News aggregator

Hacker who reported flaw in Hungarian Telekom faces up to 8-years in prison

THN - Fri, 01/02/2019 - 12:56
Many of you might have this question in your mind: "Is it illegal to test a website for vulnerability without permission from the owner?" Or… "Is it illegal to disclose a vulnerability publicly?" Well, the answer is YES, it’s illegal most of the times and doing so could backfire even when you have good intentions. Last year, Hungarian police arrested a 20-year-old ethical hacker accused of

Linux user? Check those patches! Public exploit published for systemd security holes…

Sophos - Naked Security - Fri, 01/02/2019 - 12:09
A pair of bugs in a very widely used Linux system tool called systemd have just been "weaponised" - check you're patched!

Credential dump contains another 2.2 billion pwned accounts

Sophos - Naked Security - Fri, 01/02/2019 - 11:32
How many user credentials have fallen into the hands of criminals during a decade of data breaches? Billions, according to two recent discoveries.

Hacker talks to baby through Nest security cam, jacks up thermostat

Sophos - Naked Security - Fri, 01/02/2019 - 10:41
Yet another family unnerved by yet another voice coming from a nursery webcam serves as yet another argument against password reuse.

Microsoft Azure data deleted because of DNS outage

Sophos - Naked Security - Fri, 01/02/2019 - 09:57
Users of Microsoft’s Azure system lost database records as part of a mass outage on Tuesday. A combination of DNS problems and automated scripts were to blame, said reports.

Google says sorry for pulling a Facebook with monitoring program

Sophos - Naked Security - Fri, 01/02/2019 - 08:32
It was using the same Apple enterprise back door as Facebook to get its market research done, but it owned up and backed off.

New Mac Malware Targets Cookies to Steal From Cryptocurrency Wallets

THN - Fri, 01/02/2019 - 08:32
Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts. Dubbed CookieMiner due to its capability of stealing cookies-related to cryptocurrency exchanges, the malware has specifically been designed to target Mac users and is believed to be based on

Update now! Chrome and Firefox patch security flaws

Sophos - Naked Security - Thu, 31/01/2019 - 11:54
Google and Mozilla are tidying up security features and patching vulnerabilities in Chrome and Firefox for Mac, Windows, and Linux.

14k HIV+ records leaked, Singapore says sorry

Sophos - Naked Security - Thu, 31/01/2019 - 11:50
Singapore's Ministry of Health said the HIV status of 14,200 people, plus confidential data of 2,400 of their contacts, is in the possession of somebody who's not authorized to have it and who's published it online.

Phone cloner gets 65 months in jail

Sophos - Naked Security - Thu, 31/01/2019 - 11:04
A US court has sentenced a man to over five years for his part in a massive telecommunications fraud involving stolen cellphone accounts and reprogrammed phones.

Apple kicks Facebook’s snoopy Research app out of the App Store

Sophos - Naked Security - Thu, 31/01/2019 - 10:51
It was paying people, including teens, up to $20 to install an app that got root access for “nearly limitless access,” encryption or no.

Airbus Suffers Data Breach, Some Employees' Data Exposed

THN - Thu, 31/01/2019 - 07:08
European airplane maker Airbus admitted yesterday a data breach of its "Commercial Aircraft business" information systems that allowed intruders to gain access to some of its employees' personal information. Though the company did not elaborate on the nature of the hack, it claimed that the security breach did not affect its commercial operations. So, there's no impact on aircraft production.

FBI Mapping 'Joanap Malware' Victims to Disrupt the North Korean Botnet

THN - Thu, 31/01/2019 - 06:03
The United States Department of Justice (DoJ) announced Wednesday its effort to "map and further disrupt" a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade. Dubbed Joanap, the botnet is believed to be part of "Hidden Cobra"—an Advanced Persistent Threat (APT) actors' group often known as Lazarus Group and Guardians of

Ep. 017 – DNS hijacking, a weird breach and a cybersecurity confession [PODCAST]

Sophos - Naked Security - Wed, 30/01/2019 - 14:21
Here's the latest Naked Security podcast - enjoy!

Matrix under the microscope: what a niche ransomware can teach us

Sophos - Naked Security - Wed, 30/01/2019 - 12:07
The malware middle ground is full of journeymen, wallflowers and also-rans that'll bite you hard, if you let them.

Sophos Home’s been updated, and it’s got some cool new features

Sophos - Naked Security - Wed, 30/01/2019 - 12:04
There’s a new version of Sophos Home out today, and it comes with a whole host of new features.

Privilege escalation vulnerability uncovered in Microsoft Exchange

Sophos - Naked Security - Wed, 30/01/2019 - 10:25
A researcher has discovered an alarming way that an attacker controlling a Microsoft Exchange mailbox account could potentially elevate their privileges to become a Domain Administrator.

Firefox makes it easier for users to dodge ad-trackers

Sophos - Naked Security - Wed, 30/01/2019 - 10:07
Firefox has introduced a new set of controls to make it easier for privacy-conscious users to protect themselves from online ad trackers.

It’s mop-up time for WebStresser DDoS-for-hire users

Sophos - Naked Security - Wed, 30/01/2019 - 09:56
Cops from 14 countries are seeking to inflict a bit of distributed denial-of-freedom to whoever's behind 6 million around-the-globe attacks.

Scammers steal social media videos to wring hearts and wallets

Sophos - Naked Security - Wed, 30/01/2019 - 09:43
They're putting up fake accounts to bilk the tender-hearted for donations, using the images of a real 5-year-old with real cerebral palsey.


Subscribe to Shiga Tecnologia aggregator