outro, essas divisões raciais, geográficas e de classe vão crescer.”

Pawar entende que uma forma de combater o ressentimento racial é cuidar da precariedade econômica que os políticos vêm usando para fomentá-lo. Ele decidiu apoiar a renda básica universal (UBI, na sigla em inglês) – uma ideia que vem ganhando fôlego em todo o mundo.

A UBI parte de uma premissa simples: se as pessoas não têm dinheiro para satisfazer suas necessidades básicas, por que não dar mais dinheiro a elas?

Os projetos de renda básica universal envolvem a concessão de uma bolsa de valor padrão para todos – independentemente da necessidade. Historicamente, os EUA lidam com a pobreza ofertando produtos in natura. O Programa de Assistência Nutricional Suplementar, antes conhecido como programa de “selos alimentares”, fornece cartões eletrônicos que podem ser usados para adquirir certos tipos de alimentos.

Alguns economistas, porém, defendem que é mais benéfico simplesmente dar dinheiro às pessoas.

Estudos mostram que programas de transferência de renda são mais eficientes no geral, uma vez que eliminam os custos administrativos de distribuição dos produtos in natura. A teoria é que as pessoas conhecem suas próprias necessidades, e podem alocar o dinheiro de forma mais eficiente que o governo. Além disso, é esperado que, por se tratar de uma iniciativa universal, seja possível evitar parte do estigma associado aos programas baseados em necessidade, que são desprezados por muitos como benesses dadas a pobres “que não merecem”.

Pawar recentemente apresentou um programa-piloto de renda básica universal em Chicago. Pelo seu programa, US$500 por mês seriam entregues a mil famílias de Chicago, sem quaisquer exigências. Além disso, a proposta modificaria o programa de benefício tributário que dá restituição sobre o Imposto de Renda [Earned Income Tax Credit, EITC] para as mesmas mil famílias, de modo que elas pudessem receber pagamentos mensais no lugar de um pagamento no fim do ano – um processo conhecido como “atenuação”, que permite às famílias integrar a restituição tributária ao orçamento mensal.

A proposta também abre espaço para a criação de um programa específico de EITC em Chicago.

Pawar já conseguiu convencer a maioria dos vereadores de Chicago a entrarem com ele na coautoria do plano, e espera que a Câmara dos Vereadores logo comece a atuar com o prefeito para sua implementação.

 

 

SIMPLESMENTE ENTREGAR DINHEIRO para que as pessoas paguem suas despesas parece uma ideia radical, principalmente nos EUA, onde o individualismo e a responsabilidade pessoal são considerados virtudes fundamentais, e a ideia de conseguir alguma coisa sem contrapartida é ridicularizada. Há uma tréplica fácil, porém, pelo menos para os céticos que duvidam da renda básica porque acham que o dinheiro vai ser desperdiçado em itens não essenciais: transferências diretas de renda no mesmo estilo da UBI já foram usadas em outros lugares, e elas funcionam.

Um dos mais efetivos programas contra a pobreza no século 21 é o Programa Bolsa Família. Deborah Weltzel, funcionária de alto escalão do Banco Mundial, chamou o programa de “revolução silenciosa“, destacando que o PBF “foi fundamental para que o Brasil reduzisse em mais da metade a pobreza extrema: de 9,7% para 4,3% da população.” Além disso, o programa também ajudou a reduzir a desigualdade de renda em aproximadamente 15%, conta Wetzel. Um estudo feito pelo Banco Interamericano de Desenvolvimento observou que o programa custa cerca de 0,5% do PIB brasileiro, mas conseguiu reduzir em mais de 50% a taxa de mortalidade infantil causada por desnutrição e diarreia.

O PBF não é um programa universal, pois os pagamentos são feitos apenas aos brasileiros que vivem abaixo de um limite mínimo de renda. (Em 2013, cerca de um quarto dos brasileiros recebiam o benefício). Outra diferença importante é que, diferente do PBF, que exige que as crianças das famílias beneficiárias frequentem a escola e façam consultas médicas regularmente – a UBI é incondicional. O Bolsa Família, porém, é um modelo útil para a UBI, uma vez que ambos são programas de transferência direta de renda.

O melhor exemplo doméstico de UBI dentro dos EUA se encontra no Alasca. Desde 1976, o governo do estado do Alasca mantém o Fundo Permanente do Alasca, que investe em ativos financeiros como participações acionárias públicas e privadas, imóveis e infraestrutura, para gerar receitas ao governo estadual. O fundo, que também é alimentado por pagamentos residuais pela exploração de petróleo em terras públicas, emite então, anualmente, um cheque para cada morador do Alasca. Em 2017, o pagamento foi no valor de US$1.100.

