Technology Solutions

 

IT Security Alert

The Hacker News Fri, 17 Jan 2020 03:29:45 PST
  • Broadening the Scope: A Comprehensive View of Pen Testing 

    Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used as a keystone in

  • Use iPhone as Physical Security Key to Protect Your Google Accounts 

    Great news for iOS users! You can now use your iPhone or iPad, running iOS 10 or later, as a physical security key for securely logging into your Google account as part of the Advanced Protection Program for two-factor authentication. Android users have had this feature on their smartphones since last year, but now Apple product owners can also use this advanced, phishing-resistant form of

  • Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA 

    After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What's so special about the latest Patch Tuesday is that one of the updates fixes a serious flaw in the core cryptographic component of widely used Windows 10, Server 2016 and 2019

  • Adobe Releases First 2020 Patch Tuesday Software Updates 

    Adobe today released software updates to patch a total of 9 new security vulnerabilities in two of its widely used applications, Adobe Experience Manager and Adobe Illustrator. It's the first Patch Tuesday for the year 2020 and one of the lightest patch releases in a long time for Adobe users. Moreover, none of the security vulnerabilities patched this month were either publicly disclosed or

  • Download Ultimate 'Security for Management' Presentation Template 

    There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, we'll refer to this individual as the CISO. This person is the

  • PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability 

    It's now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC

  • Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now! 

    Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems? If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla's website. Why the urgency? Mozilla earlier today released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a critical zero-day vulnerability in its browsing

  • Researchers Demonstrate How to Hack Any TikTok Account by Sending SMS 

    TikTok, the 3rd most downloaded app in 2019, is under intense scrutiny over users' privacy, censoring politically controversial content and on national-security grounds—but it's not over yet, as the security of billions of TikTok users would be now under question. The famous Chinese viral video-sharing app contained potentially dangerous vulnerabilities that could have allowed remote attackers

  • 3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group 

    Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store⁠—you have been hacked and being tracked. These newly detected malicious Android apps are Camero, FileCrypt, and callCam that are believed to be linked to Sidewinder APT, a sophisticated hacking group specialized in cyber

  • Are You Ready for Microsoft Windows 7 End of Support on 14th January 2020? 

    January 14, 2020, is a day cybersecurity stakeholders should pay attention to, as it marks the end of Microsoft support in Windows 7. From a security perspective, both the routine monthly security patches as well as hotfixes for attacks in the wild will not be available, effectively making any newly discovered vulnerability a Windows 7 zero-day. Cynet 360 autonomous breach protection is a

  • Xiaomi Cameras Connected to Google Nest Expose Video Feeds From Others 

    Internet-connected devices have been one of the most remarkable developments that have happened to humankind in the last decade. Although this development is a good thing, it also stipulates a high security and privacy risk to personal information. In one such recent privacy mishap, smart IP cameras manufactured by Chinese smartphone maker Xiaomi found mistakenly sharing surveillance footage

  • Landry's Restaurant Chain Suffers Payment Card Theft Via PoS Malware 

    Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale (POS) systems that allowed cybercriminals to steal customers' payment card information. Landry's owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outlets with over 60 different brands such as Landry's Seafood, Chart House, Saltgrass Steak House,

  • How Organizations Can Defend Against Advanced Persistent Threats 

    Advanced persistent threats (APTs) have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time. They typically perform complex hacks that allow them to steal or destroy data and resources. According to Accenture, APTs have been organizing themselves into groups that

  • The Best Templates for Posting Cybersecurity Jobs 

    The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage, and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO's top priority. Cynet's Ultimate Cybersecurity Job Posting Templates (download here) provide a list of the main responsibilities and skills for typical

  • Hacker Who Tried to Blackmail Apple for $100,000 Sentenced in London 

    A 22-year-old man who claimed to have access to over 300 million iCloud accounts and threatened to factory reset all accounts unless Apple pays ransom has pleaded guilty in London for trying to blackmail Apple. In March 2017, Kerem Albayrak from North London claimed to be a spokesman for a hacking group called the "Turkish Crime Family" and in possession of 319 million iCloud accounts.

  • Hackers Behind GozNym Malware Sentenced for Stealing $100 Million 

    Three members of an international organized cybercrime group that was behind a multi-million dollar theft primarily against U.S. businesses and financial institutions have been sentenced to prison, the U.S. Justice Department announced. The criminals used the GozNym banking Trojan to break into more than 4,000 victim computers globally, primarily in the United States and Europe, between 2015

  • Apple Opens Its Invite-Only Bug Bounty Program to All Researchers 

    As promised by Apple in August this year, the company today finally opened its bug bounty program to all security researchers, offering monetary rewards to anyone for reporting vulnerabilities in the iOS, macOS, watchOS, tvOS, iPadOS, and iCloud to the company. Since its launch three years ago, Apple's bug bounty program was open only for selected security researchers based on invitation and

  • Hackers Stole Customers' Payment Card Details From Over 700 Wawa Stores 

    Have you stopped at any Wawa convenience store and used your payment card to buy gas or snacks in the last nine months? If yes, your credit and debit card details may have been stolen by cybercriminals. Wawa, the Philadelphia-based gas and convenience store chain, disclosed a data breach incident that may have exposed payment card information of thousands of customers who used their cards at

  • Drupal Warns Web Admins to Update CMS Sites to Patch a Critical Flaw 

    If you haven't recently updated your Drupal-based blog or business website to the latest available versions, it's the time. Drupal development team yesterday released important security updates for its widely used open-source content management software that addresses a critical and three "moderately critical" vulnerabilities in its core system. Considering that Drupal-powered websites are

  • Top 5 Essential Features of Effective Cybersecurity for Web Apps 

    There's hardly any business nowadays that don't use computers and connect to the Internet. Companies maintain an online presence through their official websites, blogs, and social media pages. People use online services to conduct day to day activities like banking. And of course, there are many businesses that are completely based on the web like online markets, e-Commerce websites and

  • British Hacker Accused of Blackmailing healthcare Firms Extradited to U.S. 

