VLC Media Player Allows Desktop Takeover Via Malicious Video Files VideoLAN has released an updated version of its VLC Player to fix over a dozen bugs. threatpost.com/high-risk-vlc-m

Apple Sues Corellium Over iOS ‘Replica’ Security Testing Software The phone company has sued the startup for copyright infringement. threatpost.com/apple-sues-core

Post GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware A detailed look at underground forums shows that cybercriminals aren't sure where to look on the heels of the GandCrab ransomware group shutting its doors - and low-level actors are taking advantage of that by developing their own strains. threatpost.com/post-gandcrab-c

Google Nest Security Cam Bugs Allow Device Takeover Eight vulnerabilities would allow a range of attacker activities, including taking the Nest camera offline, sniffing out network information and device hijacking. threatpost.com/google-nest-sec

Coordinated Ransomware Attack Hits 23 Texas Government Agencies Researchers say that the targeted ransomware cyberattack on 23 Texas local and state entities represents a shift from "attacks of opportunity" to more targeted, malicious attacks. threatpost.com/coordinated-ran

Fake News and Influence: Information Warfare in the Digital Age It's been around forever, but in a modern digital era marked by influence campaigns and deep fakes, information warfare has become much easier to carry out. threatpost.com/information-war

ThreatList: 4.1B Records Exposed in Breaches in First Half of 2019 The number of exposed records has hit record highs in just the first two quarters. threatpost.com/4b-records-expo

Breached Passwords Still in Use By Hundreds of Thousands More than 300,000 users still utilize credentials that have been compromised - with people visiting video streaming and porn sites most at fault, Google found in a new study. threatpost.com/breached-passwo

News Wrap: DejaBlue Bugs and Biometrics Data Breaches From the biometrics of one million being exposed, to new Microsoft Bluekeep threats, Threatpost discusses the top news of the week. threatpost.com/news-wrap-dejab

HTTP Bugs Open Websites to DoS Attacks Eight vulnerabilities in the HTTP/2 server implementations were found in vendors Amazon, Apple, Microsoft and Apache. threatpost.com/http-bugs/14740

Energy Sector Phish Swims Past Microsoft Email Security via Google Drive The savvy technique of avoiding malicious links in the email allowed the phishing attack to reach its targets. threatpost.com/energy-phish-mi

Apache Security Advisories Red Flag Wrong Versions in Patching Gaffe Up to 24 Apache Struts Security Advisories listed the wrong versions that were impacted by vulnerabilities, researchers warn. threatpost.com/apache-security

Choice Hotels Breach Showcases Need for Shared Responsibility Model 700,000 customer records were exposed after being housed on a vendor's server that lacked appropriate security. threatpost.com/choice-hotels-b

Clickjacking Evolves to Hook Millions of Visitors to Top Sites Researchers said that clickjacking is a threat that's evolving, with new tactics just starting to emerge. threatpost.com/clickjacking-mi

Fingerprints of 1M Exposed in Public Biometrics Database A publicly accessible database exposed the fingerprints and facial recognition information of millions, thrusting biometrics security into the spotlight once again. threatpost.com/fingerprints-of

Lenovo Warns on ThinkPad Bugs, One Unpatched The notebook maker is warning users of three separate vulnerabilities. threatpost.com/lenovo-warns-bu

20-Year-Old Bug in Legacy Microsoft Code Plagues All Windows Users A bug in an obscure legacy Windows protocol can lead to serious real-world privilege-escalation attacks. threatpost.com/20-year-old-bug

Windows Users at Risk From High-Severity Intel Software Flaw Overall, Intel stomped out three high-severity vulnerabilities and five medium-severity flaws. threatpost.com/windows-users-a

DEF CON and Feds Partner on Anonymous Bug Submission Program Bug submission program uses the SecureDrop platform to ensure anonymity. threatpost.com/anonymous-bug-s

Facebook Records User Audio, Sparking Privacy Questions Hundreds of contractors reportedly were hired to transcribe Messenger voice chats in order to test the accuracy of an AI algorithm -- raising questions about what Facebook does with the data. threatpost.com/facebook-record

Show more
mhc.social

Lokale Instanz der MHC SoftWare GmbH