Na porção continental dos Estados Unidos, Michael Tubbs, de 27 anos, prefeito de Stockton, na Califórnia, começou a aplicar um programa piloto local de renda básica no começo desse ano. O programa de Stockton, que está sendo implementado em parceria com o projeto Economic Security Project [Projeto de Segurança Econômica], do cofundador do Facebook, Chris Hughes, vai oferecer US$500 mensalmente a cem famílias. A pesquisa com duração de 18 meses terá início em 2019.

Em uma entrevista ao portal Politico, Tubbs rejeitou o argumento de que pagar às pessoas para não fazerem nada seria intrinsecamente indigno.

“Estamos tendo essa discussão interessante sobre o valor do trabalho”, ele disse. “O trabalho tem algum valor e alguma dignidade, mas não acho que trabalhar 14 horas e não conseguir pagar suas contas, ou trabalhar em dois empregos e não conseguir – não há nada de essencialmente digno nisso.”

Se o programa de Pawar for colocado em prática pelo prefeito Rahm Emanuel, Chicago se tornaria a maior cidade dos EUA a testar a UBI. Matt Bruening, fundador do People’s Policy Project [Projeto de Políticas Populares] e defensor da UBI, vê com reservas a possibilidade de que um município consiga implementar um programa de renda básica bem-sucedido porque as cidades costumam ter uma capacidade limitada de arrecadação de receitas. Ele considera, no entanto, que o projeto-piloto tem seus méritos.

“Esse é aparentemente um programa-piloto de renda básica universal, o que é uma boa ideia, simplesmente para estudar seus efeitos e obter dados que possam ajudar a orientar outros esforços desse tipo”, disse ele ao The Intercept.

“Nossa esperança, que eu sei que será confirmada por esse piloto, é que ele mostre que, quando fizermos a atenuação do imposto de renda e proporcionarmos uma renda básica mensal para mil famílias, elas poderão planejar suas despesas, tomar decisões de poupança e de investimento, e tomar decisões sobre como lidar com uma emergência financeira, como fazem todas as famílias”, contou Pawar. “Uma vez implementado, se tudo correr bem, poderemos aumentar a escala.”

Para o vereador, a questão não é saber se o país tem condições de bancar a implementação da UBI, mas se tem condições de bancar não implementá-la.

“Minha resposta à Amazon, à Tesla, à Ford, à Uber […] Precisamos abrir uma discussão sobre automação e enquadramento regulatório, afinal, se os empregos simplesmente desaparecerem, o que vamos fazer com a força de trabalho? […] Se [essas empresas estão] reticentes em pagar sua cota justa de tributos, ainda querem incentivos tributários, e ao mesmo tempo automatizam postos de trabalho, o que você acha que vai acontecer?”, perguntou Pawar. “Essas polarizações vão aumentar, e em muitos aspectos estamos sentados sobre um barril de pólvora.”

Atualização

Na terça-feira (17), o ex-presidente Barack Obama, antigo chefe do prefeito Rahm Emanuel, disse que uma discussão sobre a renda básica universal deveria entrar no debate político.

 

Foto do Título: Ameya Pawar, à direita, cumprimenta um apoiador durante um comício de campanha em 15 de agosto de 2017, em Chicago.

The post Chicago pode se tornar a maior cidade dos EUA a adotar renda básica universal appeared first on The Intercept.

Las Vegas Lawsuit Raises Security Liability Questions

On July 16, 2018; MGM Resorts International, owner of the Mandalay Bay Casino & Hotel, filed federal lawsuits against more than 1,000 Las Vegas mass shooting victims in an effort to avoid liability in legal actions related to the gunman who opened fire on an outdoor concert from his Mandalay Bay suite on Oct. 1, 2017, killing 58 concertgoers and injuring hundreds of others.

Russian Shipwreck Allegedly Carrying $130 Billion In Gold Has Been Rediscovered

An anonymous reader quotes a report from Popular Mechanics: A salvage company has located the remains of a Russian warship lost during the the Russo-Japanese War. The battle-damaged cruiser Dmitrii Donskoi was scuttled off the coast of Korea in 1905, reportedly carrying a cargo of gold worth an estimated $130 billion in today's dollars. An international consortium of companies plans to salvage the gold. According to the Telegraph, the Donskoi was found less than a mile off the coast of Ulleung island, at a depth of 1,423 feet in the Sea of Japan. A submersible descended to the wreck and captured an image of the ship's name on the stern in the Cyrillic alphabet. The South Korean Shinil Group, which discovered the wreck, plans to recover the gold sometime later this year with help from companies in China, Canada, and the U.K. At the time of her sinking Donskoi was reportedly carrying 5,500 boxes of gold bars and 200 tons of gold coins with a street value today of $130 billion. That's more than twice Russia's 2017 defense budget, which was $61 billion. If the treasure does materialize, the Russian government will receive half of the recovered amount. The money that's not going to Russia will reportedly be invested in a railroad line linking North Korea, South Korea, and Russia. A small percentage (10%) will also be invested in tourism projects on Ulleungdo Island, including a museum dedicated to the vessel.

