News

0 Comments
A few days before the doors opened on SAP Sapphire Now 2019, SAP customers were likely alarmed by a Reuters headline that their systems are vulnerable to hackers. The SAP exploit was not new, but the potential damage to SAP systems and data was considerable. Onapsis Inc., a Boston-based security and compliance monitoring software company,
0 Comments
In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe for years. GozNym was created by combining two known powerful Trojans—Gozi ISFB malware,
0 Comments
Security researchers have continued tracking WannaCry infections and have seen the ransomware spread to nearly 5 million vulnerable devices in the past two years. The initial WannaCry attacks occurred in May 2017 and caused massive damage before security researcher Marcus “MalwareTech” Hutchins inadvertently discovered a kill switch for the ransomware by registering a dummy URL
0 Comments
It’s Patch Tuesday—the day when Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users’ interaction. Out of 79 vulnerabilities, 18
0 Comments
Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices. After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre
0 Comments
At the company’s I/O 2019 developer conference, Google has announced its plan to introduce two new privacy and security-oriented features in the upcoming versions of its Chrome web browser. In an attempt to allow users to block online tracking, Google has announced two new features—Improved SameSite Cookies and Fingerprinting Protection—that will be previewed by Google
0 Comments
Most organizations are falling behind when it comes to addressing the cybersecurity skills shortage, a new study found. And the effects of the shortage are worsening. In its third year, the study conducted by the Information Systems Security Association (ISSA) and analyst firm Enterprise Strategy Group (ESG) surveyed 267 cybersecurity professionals worldwide. The cybersecurity skills
0 Comments
When evaluating an identity and access management platform, the benefits far outweigh any drawbacks. That said, only a few identity and access management risks need to be considered when designing an IAM implementation and ongoing maintenance processes. For example, it’s important to note that as you begin to centralize the management of usernames and authentication
0 Comments
With your plan of attack in hand, building data gathered from the data request, a flashlight and notebook, you can begin to perform the building security assessment. Here are some examples to consider as part of the review that are relative to the hierarchy of systems identified in part one of this series. Editor’s note:
0 Comments
The United States Justice Department today announced charges against a Chinese hacker and his hacking team member for their alleged role in the 2015 massive data breach at health insurance giant Anthem and three other unnamed American companies. Fujie Wang (王 福 杰) and another hacker named John Doe with three different aliases—Deniel Jack, Kim
0 Comments
Researchers from Chinese cybersecurity firm Qihoo 360’s NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. While monitoring a malicious domain, www.magento-analytics[.]com, for over last seven months, researchers found that the attackers have been injecting malicious JS scripts
0 Comments
Cybercriminals are turning their attention away from consumers to focus on businesses, a recent report from Malwarebytes found. According to the “Cybercrime Tactics and Techniques Q1 2019” report, overall detections of enterprise security threats are rising steadily. While consumer detections declined by almost 40% from the final quarter of 2018, business detections increased by about
0 Comments
Wyzant—an online marketplace that makes it easy for parents and students to connect with private tutors, in-person and online, in over 250 different subjects—has suffered a data breach exposing “certain personal identification information” for its customers. The Hacker News received a copy of an email notification Wyzant recently sent to its affected customers, which reveals
0 Comments
The Information Technology industry has seen exponential growth over the years. It is essential for everyone to earn cybersecurity certification if you want to be a part of this growing industry. Organizations always prefer employees with strong internationally-recognized professional certifications. It proofs your skills, knowledge, and gives more credibility to advance your career. IT Certification
0 Comments
Editor’s note Once considered an afterthought in software design, application security is increasingly top of mind for developers. The way applications are used these days — accessed over networks — invites a variety of potential threats. Frequent testing and adherence to application security best practices can limit the possibility of unauthorized code being used to
0 Comments
Europol announced the shut down of two prolific dark web marketplaces—Wall Street Market and Silkkitie (also known as Valhalla)—in simultaneous global operations against underground websites for trading drugs, stolen credit card numbers, malicious software, and other illegal goods. Police in western Germany has also arrested three men who were allegedly running Wall Street Market, the
0 Comments
If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers. Dell SupportAssist, formerly known as Dell System Detect, checks the health of your
0 Comments
WikiLeaks founder Julian Assange has been sentenced to 50 weeks—for almost a year—in prison by a London court for breaching his bail conditions in 2012 and taking refuge in the Ecuadorian embassy for nearly 7 years. The 47-year-old Assange was arrested last month by London’s Metropolitan Police Service after the Ecuadorian government suddenly withdrew his
0 Comments
On Jan. 4, 2018, Facebook CEO Mark Zuckerberg posted his New Year’s resolution, vowing to fix Facebook’s various issues with abuse, election interference and misinformation campaigns. But a timeline of events since then shows a bevy of Facebook security and data privacy issues. In February 2018, Facebook was found guilty in German and Belgian courts
0 Comments
A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. The affected email clients include Thunderbird, Microsoft Outlook, Apple Mail with GPGTools, iOS Mail, GpgOL, KMail, Evolution, MailMate, Airmail, K-9 Mail,