Browsing tag

cybersecurity

Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer

Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker to embed malicious code inside a document file, tricking users into running malware onto their computers. Discovered by researchers at Cymulate, the bug abuses the ‘Online Video‘ option in Word documents, a feature that allows […]

IBM Buys “Red Hat” Open-Source Software Company for $34 Billion

It’s been quite a year for the open source platforms. Earlier this year, Microsoft acquired popular code repository hosting service GitHub for $7.5 billion, and now IBM has just announced the biggest open-source business deal ever. IBM today confirmed that it would be acquiring open source Linux firm Red Hat for $190 per share in […]

Windows Built-in Antivirus Gets Secure Sandbox Mode – Turn It ON

Microsoft Windows built-in anti-malware tool, Windows Defender, has become the very first antivirus software to have the ability to run inside a sandbox environment. Sandboxing is a process that runs an application in a safe environment isolated from the rest of the operating system and applications on a computer. So that if a sandboxed application […]

Canada is Imitating EU’s GDPR, New Policy Takes Effect On Nov 2018

Canada has apparently imitated European Union’s GDPR, that is the latest news from the country’s Office of Privacy Commissioner of Canada (OPC). Under the new policy, starting November 2018, all companies operating in the Canadian territory are mandated to report breaches that happened in their organization to the OPC. The OPC through its directive is […]

New Privilege Escalation Flaw Affects Most Linux Distributions

  An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora. Xorg X server is a popular open-source implementation of the X11 system (display server) that offers a graphical environment to a wider range of hardware […]

North Korea Backed Two Cryptocurrency Scams This Year, Says Report

The North Korean government, as per a new report, has sponsored at least two cryptocurrency scams this year. Recorded Future, the cybersecurity firm headquartered in Boston, U.S, had recently published a report in which details about these scams are given. The report, titled ‘Shifting Patterns in Internet Use Reveal Adaptable and Innovative North Korean Ruling […]

Facebook Fined £500,000 for Cambridge Analytica Data Scandal

  Facebook has finally been slapped with its first fine of £500,000 for allowing political consultancy firm Cambridge Analytica to improperly gather and misuse data of 87 million users. The fine has been imposed by the UK’s Information Commissioner’s Office (ICO) and was calculated using the UK’s old Data Protection Act 1998 which can levy […]

Google Makes 2 Years of Android Security Updates Mandatory for Device Makers

When it comes to security updates, Android is a real mess. Even after Google timely rolls out security patches for its Android platform, a major part of the Android ecosystem remains exposed to hackers because device manufacturers do not deliver patches regularly and on a timely basis to their customers. To deal with this issue, […]

Russian Research Lab Aided the Development of TRITON Industrial Malware

Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia. TRITON, also known as Trisis, is a piece of ICS malware designed to […]

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the vulnerability that appears to be a privilege escalation flaw […]

Critical Code Execution Flaw Found in LIVE555 Streaming Library

Security researchers have discovered a serious code execution vulnerability in the LIVE555 streaming media library—which is being used by popular media players, along with a number of embedded devices capable of streaming media. LIVE555 streaming media, developed and maintained by Live Networks, is a set of C++ libraries companies and application developers use to stream […]

Cybersecurity in Trading and Forex: What You Need to Know

While cyber attacks occur almost daily in the world, sometimes with catastrophic results, we do not hear about successful attempts of disrupting the world’s largest financial market. Are the systems that support the trading of currencies in the number of trillions of dollars every day impenetrable to hacks, or is the Forex market so secure, […]

Pentagon Employee Data Breach, An Eye-Opener

Pentagon, the center of defense of the world’s only superpower: The United States of America embarrassingly admitted that the organization is one of the latest victims of a security breach, affecting the personal and financial information of its employees. This came from a system handled by a 3rd party contractor, not directly managed by the […]

Safe Computing Practices for Today’s 24/7 Internet Connected World

Cybersecurity is the responsibility of everyone, as the weakest chain in the link is human-computer operators. Cybercriminals have an easy time to penetrate computer systems and networks if users remain complacent, neglecting to play their role in the equation of being the front lines of security. In this article, we provide a few tips on […]

Startup Firms at the Age of Growing Cybercrimes

At the turn of the new century, 2000 AD, the dependence of people and companies with technology has been integrated than ever before. Cybersecurity companies and penetration testing teams are being organized left and right to fill the gap of security. Companies that are operating a business that has nothing to do with IT can […]

Formjacking in the Nutshell

Due to the diligence of the cybercriminals with their research and development of malware, from time-to-time, new words are introduced in the dictionary. They are are also contributing to the growth of the language. The newest word in the cybersecurity sector today is Formjacking. It is a form of Javascript-code injection when cybercriminals hack a […]

Aspire Health, Another Healthcare Firm as a Phishing Victim

Aspire Health, through its federal court record, has revealed that it was a victim of a nasty phishing attack through email that exposed patients’ records to unknown parties this September 2018. The Nashville-based medical-care firm which operates in 25 states in the U.S. has lost control of highly confidential 124 emails detailing patient information. The […]

The Importance of the IT Team in an Organization

The business of IT comes with its own strength and weaknesses. The job of system administrators is usually only seen with a level of importance when there is a problem in the network and the rest of the computing environment. Nobody will approach a system admin and the IT team due to their systems working […]

Hackers in the Age of Bounty Programs

The popular culture has depicted hackers as evildoers in movies, in TV series and even in the primetime news. However, the commodification of technology-enabled our modern environment of patch-cycles and hotfix treadmills. We use bloated software every day, and the size of the software is not decreasing, it followed the trend of Moore’s Law for […]