Read more of this story at Slashdot.

Red Hat Ansible Engine 2.6 enables cloud, network, and Windows automation

Red Hat announced the availability of Red Hat Ansible Engine 2.6, the latest release of its agentless open source IT automation solution. Red Hat Ansible Engine 2.6 adds new content for automating across hybrid and multicloud environments, along with simplified connections to network APIs and updates for Ansible deployments overseeing Windows environments. When Red Hat Ansible Engine 2.6 combines with Red Hat Ansible Tower, Red Hat’s centralized control plane for managing and optimizing automated systems … More

The post Red Hat Ansible Engine 2.6 enables cloud, network, and Windows automation appeared first on Help Net Security.

Exposing The Man Behind The Curtain

huffingtonpost.com - And, given the role that the leaking of unsubstantiated classified information from anonymous government sources to the American media has played in underpinning the public arguments made by the Inte…


Tweeted by @msstevie https://twitter.com/msstevie/status/1019780652449771520

Fugue announces Phillip Merrick as CEO

Fugue announced it has hired Phillip Merrick as CEO. Merrick will drive strategy and lead the company’s operations across product, marketing and sales. Drawing on more than 20 years of experience growing enterprise software and SaaS companies, he will also lead Fugue’s efforts to educate the market about technology that changes the way enterprises address issues such as policy compliance and configuration drift in the cloud. As founder and CEO, Merrick took webMethods public in … More

The post Fugue announces Phillip Merrick as CEO appeared first on Help Net Security.

ThreatConnect enhances threat intelligence, analytics and orchestration capabilities

ThreatConnect announces new Playbooks enablements to optimize the ability to make faster security decisions, automate processes, and improve reaction and response capacity. “Our vision is a Platform that transforms the way that security professionals do their jobs,” CEO Adam Vincent said. “I’ve said this before…the only way to augment humans is to act like them. Humans use data to produce knowledge that becomes wisdom. That wisdom is the equivalent of our Intelligence and is what … More

The post ThreatConnect enhances threat intelligence, analytics and orchestration capabilities appeared first on Help Net Security.

ManageEngine extends its SIEM solution log management capabilities to the cloud

ManageEngine announced that it has extended the log management capabilities of its security information and event management (SIEM) solution, Log360, to the cloud. Log360 Cloud allows IT administrators to store and manage log data collected from on-premises environments on Zoho’s secure cloud platform, giving enterprises insight on aspects of their network without having to worry about storage infrastructure. According to Gartner, cloud-based SIEM deployments are expected to reach $512.1 million in 2019. “Small and midsize … More

The post ManageEngine extends its SIEM solution log management capabilities to the cloud appeared first on Help Net Security.

Nehemiah Security upgrades Exploit Quantifier platform

Nehemiah Security announced upgrades to the EQ (Exploit Quantifier) platform. EQ tests the effectiveness of an organization’s endpoint configuration against malware and other attacks by leveraging cyberwarfare tools to characterize, model and predict attack outcomes in a customized, virtual environment. This configurable framework establishes scalable and repeatable testing to generate high-fidelity cyberattack intelligence. Security teams leverage this automated functionality to perform what-if scenarios, train security personnel, and strengthen their defensive posture. Security leaders must understand … More

The post Nehemiah Security upgrades Exploit Quantifier platform appeared first on Help Net Security.

Mark Woodward joins Armor as CEO

Armor announced that Mark Woodward has joined Armor’s leadership team as Chief Executive Officer (CEO). Armor founder and former CEO Chris Drake is stepping into the Chief Technology Officer (CTO) role as product strategist and evangelist and will continue as a member of the Board. “Armor is in a unique position to be the ‘definitive leader’ of cloud security, and I am very excited that Mark is joining Armor to help realize that vision,” said … More

The post Mark Woodward joins Armor as CEO appeared first on Help Net Security.

