News aggregator

Someone Hacked PHP PEAR Site and Replaced the Official Package Manager

THN - Wed, 23/01/2019 - 07:43
Beware! If you have downloaded PHP PEAR package manager from its official website in past 6 months, we are sorry to say that your server might have been compromised. Last week, the maintainers at PEAR took down the official website of the PEAR ( after they found that someone has replaced original PHP PEAR package manager (go-pear.phar) with a modified version in the core PEAR file

DHS Orders U.S. Federal Agencies to Audit DNS Security for Their Domains

THN - Wed, 23/01/2019 - 05:31
The U.S. Department of Homeland Security (DHS) has today issued an "emergency directive" to all federal agencies ordering IT staff to audit DNS records for their respective website domains, or other agency-managed domains, within next 10 business days. The emergency security alert came in the wake of a series of recent incidents involving DNS hijacking, which security researchers with "

Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems

THN - Tue, 22/01/2019 - 14:50
Just in time… Cybersecurity experts this week fighting over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification just because APT on Linux also does the same. Just today, a security researcher revealed details of a critical remote code execution flaw in Linux APT, exploitation of which could have been mitigated if the

Rogue websites can turn vulnerable browser extensions into back doors

Sophos - Naked Security - Tue, 22/01/2019 - 10:46
A researcher has found that websites can use some extensions to bypass security policies, execute code, and even install other extensions.

Bicycle-riding hitman convicted with Garmin GPS watch location data

Sophos - Naked Security - Tue, 22/01/2019 - 09:28
Location data extracted from the athletic hitman's Garmin GPS watch and TomTom sat nav led to his conviction in two gangland murders.

WhatsApp fights the spread of deadly fake news with recipient limit

Sophos - Naked Security - Tue, 22/01/2019 - 08:28
WhatsApp has capped the number of people you can forward messages to, after India was seized by rumour-inspired mob lynchings.

DNC targeted by Russian hackers beyond 2018 midterms, it claims

Sophos - Naked Security - Tue, 22/01/2019 - 05:02
The Democratic National Committee has filed a civil complaint accusing Russia of trying to hack its computers as recently as November 2018.

Google fined $57 million by France for lack of transparency and consent

THN - Mon, 21/01/2019 - 16:54
The French data protection watchdog CNIL has issued its first fine of €50 million (around $57 million) under the European Union's new General Data Protection Regulation (GDPR) law that came into force in May last year. The fine has been levied on Google for "lack of transparency, inadequate information and lack of valid consent regarding the ads personalization," the CNIL (National Data

New malware found using Google Drive as its command-and-control server

THN - Mon, 21/01/2019 - 13:37
Since most security tools also keep an eye on the network traffic to detect malicious IP addresses, attackers are increasingly adopting infrastructure of legitimate services in their attacks to hide their malicious activities. Cybersecurity researchers have now spotted a new malware attack campaign linked to the notorious DarkHydrus APT group that uses Google Drive as its command-and-control (

Twitter bug exposed some Android private tweets to public view

Sophos - Naked Security - Mon, 21/01/2019 - 11:17
The latest privacy glitch, which went unnoticed for over four years, may trigger yet another EU privacy probe.

Attackers used a LinkedIn job ad and Skype call to breach bank’s defences

Sophos - Naked Security - Mon, 21/01/2019 - 11:05
A Chilean Senator has taken to Twitter with alarming news – the company running the country’s ATM network suffered a serious cyberattack.

State agency exposes 3TB of data, including FBI info and remote logins

Sophos - Naked Security - Mon, 21/01/2019 - 10:39
Oklahoma’s Department of Securities (ODS) exposed 3TB of files in plain text containing sensitive data on the public internet this month.

Tim Cook demands a way for users to delete their personal data

Sophos - Naked Security - Mon, 21/01/2019 - 09:33
The Apple CEO wants the FTC to set up a data-broker clearinghouse so people can see the data that companies have collected on them.

Monday review – the hot 23 stories of the week

Sophos - Naked Security - Mon, 21/01/2019 - 08:07
From WhatsApps that aren't meant for you to the highly promising USB-C authentication, and everything in between. It's weekly roundup time.

Alleged Russian Hacker Pleads Not Guilty After Extradition to United States

THN - Mon, 21/01/2019 - 07:42
A Russian hacker indicted by a United States court for his involvement in online ad fraud schemes that defrauded multiple American companies out of tens of millions of dollars pleaded not guilty on Friday in a courtroom in Brooklyn, New York. Aleksandr Zhukov, 38, was arrested in November last year by Bulgarian authorities after the U.S. issued an international warrant against him, and was

Serious Security: What 2000 years of cryptography can teach us

Sophos - Naked Security - Sat, 19/01/2019 - 22:08
Here's a fascinating history of cryptography that has plenty to teach you - and you don't need a degree in mathematics to follow along!

Vast data-berg washes up 1.16 billion pwned records

Sophos - Naked Security - Fri, 18/01/2019 - 10:33
Have I Been Pwned? (HIBP) has revealed a huge cache of breached email addresses and passwords, which it has named Collection #1.

Google cracks down on access to your Android phone and SMS data

Sophos - Naked Security - Fri, 18/01/2019 - 10:16
Android apps that want access to your call and SMS data now have to pass muster with Google's team of reviewers.

Did you know you can see the ad boxes Facebook sorts us into?

Sophos - Naked Security - Fri, 18/01/2019 - 09:49
...or that they can edit the (often inaccurate) pigeon-holes Facebook likes to put us in, a study found.


Subscribe to Shiga Tecnologia aggregator