News aggregator

Exclusive: Thousands of Google Calendars Leaking Private Information Online

THN - 4 hours 46 min ago
"Warning — Making your calendar public will make all events visible to the world, including via Google search. Are you sure?" Remember this security warning? No? If you have ever shared your Google Calendars, or maybe inadvertently, with someone that should not be publicly accessible anymore, you should immediately go back to your Google settings and check if you're exposing all your events

125 New Flaws Found in Routers and NAS Devices from Popular Brands

THN - 7 hours 14 min ago
The world of connected consumer electronics, IoT, and smart devices is growing faster than ever with tens of billions of connected devices streaming and sharing data wirelessly over the Internet, but how secure is it? As we connect everything from coffee maker to front-door locks and cars to the Internet, we're creating more potential—and possibly more dangerous—ways for hackers to wreak havoc.

How Cloud-Based Automation Can Keep Business Operations Secure

THN - Mon, 16/09/2019 - 08:57
The massive data breach at Capital One – America's seventh-largest bank, according to revenue – has challenged many common assumptions about cloud computing for the first time. Ironically, the incident, which exposed some 106 million Capital One customers' accounts, has only reinforced the belief that the cloud remains the safest way to store sensitive data. "You have to compare [the cloud]

WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users

THN - Mon, 16/09/2019 - 08:24
Mistakenly sent a picture to someone via WhatsApp that you shouldn't have? Well, we've all been there, but what's more unfortunate is that the 'Delete for Everyone' feature WhatsApp introduced two years ago contains an unpatched privacy bug, leaving its users with false sense of privacy. WhatsApp and its rival Telegram messenger offer "Delete for Everyone," a potentially life-saving feature

US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks

THN - Sat, 14/09/2019 - 07:16
The United States Treasury Department on Friday announced sanctions against three state-sponsored North Korean hacking groups for conducting several destructive cyberattacks on US critical infrastructure. Besides this, the hacking groups have also been accused of stealing possibly hundreds of millions of dollars from financial institutions around the world to ultimately fund the North Korean

Yikes! iOS 13 Coming Next Week With iPhone LockScreen Bypass Bug

THN - Fri, 13/09/2019 - 15:06
Good news... next week, on September 19, Apple will roll out iOS 13, the latest version of its mobile operating system. Yes, we're excited about, but here comes the bad news... iOS 13 contains a vulnerability that could allow anyone to bypass the lockscreen protection on your iPhone and access some sensitive information. Jose Rodriguez, a Spanish security researcher, contacted The Hacker

New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS

THN - Thu, 12/09/2019 - 10:22
Cybersecurity researchers today revealed the existence of a new and previously undetected critical vulnerability in SIM cards that could allow remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS. Dubbed "SimJacker," the vulnerability resides in a particular piece of software, called the [email protected] Browser (a dynamic SIM toolkit), embedded on most SIM cards

WebARX — A Defensive Core For Your Website

THN - Thu, 12/09/2019 - 08:44
Estonian based web security startup WebARX, the company who is also behind open-source plugin vulnerability scanner WPBullet and soon-to-be-released bug bounty platform, has a big vision for a safer web. It built a defensive core for websites which is embedded deep inside the company's DNA as even ARX in their name refers to the citadel (the core fortified area of a town or

Popular Period Tracking Apps Share Your Sexual Health Data With Facebook

THN - Thu, 12/09/2019 - 05:55
Hello Ladies, let's talk about periods, privacy, and Facebook. Are you using an app on your smartphone to keep tracks on your periods? Well, it's worrying, because it might be sharing your extremely sensitive information like menstrual cycle and sexual activities with Facebook. A new investigative report from UK-based advocacy group Privacy International revealed how some most popular

NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs

THN - Wed, 11/09/2019 - 10:09
Unlike previous side-channel vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely over the network without requiring an attacker to have physical access or any malware installed on a targeted computer. Dubbed NetCAT, short for Network Cache ATtack, the new network-based side-channel vulnerability could allow a remote attacker to sniff

CISO Kit — Breach Protection in the Palm of Your Hand

THN - Wed, 11/09/2019 - 09:28
CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail. Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors do not acknowledge off-hours or weekends, introducing

Google to Experiment 'DNS over HTTPS' (DoH) Feature in Chrome 78

THN - Wed, 11/09/2019 - 07:58
Immediately after Mozilla announced its plan to soon enable 'DNS over HTTPS' (DoH) by default for Firefox users in the United States, Google today says it is planning an experiment with this privacy-focused technology in its upcoming Chrome 78. Under development since 2017, 'DNS over HTTPS' performs DNS lookups—finding the server IP address of a certain domain name—over an encrypted HTTPS

Mozilla Launches 'Firefox Private Network' VPN Service as a Browser Extension

THN - Wed, 11/09/2019 - 04:48
Mozilla has officially launched a new privacy-focused VPN service, called Firefox Private Network, as a browser extension that aims to encrypt your online activity and limit what websites and advertisers know about you. Firefox Private Network service is currently in beta and available only to desktop users in the United States as part of Mozilla's recently expunged "Firefox Test Pilot"

Hundreds of BEC Scammers Arrested in Nigeria and U.S. — $3.7 Million Recovered

THN - Wed, 11/09/2019 - 03:32
Breaking News — The Nigerian prince and his allies who might have also asked you over an email for your assistance to help save "the first African astronaut lost in space" have finally been arrested by the FBI. Don't take it too seriously, as there's no Nigerian prince or an astronaut seeking your help. Instead, it was an infamous 'Nigerian 419' scam email template where fraudsters try to

Latest Microsoft Updates Patch 4 Critical Flaws In Windows RDP Client

THN - Tue, 10/09/2019 - 15:36
Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an

Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext

THN - Tue, 10/09/2019 - 13:42
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecure storage of credentials, potentially affecting every user and system on that network. Researcher

Adobe Releases Security Patches For Critical Flash Player Vulnerabilities

THN - Tue, 10/09/2019 - 12:31
It's Patch Tuesday again—the day of the month when both Adobe and Microsoft release security patches for vulnerabilities in their software. Adobe has just released its monthly security updates to address a total of 3 security vulnerabilities in only two of its products this time—Adobe Flash Player and Adobe Application Manager (AAM). None of the security vulnerabilities patched this month in

New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data

THN - Mon, 09/09/2019 - 10:18
Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server. Active since 2012, Stealth Falcon is a sophisticated hacking group known for targeting journalists, activists, and

Facebook Patches "Memory Disclosure Using JPEG Images" Flaws in HHVM Servers

THN - Mon, 09/09/2019 - 05:12
Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file. The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by Facebook for

A Summer of Discontent: The Hottest Malware Hits

THN - Fri, 06/09/2019 - 10:02
It's been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here's a recap of the most burning strains and trends seen in the wild during the months of July and August 2019. Malware Evolution Trends The heat must have had an effect as this summer saw malware


Subscribe to Shiga Tecnologia aggregator