News aggregator

Popular Period Tracking Apps Share Your Sexual Health Data With Facebook

THN - Thu, 12/09/2019 - 05:55
Hello Ladies, let's talk about periods, privacy, and Facebook. Are you using an app on your smartphone to keep tracks on your periods? Well, it's worrying, because it might be sharing your extremely sensitive information like menstrual cycle and sexual activities with Facebook. A new investigative report from UK-based advocacy group Privacy International revealed how some most popular

NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs

THN - Wed, 11/09/2019 - 10:09
Unlike previous side-channel vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely over the network without requiring an attacker to have physical access or any malware installed on a targeted computer. Dubbed NetCAT, short for Network Cache ATtack, the new network-based side-channel vulnerability could allow a remote attacker to sniff

CISO Kit — Breach Protection in the Palm of Your Hand

THN - Wed, 11/09/2019 - 09:28
CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail. Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors do not acknowledge off-hours or weekends, introducing

Google to Experiment 'DNS over HTTPS' (DoH) Feature in Chrome 78

THN - Wed, 11/09/2019 - 07:58
Immediately after Mozilla announced its plan to soon enable 'DNS over HTTPS' (DoH) by default for Firefox users in the United States, Google today says it is planning an experiment with this privacy-focused technology in its upcoming Chrome 78. Under development since 2017, 'DNS over HTTPS' performs DNS lookups—finding the server IP address of a certain domain name—over an encrypted HTTPS

Mozilla Launches 'Firefox Private Network' VPN Service as a Browser Extension

THN - Wed, 11/09/2019 - 04:48
Mozilla has officially launched a new privacy-focused VPN service, called Firefox Private Network, as a browser extension that aims to encrypt your online activity and limit what websites and advertisers know about you. Firefox Private Network service is currently in beta and available only to desktop users in the United States as part of Mozilla's recently expunged "Firefox Test Pilot"

Hundreds of BEC Scammers Arrested in Nigeria and U.S. — $3.7 Million Recovered

THN - Wed, 11/09/2019 - 03:32
Breaking News — The Nigerian prince and his allies who might have also asked you over an email for your assistance to help save "the first African astronaut lost in space" have finally been arrested by the FBI. Don't take it too seriously, as there's no Nigerian prince or an astronaut seeking your help. Instead, it was an infamous 'Nigerian 419' scam email template where fraudsters try to

Latest Microsoft Updates Patch 4 Critical Flaws In Windows RDP Client

THN - Tue, 10/09/2019 - 15:36
Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an

Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext

THN - Tue, 10/09/2019 - 13:42
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecure storage of credentials, potentially affecting every user and system on that network. Researcher

Adobe Releases Security Patches For Critical Flash Player Vulnerabilities

THN - Tue, 10/09/2019 - 12:31
It's Patch Tuesday again—the day of the month when both Adobe and Microsoft release security patches for vulnerabilities in their software. Adobe has just released its monthly security updates to address a total of 3 security vulnerabilities in only two of its products this time—Adobe Flash Player and Adobe Application Manager (AAM). None of the security vulnerabilities patched this month in

New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data

THN - Mon, 09/09/2019 - 10:18
Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server. Active since 2012, Stealth Falcon is a sophisticated hacking group known for targeting journalists, activists, and

Facebook Patches "Memory Disclosure Using JPEG Images" Flaws in HHVM Servers

THN - Mon, 09/09/2019 - 05:12
Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file. The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by Facebook for

A Summer of Discontent: The Hottest Malware Hits

THN - Fri, 06/09/2019 - 10:02
It's been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here's a recap of the most burning strains and trends seen in the wild during the months of July and August 2019. Malware Evolution Trends The heat must have had an effect as this summer saw malware

Exim TLS Flaw Opens Email Servers to Remote 'Root' Code Execution Attacks

THN - Fri, 06/09/2019 - 09:48
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers. Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that affect all

Multiple Code Execution Flaws Found In PHP Programming Language

THN - Fri, 06/09/2019 - 08:26
Maintainers of the PHP programming language recently released the latest versions of PHP to patch multiple high-severity vulnerabilities in its core and bundled libraries, the most severe of which could allow remote attackers to execute arbitrary code and compromise targeted servers. Hypertext Preprocessor, commonly known as PHP, is the most popular server-side web programming language that

Flaws in Over Half a Million GPS Trackers Expose Children Location Data

THN - Fri, 06/09/2019 - 06:01
What if the tech intended to ensure that your kids, senior citizens, and pets are safe even when they're out of sight inadvertently expose them to stalkers? An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25–$50 have been found vulnerable to a handful of dangerous vulnerabilities that may have exposed user's real-time locations, security

Google Fined $170 Million For Violating Kids' Privacy On YouTube

THN - Fri, 06/09/2019 - 03:52
Google has finally agreed to pay $170 million fine to settle allegations by the Federal Trade Commission and the New York attorney general that its YouTube service earned millions by illegally harvesting personal information from children without their parents' consent. The settlement requires Google to pay $136 million to the FTC and an additional $34 million fine to New York state for

Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked

THN - Thu, 05/09/2019 - 06:15
Twitter today finally decided to temporarily disable a feature, called 'Tweeting via SMS,' after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey last week and sent a series of racist and offensive tweets to Dorsey's followers. Dorsey's Twitter account was compromised last week when a hacker group calling itself "Chuckling Squad" replicated a mobile phone number

Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

THN - Wed, 04/09/2019 - 10:23
Whenever you insert a new SIM in your phone and connects to your cellular network for the very first time, your carrier service automatically configures or sends you a message containing network-specific settings required to connect to data services. While manually installing it on your device, have you ever noticed what configurations these messages, technically known as OMA CP messages,

New Free Offering Enables Any MSP and Security Integrator to Add Incident Response to their Services Portfolio

THN - Wed, 04/09/2019 - 08:10
The Incident Response (IR) services market is in accelerated growth due to the rise in cyberattacks that result in breaches. More and more organizations, across all sizes and verticals, choose to outsource IR to 3rd party service providers over handling security incidents in-house. Cynet is now launching a first-of-its-kind offering, enabling any Managed Security Provider (MSP) or Security

Firefox 69 Now Blocks 3rd-Party Tracking Cookies and Cryptominers By Default

THN - Wed, 04/09/2019 - 06:21
Mozilla has finally enabled the "Enhanced Tracking Protection" feature for all of its web browser users worldwide by default with the official launch of Firefox 69 for Windows, Mac, Linux, and Android. The company enabled the "Enhanced Tracking Protection" setting by default for its browser in June this year, but only for new users who downloaded and installed a fresh copy of Firefox.


Subscribe to Shiga Tecnologia aggregator