Got Container Security? Make Sure to Secure Code and Supplemental Components

Organizations face numerous primary threats and security concerns when it comes to their container environments. Those issues extend into their build environment, an area which organizations need to protect because it’s usually the least secure aspect of their container infrastructure. They also extend into other areas, including inside the containers themselves. Acknowledging that exposure, organizations […]… Read More

The post Got Container Security? Make Sure to Secure Code and Supplemental Components appeared first on The State of Security.

Survey: Only Four Percent of U.S. Adults are Concerned about Cybersecurity during Summer Vacation

This summer, my family and I visited a few Arizona ghost towns, and the experience made me wonder what it might have been like to travel across the Old West with all your possessions in tow. What would it feel like to ride through mountains, deserts and territories with only a canvas-covered wagon protecting your valuables? I bet they were keenly aware of the […]… Read More

The post Survey: Only Four Percent of U.S. Adults are Concerned about Cybersecurity during Summer Vacation appeared first on The State of Security.

CVE-2018-14340

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.

CVE-2018-14344

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.

CVE-2018-14369

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.

CVE-2018-14368

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.

CVE-2018-14343

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.

CVE-2018-14367

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.

CVE-2018-14341

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.

CVE-2018-14342

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.

CVE-2018-14370

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.

Wireshark Analyzer 2.6.2

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Linux BPF Sign Extension Local Privilege Escalation

Linux kernel versions prior to 4.14.8 utilize the Berkeley Packet Filter (BPF) which contains a vulnerability where it may improperly perform signing for an extension. This can be utilized to escalate privileges. The target system must be compiled with BPF support and must not have kernel.unprivileged_bpf_disabled set to 1. This Metasploit module has been tested successfully on many different kernels.

Packet Storm: Linux BPF Sign Extension Local Privilege Escalation

Linux kernel versions prior to 4.14.8 utilize the Berkeley Packet Filter (BPF) which contains a vulnerability where it may improperly perform signing for an extension. This can be utilized to escalate privileges. The target system must be compiled with BPF support and must not have kernel.unprivileged_bpf_disabled set to 1. This Metasploit module has been tested successfully on many different kernels.

Packet Storm

Packet Storm: Wireshark Analyzer 2.6.2

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Packet Storm

Crypto Update: Altcoins Reverse Gains as Bitcoin’s Surge Fizzles Out

The cryptocurrency market had one of the wildest days in months following yesterday’s epic short-squeeze in Bitcoin that triggered a strong segment-wide rally. While Bitcoin managed to break through several key resistance levels, the major altcoins failed to join the break-out, even as temporarily, some of them managed to move above primary resistance. Ethereum topped […]

The post Crypto Update: Altcoins Reverse Gains as Bitcoin’s Surge Fizzles Out appeared first on Hacked: Hacking Finance.

Suricata IDPE 4.0.5

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Packet Storm: Suricata IDPE 4.0.5

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Packet Storm

Leaked Documents Show Facebook’s ‘Threshold’ For Deleting Pages, Groups

Facebook has repeatedly referenced to lawmakers a "threshold" that must be reached before the platform decides to ban a particular page for violating the site's policies, but it hasn't discussed its guidelines publicly. Motherboard has obtained internal Facebook documents laying out what this threshold is for multiple types of different content, including some instances of hate speech. From the report: One Facebook moderator training document for hate speech says that for Pages -- Facebook's feature for sections dedicated to, say, a band, organization, public figure, or business -- the Page admin has to receive 5 "strikes" within 90 days for the Page itself to be deleted. Alternatively, Facebook moderators are told to remove a Page if at least 30 percent of the content posted by other people within 90 days violates Facebook's community standards. A similar 30 percent-or-over policy exists for Facebook Groups, according to the document. In a similar vein, another hate speech document says that a profile should be taken down if there are 5 or more pieces of content from the user which indicate hate propaganda, photos of the user present with another identifiable leader, or other related violations. Although the documents obtained by Motherboard were created recently, Facebook's policies change regularly, so whether these exact parameters remain in force is unclear. Of course this still depends on moderators identifying and labeling posts as violating to reach that threshold. [...] Another document focused on sexual content says moderators should unpublish Pages and Groups under the basis of sexual solicitation if there are over 2 "elements," such as the Page description, title, photo, or pinned post, that include either explicit solicitation of nude imagery, or, if the page is more subtle, includes either a method of contact or a location. This slide again reiterates the over 30 percent and 5 admin posts rules found in the hate speech document.

Read more of this story at Slashdot.

Google Being Hit With A Record Fine From The European Commission

Google being hit with a record fine from the European Commission Mark Skilton, of Warwick Business School, is Professor of Practice in Information Systems & Management, and researches and consults on the digital sector.

