Posts From Shah Sheikh
Managed Firewall for Financial Applications
News of the second Kmart credit-card breach in three years at the retailer and the number of breaches at financial institutions doubling this year over the same period 2016 should raise security concerns. Last month, Sears Holdings, the parent company
Siemens patches critical Intel AMT flaws
Two critical vulnerabilities have been patched by Siemens. The first one is related to Intel AMT (Active Management Technology) which is a function of certain Intel processors. The vulnerability allows an attacker to gain system privileges. The second vulnerability allows
Researchers have recently discovered a critical vulnerability affect governmental sectors such as public health systems, population registration, and justice system. The flaw resides in the secure communication protocol. Basically, the OSCI-Transport communication library which is widely used and critical to
Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins, that is currently being used in over 300,000 websites. The plugin enables site administrators to get detailed information related to
8track’s 18 Million User Account Details Hacked
8track’s revealed that the details of millions of users of the their internet radio service and music social network have been stolen by hackers. The following message was posted in it’s corporate blog after the hack: “We received credible reports
Ransomware, the most popular topic worldwide and how it has caused chaos around the world by affecting hospitals, ATMs, shipping companies, governments, airports and car companies to completely shut down their operations. In recent news, we heard about WannaCry and
Microsoft is warning sysadmins to check their Azure Active Directory Connect configurations and implement a patch against a credential-handling vulnerability. Microsoft Azure AD (Active Directory) is often used by enterprises to provide employees and business partners single sign-on access to
Once again worldwide organizations of all sizes are experiencing productivity losses due to their computer systems outage, thanks to recent ransomware, “Petya” outbreak. This particular outbreak is an eye opener for all organizations to realize cybersecurity is as important as
New Petya – Not a Ransomware
In recent news, we heard of a new ransomware outbreak, Petya ransomware, that affected several computers in Russia, Ukraine, France, India and the United States and demands $300 for recovering the encrypted files. The ransomware does not have any intention
Systemd, a popular init system and service manager for Linux operating systems, that could allow attackers to remotely trigger buffer overflow and execute malicious code via a DNS response. The vulnerability resides in ‘dns_packet_new’ function of ‘systemd-resolved’, a DNS response
NIST Security Noise
There is quite a bit of NIST security noise that should not be dismissed. Whether you are a federal agency or not, NIST has significant meaning for you. The National Institute of Standards Technology (NIST) is a lab and federal
IoT related Malware Activity has Doubled
The number of new malware samples targeting connected internet-of-things (IoT) devices this year has already more than doubled compared to 2016’s total. Honeypots laid out by Kaspersky Lab researchers mimicking a number of connected devices running Linux have attracted more
Password Reset MITM
Researchers have demonstrated that attackers can set up a malicious website and use users account registration process to successfully perform a password reset process on a number of popular websites and messaging mobile applications. The Password Reset Man in the
Skype- Zero Day Vulnerability Discovered
A critical vulnerability has been discovered on Skype, a Microsoft-owned free web messaging and voice calling service, that can allow an attacker to execute malicious code and crash the system remotely. The vulnerability was discovered during a team conference call
Protecting Cloud Environment from Ransomware
The cloud technology which is becoming the key to faster collaboration and data transfer is also enabling cybercriminals to quickly spread ransomware. Businesses are moving to the cloud, taking advantage of the increased speed and efficiency it provides for data transfer and
Windows 10 S
Windows 10 S, a latest version of Windows unveiled by Microsoft at the 2017 Developer Conference and primarily focused towards schools and the education sector. The operating system does not allow any applications other than those installed from the Windows
