Technology Solutions

 

IT Security Alert

The Hacker News Mon, 11 Nov 2019 07:44:48 PST
  • Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame 

    ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum users, the company confirmed The Hacker News. With nearly 100 million downloads, ZoneAlarm offers antivirus software, firewall, and additional virus protection solutions to home PC users, small businesses, and mobile

  • Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password 

    Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon's Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network. In case you don't own one of these, Amazon's Ring Video Doorbell is a smart wireless home

  • Gartner Says the Future of Network Security Lies with SASE 

    Cloud services and networking are driving the concept of digital businesses, yet traditional networking and cybersecurity architectures are far from meeting the demands of the digital business. Gartner's "The Future of Network Security Is in the Cloud" report spells out the potential for the transformation of networking and security in the cloud, built upon a new networking and security model

  • Rogue TrendMicro Employee Sold Customer Data to Tech Support Scammers 

    Do you always uncomfortable trusting companies with your data? If so, you're not alone. While companies do much to protect themselves from external threats, insiders always pose the highest risk to a company's data. Unfortunately, when we say companies can't eliminate insider threat completely, cybersecurity firms, who are meant to protect others, are not an exception. Cybersecurity firm

  • Two Former Twitter Employees Caught Spying On Users For Saudi Arabia 

    Two former employees of Twitter have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government, likely with the purpose of unmasking the identity of dissidents. According to an indictment filed on November 5 and unsealed just yesterday, one of the charged Twitter employees, American citizen Ahmad Abouammo, left the company in May 2015 and the

  • Facebook Reveals New Data Leak Incident Affecting Groups' Members 

    Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorizedly access this information were primarily social media management and video streaming apps that let

  • Explained: How New 'Delegated Credentials' Boosts TLS Protocol Security 

    Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections. In short, the new TLS protocol extension aims

  • PPT Template: Build Your 2020 Security Plan 

    The end of the year is coming, and it's time for security decision-makers to make plans for 2020 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive2020 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an

  • Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light 

    A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the targeted device instead of using spoken words. Dubbed 'Light Commands,' the hack relies on a vulnerability in MEMS microphones embedded in widely-used popular voice-controllable systems that unintentionally

  • Targeted Ransomware Attacks Hit Several Spanish Companies 

    Everis, one of the largest IT consulting companies in Spain, suffered a targeted ransomware attack on Monday, forcing the company to shut down all its computer systems until the issue gets resolved completely. Ransomware is a computer virus that encrypts files on an infected system until a ransom is paid. According to several local media, Everis informed its employees about the devastating

  • Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig 

    If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you. A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow

  • First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild 

    Cybersecurity researchers have spotted a new cyberattack that is believed to be the very first but an amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining. In May this year, Microsoft released a patch for a highly-critical remote code execution flaw, dubbed BlueKeep, in its Windows Remote Desktop Services

  • New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now! 

    Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are

  • Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages 

    A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center

  • Leading Web Domain Name Registrars Disclose Data Breach 

    Another day, another massive data breach—this time affecting a leading web technology company, as well as both of its subsidiaries, from where millions of customers around the world have purchased domain names for their websites. The world's top domain registrars Web.com, Network Solutions, and Register.com disclosed a security breach that may have resulted in the theft of customers' account

  • Two Hackers Who Extorted Money From Uber and LinkedIn Plead Guilty 

    Two grey hat hackers have pleaded guilty to blackmailing Uber, LinkedIn, and other U.S. corporations for money in exchange for promises to delete data of millions of customers they had stolen in late 2016. In a San Jose courthouse in California on Wednesday, Brandon Charles Glover (26) of Florida and Vasile Mereacre (23) of Toronto admitted they accessed and downloaded confidential corporate

  • 5 Places Where Hackers Are Stealthily Stealing Your Data In 2019 

    Skyrocketing data breaches bring incalculable losses to organizations and can cost cybersecurity executives their jobs. Here we examine the top five places in 2019 where cybercriminals are stealing corporate and government data without ever getting noticed and then learn how to avoid falling victim to unscrupulous attackers. 1. Misconfigured Cloud Storage 48% of all corporate data is

  • Hackers Target Indian Nuclear Power Plant – Everything We Know So Far 

    A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant. Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage widely suggesting a piece of malware has compromised "mission-critical systems" at the Kudankulam

  • Facebook Sues Israeli NSO Spyware Firm For Hacking WhatsApp Users 

    Finally, for the very first time, an encrypted messaging service provider is taking legal action against a private entity that has carried out malicious attacks against its users. Facebook filed a lawsuit against Israeli mobile surveillance firm NSO Group on Tuesday, alleging that the company was actively involved in hacking users of its end-to-end encrypted WhatsApp messaging service.