Mark Skilton, Professor of Practice in Information Systems & Management, and researches and consults on the digital sector at Warwick Business School: 

“It looks like this time the fine will fit the ‘crime’ in this long running dispute of market dominance and manipulation.

“Google has always been a contradiction, in that it is a market facilitator who also wants to control that market. Google claims that it has to compete with other big players and that swapping to an alternative search service is ‘one click away’, but in my view it is its locking up of around 80% of mobile devices with pre-installed Google Android software that is the issue.

“The real issue is not the supplier side ‘problems’ which have been dominating the shape of the market; its having a demand side where consumers have real choice instead of being locked into just one vendor’s world view of the digital economy.

“It must be remembered Google ‘defines the market’ and is not just an innocent bystander.

“Google claims it is a free market for users, but that’s just not true in practice. Granted, as we see in the telecoms market, network operators want to protect their billion-dollar investment in the infrastructure that enables all this internet to work, but its when it becomes a monopolistic control from the supplier to the end user that it becomes a problem.

“The internet is in urgent need of moving to its next level of evolution, which will be a more distributed and edge-based world. It is being seen with the rise of the internet of things that are multiplying the number of connections to smart homes, products, transport and everything else – this will bring a more open market.

“This is the next battleground for Google and the big tech players, but GDPR and the European Commission’s focus on the tech giants is becoming a significant issue for them.”

The ISBuzz Post: This Post Google Being Hit With A Record Fine From The European Commission appeared first on Information Security Buzz.

Corning’s New Gorilla Glass 6 Will Let Your Phones Survive 15 Drops

Corning just announced its most durable glass yet: Gorilla Glass 6. "The company says that the glass will survive up to 15 drops from a one meter height and can be 'up to two times better' than Gorilla Glass 5," reports The Verge. From the report: As phones get slimmer and have ever sleeker glass displays, reports have appeared that the slimness may actually cancel out the improvements in new iterations of Gorilla Glass, since thinner glass is weaker glass, even if it's become stronger. Still Corning argues that sleek edge-to-edge displays have actually led to stronger smartphones. Sometimes, in smartphones of previous years, the bezel would crack first, then leading to a weakness in the glass. There's also a tradeoff between drop resistance and scratch resistance, which Corning has admitted to in the past. Corning says that Gorilla Glass 6 will have the same amount of scratch resistance as previous generations. So although the company claims the new generation of Gorilla Glass is "better," you shouldn't expect new phones made with the glass to be more scratch-resistant. The first devices to feature Gorilla Glass 6 are expected to arrive near the end of the year.

Read more of this story at Slashdot.

Reverse Engineering Malware Training

sans.org - It is an excellent course for those who want hands-on experience understanding an under-the-hood view of malware and how it works. Ryan Denniston, DoD High valuable content that has immediately boost…


Tweeted by @JasonFossen https://twitter.com/JasonFossen/status/1019744378103869440

Masternodes as an Investment Vehicle

Generally, there are thought to be only two ways to make money investing in crypto: holding long-term, or daytrading. These are the methods most often discussed, but there are many other ways as well. You can mine crypto, you can invest in crypto companies, or you can even work as a developer building solutions using […]

The post Masternodes as an Investment Vehicle appeared first on Hacked: Hacking Finance.

eBay Is Conducting a ‘Mass Layoff’ In the Bay Area

eBay is planning to slash nearly 300 jobs from Bay Area locations by July 20, calling the cuts a "mass layoff." Those being laid off were informed at the end of June, reports The Mercury News. The San Jose-based company estimated that it would eliminate 224 jobs in San Jose, 41 in San Francisco, and five in Brisbane. From the report: "This action is expected to be permanent," eBay stated in the Employment Development Department filing. "No affected employee has any bumping rights." Over the one-year period that ended in March, eBay lost $1.64 billion on revenues of $9.84 billion, according to information posted on the Yahoo Finance site. During the first quarter that ended March 31, eBay earned $407 million on revenues of $2.58 billion. Compared to the year-ago first quarter, profits were down 60.7 percent and revenue rose 12 percent.

Read more of this story at Slashdot.

US’ Largest Medical Laboratory Shut Down Its System Over Data Breach Fear




The US' largest medical diagnostics laboratory  LabCorp, is investigating a "suspicious activity" on its network over the weekend.

The company revealed that there is a possibility of a data breach after hackers tried to gain the access to the IT network. Upon noticing the incident, IT officials immediately shut down the company’s every system.

