Feed aggregator

CW Nordics - February-April 2021: Nordic startups aim to take the lead in pet tech advances

Security News White Papers - Thu, 03/04/2021 - 12:00am
Nordic technology startups are looking to take pet tech mainstream following the acceleration of the industry during the coronavirus pandemic. Published by: ComputerWeekly.com

Conquering cloud security threats with awareness and tools

Security News White Papers - Tue, 03/02/2021 - 12:00am
The global market for cloud security products and services is booming, and so are threats. Increasingly, a company must beware of nation-state hackers, though the problem of vulnerabilities caused by human error within the organization persists. Published by: SearchSecurity.com

Getting the most from cyberthreat intelligence services

Security News White Papers - Tue, 03/02/2021 - 12:00am
A deluge of data is making it tough to put cyberthreat intelligence to work. This issue of 'Information Security' magazine focuses on what data makes a difference. This issue also includes a feature on top CISO concerns for 2020, plus an interview with Cisco's CISO Steve Martino. Published by: SearchSecurity.com

Computer Weekly - 23 February 2021: Computers in space - managing a datacentre on the ISS

Security News White Papers - Tue, 03/02/2021 - 12:00am
In this week's Computer Weekly, as the International Space Station gets a datacentre upgrade, we look at the challenges of system maintenance in space. As nation states increase their cyber attacks, we assess the risk for businesses. And our latest buyer's guide looks at the colocation market. Read the issue now. Published by: ComputerWeekly.com

Exchange Server & Office 365 Backup Essential Guide

Security News White Papers - Mon, 03/01/2021 - 12:00am
To ensure your Exchange Server and O365 protection is airtight, download our Go-to Guide for Exchange Server & Office 365 Backup. Inside, you'll find native vs. third-party Exchange backup options, how to switch authentication modes during DR, 3 best practices for backing up Office 365 data, and much more. Published by: TechTarget

Cisco Integrated Management Controller Authorization Bypass Vulnerability

A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization.

The vulnerability is due to improper authorization checks on API endpoints. An attacker could exploit this vulnerability by sending malicious requests to an API endpoint. An exploit could allow the attacker to download files from or modify limited configuration options on the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Security Impact Rating: Medium
CVE: CVE-2020-26063
Categories: Cisco

From Creativity to Exclusivity: The German Government's Bad Deal for Article 17

EFF - 0 sec ago

The implementation process of Article 17 (formerly Article 13) of the controversial Copyright Directive into national laws is in full swing, and it does not look good for users' rights and freedoms. Several EU states have failed to present balanced copyright implementation proposals, ignoring the concerns off EFF, other civil society organizations, and experts that only strong user safeguards can help preventing Article 17 from turning tech companies and online services operators into copyright police.

A glimpse of hope was presented by the German government in a recent discussion paper. While the draft proposal fails to prevent the use of upload filters to monitor all user uploads and assess them against the information provided by rightsholders, it showed creativity by giving users the option of pre-flagging uploads as "authorized" (online by default) and by setting out exceptions for everyday uses. Remedies against abusive removal requests by self-proclaimed rightsholders were another positive feature of the discussion draft.

Inflexible Rules in Favor of Press Publishers

However, the recently adopted copyright implementation proposal by the German Federal Cabinet has abandoned the focus on user rights in favor of inflexible rules that only benefit press publishers. Instead of opting for broad and fair statutory authorization for non-commercial minor uses, the German government suggests trivial carve-outs for "uses presumably authorized by law," which are not supposed to be blocked automatically by online platforms. However, the criteria for such uses are narrow and out of touch with reality. For example, the limit for minor use of text is 160 characters.

By comparison, the maximum length of a tweet is 280 characters, which is barely enough substance for a proper quote. As those uses are only presumably authorized, they can still be disputed by rightsholders and blocked at a later stage if they infringe copyright. However, this did not prevent the German government from putting a price tag on such communication as service providers will have to pay the author an "appropriate remuneration." There are other problematic elements in the proposal, such as the plan to limit the use of parodies to uses that are "justified by the specific purpose"—so better be careful about being too playful.

The German Parliament Can Improve the Bill

It's now up to the German Parliament to decide whether to be more interested in the concerns of press publishers or in the erosion of user rights and freedoms. EFF will continue to reach out to Members of Parliament to help them make the right decision.

Malware Gangs Partner Up in Double-Punch Security Threat

Threat Post - 10 min 50 sec ago
From TrickBot to Ryuk, more malware cybercriminal groups are putting their heads together when attacking businesses.
Categories: Threat Post