News aggregator

5 things you can do today to make Zooming safer

Sophos - Naked Security - Fri, 03/04/2020 - 12:46
5 things you can do to make your Zooming safer, more private and more secure...

‘Zombie’ Windows win32k bug reanimated by researcher

Sophos - Naked Security - Fri, 03/04/2020 - 07:29
Dozens of bugs in a core Windows API could enable attackers to elevate their privileges in the operating system.

How Just Visiting A Site Could Have Hacked Your iPhone or MacBook Camera

THN - Fri, 03/04/2020 - 07:20
If you use Apple iPhone or MacBook, here we have a piece of alarming news for you. Turns out merely visiting a website — not just malicious but also legitimate sites unknowingly loading malicious ads as well — using Safari browser could have let remote attackers secretly access your device's camera, microphone, or location, and in some cases, saved passwords as well. Apple recently paid a $

Watch out for the new wave of COVID-19 scams, warns IRS

Sophos - Naked Security - Fri, 03/04/2020 - 06:12
If somebody promises to get your economic impact payment fast, back away: it's just one flavor of COVID-19 scam the tax agency is seeing.

Don’t get locked out of your own website – update this WordPress plugin now!

Sophos - Naked Security - Thu, 02/04/2020 - 13:24
In theory, crooks could mess up your site so vistors can't see your content, then lock you out so you can't jump in and fix it.

Phone carriers must authenticate calls to fight robocalls, says FCC

Sophos - Naked Security - Thu, 02/04/2020 - 08:44
The FCC has given voice carriers until June 2021 to implement technology it says will stop the robocall plague that's driving us all insane.

COVID-19 forces browser makers to continue supporting TLS 1.0

Sophos - Naked Security - Thu, 02/04/2020 - 06:52
In one of the strangest stories of the year, the COVID-19 virus has halted plans by major browsers to drop support for the aging and insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols.

Magecart Hackers Inject iFrame Skimmers in 19 Sites to Steal Payment Data

THN - Thu, 02/04/2020 - 06:52
Cybersecurity researchers today uncovered an ongoing new Magecart skimmer campaign that so far has successfully compromised at least 19 different e-commerce websites to steal payment card details of their customers. According to a report published today and shared with The Hacker News, RiskIQ researchers spotted a new digital skimmer, dubbed "MakeFrame," that injects HTML iframes into

Unpatched Zoom App Bug Lets Hackers Steal Your Windows Password

THN - Wed, 01/04/2020 - 12:36
Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic made it overnight a favorite tool for millions of people. Though Zoom is an efficient online video meeting solution, it's still not the best choice in terms of privacy and security. According to the latest finding by cybersecurity expert @_g0dmode, which

Bill Gates’s YouTube ‘Bitcoin giveaway’ is a big fat scam

Sophos - Naked Security - Wed, 01/04/2020 - 10:15
And no, Microsoft said, none of our verified accounts have been hijacked, vehemently denying early reports.

QR code generator scam steals thousands in Bitcoin

Sophos - Naked Security - Wed, 01/04/2020 - 10:04
Every once in a while an attack comes along that is so simple to set up, and yet so effective, that it makes your jaw drop. Here's one.

WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

THN - Wed, 01/04/2020 - 10:02
Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at Guardicore

Webinar — Autonomous Breach Protection: The New Security Paradigm Shift

THN - Wed, 01/04/2020 - 08:57
Organizations today struggle with multi-product security stacks, that are expensive to purchase and maintain and also require a highly skilled security team to manually integrate and operate. The current Coronavirus crisis that has imposed a strict quarantine on organizations and security teams highlights the inherent weakness in relying on manual operation. This gives rise to a new security

Microsoft’s Edge browser to get breached credential alerts

Sophos - Naked Security - Wed, 01/04/2020 - 08:29
Microsoft has announced a list of new security and privacy features it plans to add to forthcoming versions in an effort to take on its rivals.

Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

THN - Tue, 31/03/2020 - 12:52
International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years. "At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property," Marriott said in a

Marriott International confirms data breach of up to 5.2 million guests

Sophos - Naked Security - Tue, 31/03/2020 - 12:41
Marriott International has today announced that it has suffered a data breach affecting up to 5.2 million people.

Patch now! Critical flaw found in OpenWrt router software

Sophos - Naked Security - Tue, 31/03/2020 - 11:18
OpenWrt is an open source operating system used by millions of home and small business routers and embedded devices.

Dharma ransomware source code on sale for $2,000

Sophos - Naked Security - Tue, 31/03/2020 - 11:17
The source code for ransomware-as-a-service strain Dharma has been put up for sale by hackers.

Data on almost every citizen of Georgia posted on hacker forum

Sophos - Naked Security - Tue, 31/03/2020 - 08:07
Where did it all come from? 4.9m records were posted on a hacking forum - and the country only has an estimated population of 3.7m.


Subscribe to Shiga Tecnologia aggregator