News

0 Comments
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan‘ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. SQLite is a
0 Comments
One of the many challenges network administrators face is controlling, securing and enforcing security policies on users’ smartphones, tablets and other mobile devices. To optimize both the functionality and the security of mobile devices while simultaneously protecting the corporate network, many organizations deploy a mobile device management (MDM) server to configure policies and applications and
0 Comments
“Profit is sweet, even if it comes from deception,” the playwright Sophocles wrote. Over two millennia later, the ancient Greek’s words still ring true. Or perhaps they need just a tweak — because now those “sweet” profits come because of deception. Deception technologies, that is. The market for deception security tech is expected to boom
0 Comments
Cybersecurity researchers have discovered a new zero-day vulnerability in Adobe Flash Player that hackers are actively exploiting in the wild as part of a targeted campaign appears to be attacking a Russian state health care institution. The vulnerability, tracked as CVE-2018-15982, is a use-after-free flaw resides in Flash Player that, if exploited successfully, allows an
0 Comments
Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit (also known as polkit)—an application-level toolkit for Unix-like operating systems that defines policies, handles
0 Comments
Australia’s House of Representatives has finally passed the “Telecommunications Assistance and Access Bill 2018,” also known as the Anti-Encryption Bill, on Thursday that would now allow law enforcement to force Google, Facebook, WhatsApp, Signal, and other tech giants to help them access encrypted communications. The Australian government argues the new legislation is important for national
0 Comments
Check Point researchers discovered WhatsApp vulnerabilities that can enable threat actors to get around the app’s end-to-end encryption and intercept, and even manipulate, messages. How do these attacks work? At the top of every WhatsApp chat, there is a message that either says, “Messages to this chat and calls are now secured with end-to-end encryption,”
0 Comments
Looking for an automated malware analysis software? Something like a 1-click solution that doesn’t require any installation or configuration…a platform that can scale up your research time… technology that can provide data-driven explanations… well, your search is over! Israeli cybersecurity and malware researchers today at Black Hat conference launch a revolutionary machine learning and artificial
0 Comments
Stratecast/Frost & Sullivan Information security, network security, cybersecurity: The industry is flooded with terms to describe how enterprises secure their network data. While the experience of wading through a mishmash of terminology to describe a specific operation or function is not limited to the networking industry, the use of various terms complicates the process of
0 Comments
Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern applications. Collaboration on open source projects throughout the community produces stronger code, squashing the bugs and catching the vulnerabilities that impact the security of organizations
0 Comments
Application security testing can present many questions, and one of the most common is which systems should be tested for vulnerabilities. Should testing be performed on systems in the development environment, the staging environment, the production system or some combination of those? Because clients are often pressured into testing applications used in production, there can
0 Comments
It seems as though not a day goes by without news spreading over another major cyber attack. Hackers are becoming increasingly efficient at targeting everything from small startups to Fortune 500 companies and even entire government agencies, and as the world moves further away from traditional types of warfare and more toward engaging in all-out
0 Comments
Mitre has entered the security product testing and evaluation fray, and the organization is using its Mitre ATT&CK framework to judge vendors. Seven vendors of endpoint detection and response (EDR) products submitted their endpoint security products to Mitre for evaluation testing. The objective of the evaluation was to demonstrate how the endpoint detection and response
0 Comments
The world’s biggest hotel chain Marriott International today disclosed that unknown hackers compromised guest reservation database its subsidiary Starwood hotels and walked away with personal details of about 500 million guests. Starwood Hotels and Resorts Worldwide was acquired by Marriott International for $13 billion in 2016. The brand includes St. Regis, Sheraton Hotels & Resorts,
0 Comments
Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a “cybersecurity incident” earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity on its network attempting to steal customer information, including their names, email addresses and hashed passwords. According
0 Comments
The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer hacking and fraud charges, the indictment unsealed today at New Jersey court revealed.
0 Comments
In the recent “Cybercrime tactics and techniques: Q3 2018” report by Malwarebytes, banking Trojans were found to be the number one most detected malware for both businesses and consumers. Why have banking Trojans surged this year and how have they evolved over the past quarter? We asked Adam Kujawa, director of malware intelligence at Malwarebytes,