News

0 Comments
Microsoft today finally released the first new reborn version of its Edge browser that the company rebuilds from scratch using Chromium engine, the same open-source web rendering engine that powers Google’s Chrome browser. However, the Chromium-based Edge browser builds haven’t yet entered the stable or even the beta release; instead, Microsoft has released two testing-purpose
0 Comments
Phishing scams and cyberattacks are on the rise, resulting in millions of dollars in company losses with every successful attempt. Hackers break in through a company network and gain access to all connected endpoints. Endpoint devices are internet-capable computer hardware devices on a TCP/IP network and include desktop computers, tablets and thin clients. As the
0 Comments
Security researchers found evidence that a Pipdig WordPress plugin contained suspicious code. Although Pipdig denied any wrongdoing, the company removed the questionable code from its plugin and repositories. Pipdig makes custom themes for WordPress and Blogger, as well as the Pipdig Power Pack (P3) WordPress plugin, which is installed by default along with any WordPress
0 Comments
BOSTON — Cybersecurity professionals are increasingly being asked to take on data privacy responsibilities as part of their job function, research from the Information Systems Security Association and analyst firm Enterprise Strategy Group revealed. The study surveyed 267 cybersecurity professionals, mostly from North America, and 40% of respondents claimed data privacy is a “significantly” new
0 Comments
IT administrators must walk the tightrope between locking down their systems and finding ways to manage those machines without tripping over internal controls. Microsoft offers a number of security-based technologies to help IT workers who need admin privileges correct many issues, such as Just Enough Administration and bastion forests. But these restrictions tend to be
0 Comments
Hackers yesterday stole nearly $19 million worth of cryptocurrency from Bithumb, the South Korea-based popular cryptocurrency exchange admitted today. According to Primitive Ventures’ Dovey Wan, who first broke the information on social media, hackers managed to compromise a number of Bithumb’s hot EOS and XRP wallets and transferred around 3 million EOS (~ $13 million)
0 Comments
A security researcher today publicly disclosed details and proof-of-concept exploits for two ‘unpatched’ zero-day vulnerabilities in Microsoft’s web browsers after the company allegedly failed to respond to his responsible private disclosure. Both unpatched vulnerabilities—one of which affects the latest version of Microsoft Internet Explorer and another affects the latest Edge Browser—allow a remote attacker to
0 Comments
Bad guys out, good guys in. This principle has long shaped how enterprises approach information security, anchored in the premise that IT environments can be protected from malicious activity simply by making the perimeter bigger, stronger and more resilient. It’s a model that evokes comparisons to castles and moats, but it carries a twinge of
0 Comments
Doing business in today’s connected world means dealing with a continually evolving threat landscape. With potential losses due to downtime following a breach, plus valuable client and proprietary information at risk, most organizations realize they cannot afford to be complacent. This puts extra onus on security IT teams, who are continuously left scrambling, looking for
0 Comments
The Federal Emergency Management Agency, or FEMA, is in hot water following a government report that found the agency improperly shared the personal data of millions of disaster victims. The Department of Homeland Security’s Office of Inspector General (OIG) found the FEMA data exposure affected 2.3 million disaster survivors that registered for the agency’s Transitional
0 Comments
Brace yourself guys. Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers. Sounds crazy, right? But it’s true. Microsoft Thursday announced that the company is bringing its anti-malware software to Apple’s macOS operating system as well—and to more platforms soon, like Linux. As a result, the technology giant renamed its
0 Comments
The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a small surgically implanted device (in patients’ chests) that gives a patient’s heart
0 Comments
A recent study uncovered the availability of SSL/TLS certificates on the dark web that are often packaged with crimeware services designed to help cybercriminals create malicious sites that appear safe. The study, which was conducted by researchers at the Evidence-Based Cybersecurity Research Group at Georgia State University and the University of Surrey, focused on the
0 Comments
Editor’s note: In 2013, Michael Cobb wrote how sad it was that the same handful of web application vulnerabilities… still vexed information security professionals. It’s even sadder that, six years later, these same flaws continue to stymie efforts to educate developers and mitigate vulnerabilities in web applications. OWASP revised its list of vulnerabilities in 2017.
0 Comments
Google announced some major changes for its Android mobile operating system in October after the European Commission hit the company with a record $5 billion antitrust fine for pre-installing its own apps and services on third-party Android phones. The European Commission accused Google of forcing Android phone manufacturers to “illegally” tie its proprietary apps and
0 Comments
Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep. Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers