Browsing tag
Cybersecurity specialist reports mention that jQuery, the popular JavaScript library, has been compromised by an unusual prototype pollution vulnerability that could allow threat actors to modify a Javascript object prototype. It is estimated that the impact of this problem could be serious, considering that this library is currently used by more than 70% of the […]
A few days ago, a new Internet Explorer zero-day vulnerability was reported, which, if exploited, could allow an attacker to extract information from the compromised machines. Now, cybersecurity specialists from the International Institute of Cyber Security (IICS) report that malicious hackers could exploit this vulnerability to extract cryptocurrency stored on the exposed device. In the […]
We cannot stress enough on the fact that it is important to use passwords that aren’t easy to guess. Our online security lies in our hands. Keeping a simple and easy to guess password for your online accounts is akin to inviting trouble with arms wide open. A report by the UK’s National Cyber Security […]
For any enterprise today, a DDoS (Distributed Denial of Service) attack could mean a real headache. Such an attack could throw out of gear all business activities and all operations of a company. A DDoS attack, which is launched simultaneously from multiple hosts, would exhaust the resources of a network, service or application and access […]
With malware infestation, data breaches allegedly caused by state-funded actors and phishing attacks becoming headlines in both mainstream media and tech news sites, it is still not the main cause of concern for IT professionals. In a recent survey of IT professionals, 73% of the respondents believe that the main cause for concern is attacks […]
Once again Toyota Motor Corporation reported its second data breach. The first attack was in February, and it’s not clear whether the two incidents are related. The latest incident, revealed Friday, that a breach has affected its sales offices in Japan, breaching data of up to 3.1 million customers. In February, Toyota’s Australia branch announced […]
As the world is anticipating with the roll-out of 5G technology, which is promising to change how we deal with the mobile Internet, the intensity of Anti-Huawei propaganda has reached the European Commission. The United States has been pressuring other nations, especially its allies to boycott Huawei products, as it is part of the Chinese […]
A typical antivirus products and End Point services today generally speaking comes with two ways of detecting malware: Signature-based Heuristics The signature-based antivirus has evolved since the days of the earliest MS-DOS malware, but still follows the tried-and-tested formula of using sample part of the malware code in order to identify malware infection in the […]
Over the last few years, several gaming platform-based cyber attacks have come to light. Given the rise in microtransactions and in-game currency that is present in online multiplayer games and triple-A games, a large portion of the gaming community has become a prime target for hackers looking to attain payment details, personal information, and the […]
Ransomware played havoc in 2017, and later in 2019, we all thought that hackers have moved on to crypto jacking, which is a fast and reliable revenue source. Not done, because cybersecurity experts believe that IT managers should still worry about ransomware because attackers are one step ahead. They keep innovating new ways to evade […]
Phishers for decades have honed their skills of persuasion, that is why the art of fooling people through an Internet-messaging method is a huge business by cybercriminals. There is money to be earned by collecting personally identifiable information, either sell them to 3rd parties or use it for extortion and blackmail, especially if the victims […]
Google announced some major changes for its Android mobile operating system in October after the European Commission hit the company with a record $5 billion antitrust fine for pre-installing its own apps and services on third-party Android phones. The European Commission accused Google of forcing Android phone manufacturers to “illegally” tie its proprietary apps and […]
Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep. Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers […]
The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities. PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over SSH, Telnet, and Rlogin network protocols. Almost 20 months after releasing […]
Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original creators of Mirai botnet have already been arrested and jailed, variants […]
Google has recently released the first beta version of Android Q, the next upcoming version of Google’s popular mobile operating system, with a lot of new privacy improvements and other security enhancements. Android Q, where Q has not yet been named, offers more control over installed apps, their access, and permissions, and location settings; more […]
Photo by Terje Pedersen / NTB scanpix One of the world’s largest producers of aluminum has been forced to shut down several of its plants across Europe and the U.S. after an “extensive cyber attack” hit its operations, leaving companies’ IT systems unusable. According to a press release shared by Aluminum giant Norsk Hydro today, […]
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Red Hat, Debian, and also comes bundled within some distributions and […]
A hacker who was selling details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds has now put up a fourth batch of millions of records originating from 6 other sites for sale on the dark web. The Hacker News today received a new email from the Pakistani hacker, […]
Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn’t have an auto-update feature, which, unfortunately, leaves millions of its users vulnerable to cyber attacks. The critical vulnerability (CVE-2018-20250) that […]
If you are a Counter-Strike gamer, then beware, because 39% of all existing Counter-Strike 1.6 game servers available online are malicious that have been set-up to remotely hack gamers’ computers. A team of cybersecurity researchers at Dr. Web has disclosed that an attacker has been using malicious gaming servers to silently compromise computers of Counter-Strike […]