  • Mysterious malware that re-installs itself infected over 45,000 Android Phones 

    Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices. Dubbed Xhelper, the malware has already infected more than 45,000 Android devices in just the last six months and is continuing to spread by

  • The Pirate Bay was recently down for over a week due to a DDoS attack 

    It seems like the prolonged downtime and technical difficulties faced by The Pirate Bay over the past several weeks were due to a series of distributed denial of service (DDoS) attacks against the widely-popular torrent website by malicious actors. For those unaware, The Pirate Bay was down for more than a week with most visitors displayed a Cloudflare error mentioning that a "bad gateway" is

  • How MSPs can become Managed Detection and Response (MDR) Providers 

    Managed detection and response (MDR) is one of the fastest-growing segments in the cybersecurity market. ESG research from April 2019 reveals that 27% of organizations are actively pursuing an MDR project, while another 11% plan to pursue an MDR project in the future. Cynet now enables service providers to add MDR to their portfolio and gain an important competitive advantage over

  • Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics 

    As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers. Microsoft has issued a short notice, warning about a new wave of highly targeted cyberattacks by a group of Russian state-sponsored hackers attempting to hack over a dozen anti-doping authorities and

  • UniCredit Bank Suffers 'Data Incident' Exposing 3 Million Italian Customer Records 

    UniCredit, an Italian global banking and financial services company, announced today that it suffered a security incident that leaked some personal information belonging to at least 3 million of its domestic customers. Officially founded in 1870, UniCredit is Italy's biggest banking and financial services and one of the leading European commercial banks with more than 8,500 branches across 17

  • New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers 

    If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely. The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the wild and could

Quick Heal Blog | Latest computer security news, tips, and advice Mon, 11 Nov 2019 11:46:15 +0000
  • BlueKeep Attacks seen in the wild! 

    CVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user’s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,…

  • Have you updated your browser yet? Severe Chrome Zero-day vulnerability getting actively exploited 

    Attention! Are you using Chrome as your web browsing software on your Windows, Linux and Mac? High time you update your browser!! That’s right. With Google recently releasing Chrome version 78.0.3904.87 for Windows, Mac, and Linux, there come’s an urgent warning, requesting billions of users to update their software immediately. The warning comes after…

  • KKNPP Attack: Tracking the DTrack! 

    The recent cyber-attack on Kudankulam Nuclear Power Plant (KKNPP) has been confirmed by the officials and yet again security of critical infrastructure has become the talk of the cyber world. The officials mentioned that there is no damage to control systems of the plant as the core processing controls are…

  • Attacker uses tricky technique of Excel 4.0 in Malspam campaign 

    Use of Phishing emails is not new for cyber-attack and is still one of the classic strategies to compromise a victim’s machine. Cyber criminals lure victims to open email attachments (mostly Doc and XLS files) by faking them to look like important one using keywords like invoice, payment, finance, order…

  • The infamous Spyware – Pegasus, The NSO Group and The WhatsApp snooping saga 

    The Indian media is abuzz these days with several news and allegations around snooping on several Indian citizens through a spyware named Pegasus, allegedly delivered through WhatsApp. It’s reported widely that Facebook Inc., the parent company of popular messaging app -WhatsApp, reached out to few users from India (and other…

  • What’s new in macOS Catalina ‘Security and Privacy’? 

    Apple released macOS 10.15 (Catalina) on 7th Oct 2019 and now it is publicly available for download. With multiple features presented at the WWDC 2019, here’s an overview of the new security and privacy features introduced in Catalina. Enhanced Gatekeeper Gatekeeper, is an important outer layer of security, designed to…

  • This Diwali, gift your loved ones digital security for life! 

    Diwali is that time of the year when you can literally feel the auspiciousness, fun and festivities in the air. While the streets are lightened with the bright glow of diyas and lamps, the night sky is adored by the sparkling light and boom of firecrackers. The hustle and bustle…

  • How to protect yourself from becoming victim of UPI frauds? 

    A new and interesting kind of cyber theft is making rounds in the cyber world. This time the theft involves UPI (Unified Payments Interface) as the medium for tricking innocent victims into losing their money. The increasing popularity and ease of use of digital payment apps like Google Pay or…

  • Which Antivirus to choose for protecting my Android phone? 

    Smartphones are taking the market by storm and so are the rising mobile malware attacks! As per reports by Quick Heal Security Labs, the last quarter clocked around 2,22000+ malware hits across our Android AV customers, all of which got blocked at the right time. This goes on to explain…

  • Quick Heal reports 29 malicious apps with 10 million+ downloads on Google Play Store 

    Quick Heal Security Labs reported 29 malicious apps found on Google Play Store, which have a collective download count of more than 10 Millions. Google was quick enough to remove these malicious apps from Play Store immediately. One of the Apps from this set, named “Multiapp multiple accounts simultaneously” has crossed 5 million…

Troy Hunt's Blog Sun, 10 Nov 2019 08:47:24 GMT
WeLiveSecurity Mon, 11 Nov 2019 17:10:39 +0000
How can we help
  • Virus Removal Experts
  • All Desktop & Notebook Repairs
  • Screens, Motherboards, Hard drives
  • Soldering Jobs
  • Networking
  • Custom Builds
  • Website Design
What We Do