- Protecting the research & education sector against cyber attacks [in THE FIELD]
-
Iranian Hackers Charged in March Are Still Actively Phishing Universities [Bleeping Computer]
- see also (IOCs): Back to School: COBALT DICKENS Targets Universities [Secureworks]
- and www.cnet.com/google-amp/news/cybersecurity-101-how-universities-are-dealing-with-hackers/ -
Apache Struts Vulnerability POC Code Found on GitHub [Recorded Future]
- see also: Another Year, Another Critical Struts Flaw – NB: links to hardening guides in the “You Can’t Install a Patch That Doesn’t Exist” section
- and Hardening Apache Struts with SELinux [Double Pulsar] -
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface [CERT-CC]
- Temporary Patch Available for Recent Windows Task Scheduler ALPC Zero-Day [Bleeping Computer] -
Vulnerability Affects All OpenSSH Versions Released in the Past Two Decades [Bleeping Computer]
- see: nvd.nist.gov/vuln/detail/CVE-2018-15473 (user enumeration vulnerability) -
Following account hacks, Instagram will finally support third party 2FA apps [Mashable]
- see also: Instagram’s New Security Tools are a Welcome Step, But Not Enough [Krebs on Security] - The enemy is us: a look at insider threats [Malwarebytes LABS]
- Don’t shoot messenger [EFF (the other one again)]
- A cryptocurrency exchange hack with a North Korean accent [Kaspersky lab]
- Pwned Passwords, Now As NTLM Hashes! [Troy Hunt]
- Facebook removes 652 fake accounts and pages meant to influence world politics [The Guardian]
- Former NSA, CIA director on cyber, Facebook and hacking back [Fifth Domain]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F
![[TI: logo for TI accredited teams]](../assets/img/TI-Accredited_120x120.jpg)
![[FIRST.org Logo]](../assets/img/first-org-simple.png)