"During the weekend of July 14, 2018, LabCorp detected suspicious activity on its information technology network. LabCorp immediately took certain systems offline as part of its comprehensive response to contain the activity. This temporarily affected test processing and customer access to test results over the weekend," LabCorp's spokespeople.

LabCorp has not given any kind of details about the intrusion, but they have shut down its systems as a preventive measure. However, the firm assures that till now there is no report of any kind of data breach, and they are are trying their best to restore the system back as soon as possible.


"Work has been ongoing to restore full system functionality as quickly as possible, testing operations have substantially resumed today, and we anticipate that additional systems and functions will be restored throughout the next several days. Some customers of LabCorp Diagnostics may experience brief delays in receiving results as we complete that process."

Meanwhile, everyone anticipates the extent of damage caused to millions of patients if the lab has faced data breach.

DeepMind, Elon Musk and Others Pledge Not To Make Autonomous AI Weapons

An anonymous reader quotes a report from Engadget: Yesterday, during the Joint Conference on Artificial Intelligence, the Future of Life Institute announced that more than 2,400 individuals and 160 companies and organizations have signed a pledge, declaring that they will "neither participate in nor support the development, manufacture, trade or use of lethal autonomous weapons." The signatories, representing 90 countries, also call on governments to pass laws against such weapons. Google DeepMind and the Xprize Foundation are among the groups who've signed on while Elon Musk and DeepMind co-founders Demis Hassabis, Shane Legg and Mustafa Suleyman have made the pledge as well. "Thousands of AI researchers agree that by removing the risk, attributability and difficulty of taking human lives, lethal autonomous weapons could become powerful instruments of violence and oppression, especially when linked to surveillance and data systems," says the pledge. It adds that those who sign agree that "the decision to take a human life should never be delegated to a machine." "I'm excited to see AI leaders shifting from talk to action, implementing a policy that politicians have thus far failed to put into effect," Future of Life Institute President Max Tegmark said in a statement. "AI has huge potential to help the world -- if we stigmatize and prevent its abuse. AI weapons that autonomously decide to kill people are as disgusting and destabilizing as bioweapons, and should be dealt with in the same way."

Read more of this story at Slashdot.

Capstone 3.0.5

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Packet Storm: Capstone 3.0.5

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Packet Storm

IBM Wants $167 Million From Groupon Over Alleged Patent Infringement

On Monday, IBM asked a jury to award the company $167 million in a lawsuit against deals site Groupon for using patented technology without authorization. The patents involve e-commerce technology that had already been licensed to Amazon, Facebook, and Alphabet for between $20 million and $50 million per company. "Most big companies have taken licenses to these patents," IBM's lawyer, John Desmarais, said. "Groupon has not. The new kid on the block refuses to take responsibility for using these inventions." Reuters reports: Groupon lawyer J. David Hadden argued that IBM was overreading the scope of its patents and claiming ownership of building blocks of the internet. "A key question for you in this case is whether these patents cover the world wide web," Hadden told jurors. "They do not and that is because IBM did not invent the world wide web." An IBM executive is expected to testify during the two-week trial about licensing deals with technology companies like Amazon and Google, providing a rare glimpse into IBM's efforts to derive revenue from its large patent portfolio. The Armonk, New York-based company invests heavily in research and development and has secured more U.S. patents than any other company for the past 25 years.

Read more of this story at Slashdot.

CVE-2018-0403

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.

CVE-2018-0380

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could cause an affected player to crash, resulting in a denial of service (DoS) condition. The Cisco Webex players are applications that are used to play back Webex meetings that have been recorded by an online meeting attendee. The Webex Network Recording Player for .arf files can be automatically installed when the user accesses a recording that is hosted on a Webex server. The Webex Player for .wrf files can be downloaded manually. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvh70253, CSCvh70268, CSCvh72272, CSCvh72281, CSCvh72285, CSCvi60477, CSCvi60485, CSCvi60490, CSCvi60520, CSCvi60529, CSCvi60533.

CVE-2018-0400

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70904.

CVE-2018-0398

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs: CSCvg71018.

CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087.

CVE-2018-0394

A vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the user interface. An attacker could exploit this vulnerability by injecting code into a function parameter. Cisco Bug IDs: CSCvi12935.

CVE-2018-0390

A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software by using the HTTP POST method. An attacker who can submit malicious scripts to the affected user interface element could execute arbitrary script or HTML code in the user's browser in the context of the affected site. Cisco Bug IDs: CSCvj33287.

CVE-2018-0401

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70967.

CVE-2018-0387

A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An attacker could exploit the vulnerability by sending a user a malicious link and persuading the user to follow the link. A successful exploit could allow the attacker to execute arbitrary code on the user's system. Cisco Bug IDs: CSCvh66250.

