News aggregator

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

THN - Fri, 29/03/2019 - 08:16
EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky released a dedicated offline tool and launched an online web page where ASUS PC users can search

Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites

THN - Fri, 29/03/2019 - 05:48
If your online e-commerce business is running over the Magento platform, you must pay attention to this information. Magento yesterday released new versions of its content management software to address a total of 37 newly-discovered security vulnerabilities. Owned by Adobe since mid-2018, Magento is one of the most popular content management system (CMS) platform that powers 28% of

Ex-NSA Contractor Pleads Guilty to 20-Year-Long Theft of Classified Data

THN - Fri, 29/03/2019 - 03:59
A former National Security Agency contractor—who stole an enormous amount of sensitive information from the agency and then stored it at his home and car for over two decades—today changed his plea to guilty. The theft was labeled as the largest heist of classified government material in America's history. Harold Thomas Martin III, a 54-year-old Navy veteran from Glen Burnie, abused his

Advanced Breach Protection Demystified – Untold Truths On Security Beyond AV

THN - Thu, 28/03/2019 - 13:00
Doing business in today's connected world means dealing with a continually evolving threat landscape. With potential losses due to downtime following a breach, plus valuable client and proprietary information at risk, most organizations realize they cannot afford to be complacent. This puts extra onus on security IT teams, who are continuously left scrambling, looking for the best way to

Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms

THN - Thu, 28/03/2019 - 05:18
An Iran-linked cyber-espionage group that has been found targeting critical infrastructure, energy and military sectors in Saudi Arabia and the United States two years ago continues targeting organizations in the two nations, Symantec reported on Wednesday. Widely known as APT33, which Symantec calls Elfin, the cyber-espionage group has been active since as early as late 2015 and targeted a wide

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

THN - Tue, 26/03/2019 - 11:14
Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. Since almost all Facebook-owned apps by default use security mechanisms such as Certificate Pinning to ensure integrity and confidentiality of the traffic, it makes it harder for white hat

Insecure UC Browser 'Feature' Lets Hackers Hijack Android Phones Remotely

THN - Tue, 26/03/2019 - 09:08
Beware! If you are using UC Browser on your smartphones, you should consider uninstalling it immediately. Why? Because the China-made UC Browser contains a "questionable" ability that could be exploited by remote attackers to automatically download and execute code on your Android devices. Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically

Latest iOS 12.2 Update Patches Some Serious Security Vulnerabilities

THN - Tue, 26/03/2019 - 05:44
Apple on Monday released iOS 12.2 to patch a total of 51 security vulnerabilities in its mobile operating system that affects iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. A majority of vulnerabilities Apple patched this month reside in its web rendering engine WebKit, which is used by many apps and web browsers running on the Apple's operating system. According to

Warning: ASUS Software Update Server Hacked to Distribute Malware

THN - Mon, 25/03/2019 - 13:27
Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS. <!-- adsense --> A group of state-sponsored

Get 4 Essential CyberSecurity Software For Less Than $10 Per Month

THN - Fri, 22/03/2019 - 08:57
Major data breaches and cyber attacks are occurring at an alarming rate, and if you are still not using a VPN and password manager app, you are seriously out of excuses. Not just VPN software and a password manager, cybersecurity experts also recommend using antivirus and backup solutions to protect your computers and precious data stored on them. Unfortunately, to cover these bases, one

Medtronic's Implantable Defibrillators Vulnerable to Life-Threatening Hacks

THN - Fri, 22/03/2019 - 08:54
The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a small surgically implanted device (in patients' chests) that gives a patient's heart an electric

Microsoft Announces Windows Defender ATP Antivirus for Mac

THN - Fri, 22/03/2019 - 04:55
Brace yourself guys. Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers. Sounds crazy, right? But it's true. Microsoft Thursday announced that the company is bringing its anti-malware software to Apple’s macOS operating system as well—and to more platforms soon, like Linux. As a result, the technology giant renamed its Windows Defender Advanced

Facebook Mistakenly Stored Millions of Users' Passwords in Plaintext

THN - Thu, 21/03/2019 - 15:49
Holy moly, Facebook is again at the center of a new privacy controversy after revealing today that its platform mistakenly kept a copy of passwords for "hundreds of millions" users in plaintext. What's more? Not just Facebook, Instagram users are also affected by the latest security incident. So, if you are one of the affected users, your Facebook or Instagram password was readable to some of

New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

THN - Wed, 20/03/2019 - 10:31
Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep. Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently.

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

THN - Wed, 20/03/2019 - 06:41
The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities. PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over SSH, Telnet, and Rlogin network protocols. Almost 20 months after releasing the last version of

Google Will Prompt European Android Users to Select Preferred Default Browser

THN - Wed, 20/03/2019 - 05:50
Google announced some major changes for its Android mobile operating system in October after the European Commission hit the company with a record $5 billion antitrust fine for pre-installing its own apps and services on third-party Android phones. The European Commission accused Google of forcing Android phone manufacturers to "illegally" tie its proprietary apps and services—specifically,

Android Q — Google Adds New Mobile Security and Privacy Features

THN - Tue, 19/03/2019 - 15:19
Google has recently released the first beta version of Android Q, the next upcoming version of Google's popular mobile operating system, with a lot of new privacy improvements and other security enhancements. Android Q, where Q has not yet been named, offers more control over installed apps, their access, and permissions, and location settings; more support for passive authentication like face

Ransomware Attack Forces Aluminum Manufacturer to Shutdown Systems Worldwide

THN - Tue, 19/03/2019 - 14:05
Photo by Terje Pedersen / NTB scanpix One of the world's largest producers of aluminum has been forced to shut down several of its plants across Europe and the U.S. after an "extensive cyber attack" hit its operations, leaving companies' IT systems unusable. According to a press release shared by Aluminum giant Norsk Hydro today, the company has temporarily shut down several plants and

Libssh Releases Update to Patch 9 New Security Vulnerabilities

THN - Tue, 19/03/2019 - 07:27
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Red Hat, Debian, and also comes bundled within some distributions and software as a default library

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

THN - Tue, 19/03/2019 - 04:55
Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original creators of Mirai botnet have already been arrested and jailed, variants of the infamous IoT malware


Subscribe to Shiga Tecnologia aggregator