    A British man suspected to be a member of 'The Dark Overlord,' an infamous international hacking group, has finally been extradited to the United States after being held for over two years in the United Kingdom. Nathan Francis Wyatt, 39, appeared in federal court in St. Louis, Missouri, on Wednesday to face charges related to his role in hacking healthcare and accounting companies in the U.S.

  • Google Offers Financial Support to Open Source Projects for Cybersecurity 

    Besides rewarding ethical hackers from its pocket for responsibly reporting vulnerabilities in third-party open-source projects, Google today announced financial support for open source developers to help them arrange additional resources, prioritizing the security of their products. The initiative, called "Patch Rewards Program," was launched nearly 6 years ago, under which Google rewards

  • LifeLabs Paid Hackers to Recover Stolen Medical Data of 15 Million Canadians 

    LifeLabs, the largest provider of healthcare laboratory testing services in Canada, has suffered a massive data breach that exposed the personal and medical information of nearly 15 million Canadians customers. The company announced the breach in a press release posted on its website, revealing that an unknown attacker unauthorizedly accessed its computer systems last month and stole customers

  • 14 Ways to Evade Botnet Malware Attacks On Your Computers 

    Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score. Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity. Solutions span a broad

  • The 2020 State of Breach Protection Survey – Call for Participation 

    2010-2019 decade will be remembered as the time in which cybersecurity became acknowledged as a critical concern for all organizations. With rapidly growing security needs and respective budgets, it is now more essential than ever for security decision-makers to zoom out of the 'products' mindset and assess their security stack in light of the overall breach protection value that their

Quick Heal Blog | Latest computer security news, tips, and advice Wed, 15 Jan 2020 14:13:09 +0000
  • STOP (Djvu) Ransomware: Ransom For Your Shady Habits! 

    With almost 200 extensions, STOP (djvu) ransomware can be said to be 2019’s most active and widespread ransomware. Although this ransomware was active a year before, it started its campaign aggressively in early 2019. To evade detection, it has been continuously changing its extensions and payloads. For earlier infections, data…

  • Security resolutions for 2020 to stay safe online! 

    As we are about to enter the new year, it’s ritualistic to reflect on our experiences from the passing year and make resolutions for the New Year. Most people make resolutions around good heath, their life goals, etc. Here is a different angle to our routine resolutions’ list – Security…

  • Skills that can help kids deal with cybersecurity challenges NOW & LATER 

    With the growing incidences of cyber-attacks, it has become indispensable for us to prepare our kids to face the challenges of cyber security head-on, rather than shy away from them. While schools do their best to make kids aware of the good and bad of using the internet, parents are…

  • Top Cyber-security trends affecting Windows users during 2019 

    The year 2019 saw several new and recurring incidences of cyber-attacks, giving enterprises sleepless nights and the general public a run for security cover. However, there were a few trending malware that kept creating havoc and continued to keep the security experts on toes! Here’s a quick insight on few…

  • Cybercrime not limited to Metro cities – Wake up call for Smaller cities of India! 

    Cyber-attacks and cybercrimes are no more only about metro cities of India. In fact, cyber criminals are quick to shift their attention to smaller cities, owing to the fact that people/businesses in smaller cities are less familiar with the need or importance of cyber security. This makes it easier for…

  • Pegasus like spyware could be snooping on you right now!! 

    The recent news of Pegasus spyware attack via WhatsApp that targeted lawyers, journalists and human rights activists, offers an astonishing revelation on the kind of havoc such spyware can create. We covered the topic extensively, recently. The frequent media buzz about the recent incident of snooping by Pegasus spyware which…

  • Quick Heal Supports Windows 10 November 2019 Update 

    Microsoft has recently come up with a new update for Windows 10 PCs, called Windows 10 November 2019 Update (Build Version 1909). Here we’ll list down some of the highlights of this update and see how Quick Heal is compatible with this OS. Highlights of Windows 10 November 2019 Update Enhanced…

  • This Children’s Day, pledge the online security of your kids! 

    It’s Children’s Day and there couldn’t be a better day to pledge the security of our young minds, not just in the physical world but also virtual world. While technology has improved our lives in ways beyond our control and provided our kids with an ocean of knowledge, we cannot…

  • Think loud! Can the regular delivery boy at your office launch a malware? 

    Most companies employ strict security practices when it comes to the security of their office and infrastructure. There are security guards to monitor the entry and exit, surveillance cameras in place for 360° view and system administrators to keep a check on the security of systems and networks. While most…

  • BlueKeep Attacks seen in the wild! 

    CVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user’s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,…

Troy Hunt's Blog Wed, 15 Jan 2020 11:37:03 GMT
WeLiveSecurity Sat, 18 Jan 2020 04:21:21 +0000
How can we help
  • Virus Removal Experts
  • All Desktop & Notebook Repairs
  • Screens, Motherboards, Hard drives
  • Soldering Jobs
  • Networking
  • Custom Builds
  • Website Design
What We Do