CVE-2018-0396

A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting certain malicious code. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve25985.

CVE-2018-0402

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. Cisco Bug IDs: CSCvg70921.

CVE-2018-0399

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug IDs: CSCvg71044.

CVE-2018-0393

A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the attacker to make changes to existing policies. Cisco Bug IDs: CSCvi35007.

CVE-2018-0372

A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918.

CVE-2018-0351

A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the tcpdump utility. The attacker must be authenticated to access the tcpdump utility. A successful exploit could allow the attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69751.

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the request admin-tech command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69852, CSCvi69856.

CVE-2018-0350

A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected parameter in a web page. The attacker must be authenticated to access the affected parameter. A successful exploit could allow the attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69808, CSCvi69810, CSCvi69814, CSCvi69822, CSCvi69827, CSCvi69828, CSCvi69836.

CVE-2018-0377

A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.

CVE-2018-0347

A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the affected parameter. The attacker must be authenticated to access the affected parameter. A successful exploit could allow an attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers. Cisco Bug IDs: CSCvi69906.

CVE-2018-0374

A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco Bug IDs: CSCvh06134.

CVE-2018-0345

A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due to insufficient validation of command arguments that are passed to the configuration and management database of the affected software. An attacker could exploit this vulnerability by creating custom functions that contain malicious code and are executed as the vmanage user of the configuration management system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69937.

CVE-2018-0375

A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, static user credentials for the root account. An attacker could exploit this vulnerability by using the account to log in to an affected system. An exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. Cisco Bug IDs: CSCvh02680.

CVE-2018-0343

A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient access restrictions to the HTTP management interface of the affected solution. An attacker could exploit this vulnerability by sending a malicious HTTP request to the affected management service through an authenticated device. A successful exploit could allow the attacker to execute arbitrary code with vmanage user privileges or stop HTTP services on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69976.

CVE-2018-0376

A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by accessing the Policy Builder interface. A successful exploit could allow the attacker to make changes to existing repositories and create new repositories. Cisco Bug IDs: CSCvi35109.

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the load command within the VPN subsystem. The attacker must be authenticated to access the affected CLI parameter. A successful exploit could allow an attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69866.

CVE-2018-0344

A vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69974.

CVE-2018-0379

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could allow arbitrary code execution on the system of a targeted user. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvi02621, CSCvi02965, CSCvi63329, CSCvi63333, CSCvi63335, CSCvi63374, CSCvi63376, CSCvi63377, CSCvi63391, CSCvi63392, CSCvi63396, CSCvi63495, CSCvi63497, CSCvi63498, CSCvi82684, CSCvi82700, CSCvi82705, CSCvi82725, CSCvi82737, CSCvi82742, CSCvi82760, CSCvi82771, CSCvj51284, CSCvj51294.

CVE-2018-0342

A vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow an authenticated, local attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete bounds checks for data that is provided by the configuration and monitoring service of the affected solution. An attacker could exploit this vulnerability by sending malicious data to the vDaemon listening service on an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, which could allow the attacker to execute arbitrary code with root privileges on the device or cause the vDaemon listening service to reload and result in a DoS condition on the device. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi70003.

CVE-2018-0346

A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in packets that are sent to the Zero Touch Provisioning service of the affected software. An attacker could exploit this vulnerability by sending malicious packets to the affected software for processing. When the software processes the packets, a buffer overflow condition could occur and cause an affected device to reload. A successful exploit could allow the attacker to cause a temporary DoS condition while the device reloads. This vulnerability can be exploited only by traffic that is destined for an affected device. It cannot be exploited by traffic that is transiting a device. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69914.

Cyber defence

nato.int - To keep pace with the rapidly changing threat landscape and maintain robust cyber defences, NATO adopted an enhanced policy and action plan, which were endorsed by Allies at the Wales Summit in Septe…


Tweeted by @DelMarbrook https://twitter.com/DelMarbrook/status/1019721616945745920

Less Than Half Of Cyberattacks Detected By Anti-Virus

According to a recent SANS report, less than half of cyberattacks were detected via anti-virus. Commenting on the report, Andy Norton, director of threat intelligence for Lastline, said:

Andy Norton, Director of Threat Intelligence at Lastline:

“Endpoint security and anti-virus solutions, are like gun laws, they should change, but they won’t. There are simply too many conflicts of interest on a production system, there will always be a trade off between productivity and security at the endpoint.

“To diligently counter intrusions, organisations need to embrace adversary resistant AI analytics, to automate prevention and response countermeasures based on a coalesced array of signature, behavioural and anomaly detection technologies.”

