Posts From Mo Moin

Dell has released a security alert letting customers know that they should update SupportAssist for both business and home PCs. The vulnerability was discovered by SafeBreach security researcher Peleg Hadar, who wrote that the OEM software vulnerability puts multiple laptops

Canada’s largest credit union and one of the world’s largest banks, Desjardins, published a security advisory after a former employee gained unauthorized access to the data of 2.9 million members. The former employee was fired as a result of the

Russia-Linked cyberespionage group Turla uses a new toolset and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Russia-linked Turla cyberspiesused a new set of tools in new attacks and hijacked command and control infrastructure operated by Iran-Linked OilRig

While the debate on the 5G rollout has focused on Huawei, the work has been much wider and had to consider attacks and technical precision, according to the NCSC. Presenting at Chatham House in London, NCSC CEO Ciaran Martin said

ESET has warned of cross-platform software which is used to mine cryptocurrency. Named LoudMiner, the malware uses virtualization software – QEMU on macOS and VirtualBox on Windows – to mine cryptocurrency on a Tiny Core Linux virtual machine. LoudMiner is

First time Kali Linux unveils a roadmap that highlights the changes and the new features coming to Kali Linux in the following year. The Kali Linux team is “trying to balance our efforts between changes that are user facing and

Microsoft released a new security update with the fixes of Spoofing vulnerability affected an Outlook for Android that allows attackers to perform Cross-site Scripting attacks in vulnerable android device. A spoofing attack is a method of fraudulent or malicious practice

Waterbug APT Hackers used hijacked infrastructure to attack governments and international organizations through various campaigns using new and publically available malware. The group also use living off the land for executing process on the systems. Symantec observed the targeted attack

An email phishing scam tries to dupe its victims by appearing to be from the Department of Homeland Security (DHS). According to a June 18 US CERT alert, the email lures users into downloading malware through a malicious attachment. “The

The vast majority of mobile apps store data insecurely, according to Positive Technologies researchers who discovered high-risk security vulnerabilities in 38% of iOS apps and 43% of Android apps. “But this difference is not significant, and the overall security level

Over the past decade, California has had the highest number of data breaches and the greatest number of records exposed, according to new research from Comparitech. In the new report, Protected: Which States Have the Most Data Breaches?, researchers analyzed

Proactive Controls for Software developers describing the more critical areas that software developers must focus to develop a secure application. The OWASP Top 10 Proactive Controls 2018 contains a list of security techniques that every developer should consider for every

Samba released security updates for a couple of vulnerabilities that could cause Denial of Service in dnsserver and LDAP server crash. Denial of Service in DNS Server The vulnerability allows an authenticated user to crash the RPC server via a

A Florida city has agreed to pay cyber-criminals $600,000 to regain access to computer systems encrypted with ransomware, highlighting the continued threat to organizations from extortion-based attacks. The Riviera Beach City Council voted unanimously to pay off the hackers, after

Trojan horse definition A Trojan or Trojan horse is a variety of malware that disguises itself as something you want in order to trick you into letting it through your defenses. Like other types of malware, a Trojan is deployed

Data breaches are so common that even a theft of a billion records of seriously confidential information barely makes the news. It’s business as usual. Part of the problem is that all the data breaches involving our data become melded