Archive
Fake Ads that Lock Browsers Target Elders
A scam that was discovered last month that involved cyber-criminals invading Microsoft Azure Cloud Services reportedly remains ongoing. According to Malwarebytes’ threat intelligence team, the scam has continued but with a new trick: utilizing paid search results. Instead of targeting
On Monday, Sens. Mark Warner (D-Va.) and Josh Hawley (R-Mo.) proposed the Designing Accounting Safeguards to Help Broader Oversight and Regulations on Data, also known as the DASHBOARD Act, which would put strict requirements on data operators, according to CNBC
Breach at Dominion National Likely Began in 2010
Dental and vision benefits insurer and administrator Dominion National announced a data security incident in which the personal information of members was potentially compromised. “Safeguarding the privacy of your personal information is a top priority for us, and we make
At the EMEA Digital Identity Summit 2019 in London, Chris Parker, ecrime and digital lead, fraud response and recovery at the Royal Bank of Scotland, warned that cyber-criminals will always react and respond to better security methods, and so industry
Researchers from Netlab, discovered a website offering free and commercial proxy servers leveraging a huge botnet (Ngioweb) of hacked WordPress sites. Researchers from Netlab, discovered that Free-Socks.in proxy service is leveraging a huge botnet of hacked WordPress sites. According to
Network Penetration Testing determines vulnerabilities on the network posture by discovering Open ports, Troubleshooting live systems, services, port scans and grabbing system banners. Port Scanner is an application used to perform an open port scan with server or hosts. Open
Problems for the popular file transfer service WeTransfer, its staff discovered that some file transfer emails were sent to the wrong people. WeTransfer, the popular file transfer service, issued a security notice to inform users that file transfer emails were
Over 600,000 Oregon residents have been told their personal information may have been compromised after a successful phishing campaign against employees of the state’s Department of Human Services (DHS). The agency is sending 645,000 clients breach notices following a January
US Warns of Destructive Iranian Cyber-Attacks
A US government security agency has ratcheted up tension with Iran by warning that escalating state-sponsored attacks could turn destructive. The Cybersecurity and Infrastructure Security Agency (CISA) director, Christopher Krebs, said in a statement dated Saturday that Iranian “regime actors
A critical DLL hijacking vulnerability resides in PC-Doctor Dell Hardware Support Service software allows attackers to escalate the vulnerable systems privilege and gain persistence access. Dell SupportAssist is pre-installed software on hundreds of million Dell PCs that helps to check
Researchers discovered a fake photo editing apps which are used by cybercriminals to launch MobOk Malware that takes complete control of the infected Android device. Threat actors are targeting Android users through legitimate Google play store app and hiding this
NASA confirmed that hackers gained access to the Jet Propulsion Laboratory (JPL) last year and they able to steal 500MB of data that related to Mars missions. The hackers breached into NASA network in April 2018 and intrusion remains undetected
Botnet Abusing Android Debug Bridge, SSH is Back
A new cryptocurrency-mining botnet malware is abusing Android Debug Bridge (ADB) and SSH, according to Trend Micro. “This attack takes advantage of the way open ADB ports don’t have authentication by default, similar to the Satori botnet variant. This bot’s
Incomplete Fix Leads to New Kubernetes Bug
A new high-severity Kubernetes vulnerability has been discovered, according to security announcement on Securelists.org. As part of the ongoing Kubernetes security audit sponsored by the Cloud NativeComputing Foundation, the Kubernetes product security team announced a new high-severity vulnerability (CVE-2019-11246) that
Ethics and compliance programs are trending up, driven in large part by strong support from top executives, according to the 2019 Definitive Corporate Compliance Benchmark Report, published by NAVEX Global. The research revealed that when leadership buys in to the
Hundreds of Million Computers Potentially Exposed to Hack Due to a Flaw in PC-Doctor Component
Hundreds of million computers from many vendors may have been exposed to hack due to a serious flaw in PC-Doctor software. Experts at SafeBreach discovered that the Dell SupportAssist software, that comes preinstalled on most Dell PCs, was affected by