The ISBuzz Post: This Post Less Than Half Of Cyberattacks Detected By Anti-Virus appeared first on Information Security Buzz.

Hackers Account For 90 Percent of Login Attempts At Online Retailers

Hackers account for 90% of of e-commerce sites' global login traffic, according to a report by cyber security firm Shape Security. They reportedly use programs to apply stolen data acquired on the dark web -- all in an effort to login to websites and grab something of value like cash, airline points, or merchandise. Quartz reports: These attacks are successful as often as 3% of the time, and the costs quickly add up for businesses, Shape says. This type of fraud costs the e-commerce sector about $6 billion a year, while the consumer banking industry loses out on about $1.7 billion annually. The hotel and airline businesses are also major targets -- the theft of loyalty points is a thing -- costing a combined $700 million every year. The process starts when hackers break into databases and steal login information. Some of the best known "data spills" took place at Equifax and Yahoo, but they happen fairly regularly -- there were 51 reported breaches last year, compromising 2.3 billion credentials, according to Shape. Taking over bank accounts is one way to monetize stolen login information -- in the US, community banks are attacked far more than any other industry group. According to Shape's data, that sector is attacked more than 200 million times each day. Shape says the number of reported credential breaches was roughly stable at 51 last year, compared with 52 in 2016. The best way consumers can minimize these attacks is by changing their passwords.

Read more of this story at Slashdot.

of ceh v9

Index of /Hacking and Pentest. ASybex.CEH_.Certified.Ethical.Hacker.Version. 8.Study_.. Hacking - CEH Cheat Sheet Exercises.pdf, 2018-06-22 ...

SANS Reporting Less Than Half Of Cyberattacks Detected By Antivirus Solutions

Antivirus systems only detected endpoint compromise 47% of the time; other attacks were caught through automated SIEM alerts (32%) and endpoint detection and response platforms (26%) according to the SANS 2018 Survey on on Endpoint Protection and Response.

Justin Jett, Director of Audit and Compliance at Plixer:

“The recent SANs 2018 Survey on Endpoint Protection and Response makes clear that point-security solutions are not enough to quell the ever-growing barrage of cyberattacks. Organizations should continue to deploy endpoint security, but with less than half of cyberattacks being detected by antivirus, organizations must deploy other platforms to detect and help remediate these problems as they happen. Network traffic analytics should be used across the entire network infrastructure to help IT professionals see when malicious activity is taking place. By leveraging the network data, network and security teams can work together to thwart the efforts of malicious actors.”

The ISBuzz Post: This Post SANS Reporting Less Than Half Of Cyberattacks Detected By Antivirus Solutions appeared first on Information Security Buzz.

Debian Security Advisory 4250-1

Debian Linux Security Advisory 4250-1 - A vulnerability was discovered in Wordpress, a web blogging tool. It allowed remote attackers with specific roles to execute arbitrary code.

Zuckerberg: If Someone Gets Fired For Data Abuse ‘It Should Be Me’

Mark Zuckerberg isn't planning to fire himself. At least, not at the moment. From a report: During an interview with Recode's Kara Swisher published Wednesday, the Facebook CEO touched on Russians interfering with US elections, misinformation, data breaches, the company's business model and more. When asked by Swisher who's to blame for the Cambridge Analytica scandal and related data misuse, Zuckerberg said he "designed the platform, so if someone's going to get fired for this, it should be me." Swisher followed up by asking if he was going to fire himself. "Not on this podcast right now," he said. Zuckerberg also defended the social media platform's decision not to kick off conspiracy theory-peddling websites like the far-right InfoWars. From a report: Zuckerberg said that instead of banning websites outright, the company removes individual posts that violate Facebook's terms of service. Posts promoting violence are particularly likely to be taken down, he added. Zuckerberg, who is Jewish, said even Holocaust deniers have a place on the platform as long as they genuinely believe the content they share. "I find that deeply offensive," he said. "But at the end of the day, I don't believe that our platform should take that down because I think there are things that different people get wrong. I don't think that they're intentionally getting it wrong."

Read more of this story at Slashdot.

Stocks Mixed as Dollar Tests Highs Again

Choppy summer trading conditions continue to dominate traditional financial markets, with low train volumes and relatively narrow intraday ranges in most of the asset classes. Despite the low activity, there is still a clear rising trend in US markets, while the rest of the world tries to gather some bullish momentum despite the widespread technical […]

The post Stocks Mixed as Dollar Tests Highs Again appeared first on Hacked: Hacking Finance.