Technology Solutions

 

IT Security Alert

The Hacker News Sat, 23 Feb 2019 12:27:18 PST
  • How to Stop Facebook App From Tracking Your Location In the Background 

    Every app installed on your smartphone with permission to access location service "can" continually collect your real-time location secretly, even in the background when you do not use them. Do you know? — Installing the Facebook app on your Android and iOS smartphones automatically gives the social media company your rightful consent to collect the history of your precise location. If you

  • Hacking Virtual Reality – Researchers Exploit Popular Bigscreen VR App 

    A team of cybersecurity researchers from the University of New Haven yesterday released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world. According to the researchers—Ibrahim Baggili, Peter Casey and Martin Vondráček—the underlying

  • Almost Half A Million Delhi Citizens' Personal Data Exposed Online 

    Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report shared with The Hacker News, Bob Diachenko disclosed that two days ago he found a 4.1 GB-sized

  • Another Critical Flaw in Drupal Discovered — Update Your Site ASAP! 

    Developers of Drupal—a popular open-source content management system software that powers millions of websites—have released the latest version of their software to patch a critical vulnerability that could allow remote attackers to hack your site. The update came two days after the Drupal security team released an advance security notification of the upcoming patches, giving websites

  • Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years 

    Beware Windows users... a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the

  • Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years 

    Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean immediately. Cybersecurity researchers at RIPS Technologies GmbH today shared their latest research with The Hacker News, revealing the existence of a critical remote code execution vulnerability that

  • Learn How XDR Can Take Breach Protection Beyond Endpoint Security 

    How do you know whether an attacker has infiltrated your network? Can you really rely on an Endpoint Detection and Response (EDR) solution to be your go-to technology for identifying security breaches? Endpoint detection and response (EDR) platform has been an important technology to detect cybersecurity incidents, but it provides only the view of endpoints, just a portion of the big picture.

  • LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers 

    Why would someone bother to hack a so-called "ultra-secure encrypted database that is being protected behind 13 feet high and 5 feet thick walls," when one can simply fetch a copy of the same data from other sources. French security researcher Baptiste Robert, who goes by the pseudonym "Elliot Alderson" on Twitter, with the help of an Indian researcher, who wants to remain anonymous,

  • Kali Linux 2019.1 Released — Operating System For Hackers 

    Wohooo! Great news for hackers and penetration testers. Offensive Security has just released Kali Linux 2019.1, the first 2019 version of its Swiss army knife for cybersecurity professionals. The latest version of Kali Linux operating system includes kernel up to version 4.19.13 and patches for numerous bugs, along with many updated software, like Metasploit, theHarvester, DBeaver, and more.

  • Popular Torrent Uploader 'CracksNow' Caught Spreading Ransomware 

    It's not at all surprising that downloading movies and software from the torrent network could infect your computer with malware, but it's more heartbreaking when a popular, trusted file uploader goes rogue. Popular software cracks/keygens uploader "CracksNow," who had trusted status from many torrent sites, has now been banned from several torrent sites after he was repeatedly found

  • How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link 

    It's 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack Facebook accounts by simply tricking the targeted users into

  • Over 92 Million New Accounts Up for Sale from More Unreported Breaches 

    All these numbers…. "More than 5 billion records from 6,500 data breaches were exposed in 2018" — a report from Risk Based Security says. "More than 59,000 data breaches have been reported across the European since the GDPR came into force in 2018" — a report from DLA Piper says. …came from data breaches that were reported to the public, but in reality, more than half of all data breaches

  • WARNING – New Phishing Attack That Even Most Vigilant Users Could Fall For 

    How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph? By checking if the site is using HTTPS? Or using software or browser extensions that detect phishing domains? Well, if you, like most Internet users, are also relying on above basic security practices to spot if that

  • Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale 

    A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web. Last week, The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online. <!

  • Ex-US Intelligence Agent Charged With Spying and Helping Iranian Hackers 

    The United States Department of Justice has announced espionage charges against a former US Air Force intelligence officer with the highest level of top-secret clearance for providing the Iranian government classified defense information after she defected to Iran in 2013. Monica Elfriede Witt, 39, was a former U.S. Air Force Intelligence Specialist and Special Agent of the Air Force Office

  • Snapd Flaw Lets Attackers Gain Root Access On Linux Systems 

    Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed "Dirty_Sock" and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the

  • Hackers Destroyed VFEmail Service – Deleted Its Entire Data and Backups 

    What could be more frightening than a service informing you that all your data is gone—every file and every backup servers are entirely wiped out? The worst nightmare of its kind. Right? But that's precisely what just happened this week with VFEmail.net, a US-based secure email provider that lost all data and backup files for its users after unknown hackers destroyed its entire U.S.

  • Researchers Implant "Protected" Malware On Intel SGX Enclaves 

    Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification. In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of SGX which are otherwise

  • Microsoft Patch Tuesday — February 2019 Update Fixes 77 Flaws 

    Microsoft has issued its second Patch Tuesday for this year to address a total of 77 CVE-listed security vulnerabilities in its Windows operating systems and other products, 20 of which are rated critical, 54 important and 3 moderate in severity. February security update addresses flaws in Adobe Flash Player, Internet Explorer, Edge, Windows, MS Office, and Office Services and Web Apps,

  • New Unpatched macOS Flaw Lets Apps Spy On Your Safari Browsing History 

    A new security vulnerability has been discovered in the latest version of Apple's macOS Mojave that could allow a malicious application to access data stored in restricted folders which are otherwise not accessible to every app. Discovered by application developer Jeff Johnson on February 8, the vulnerability is unpatched at the time of writing and impacts all version of macOS Mojave,

  • Adobe Releases February 2019 Patch Updates For 75 Vulnerabilities 

    Welcome back! Adobe has today released its monthly security updates to address a total of 75 security vulnerabilities across its various products, 71 of which resides in Adobe Acrobat and Reader alone. February 2019 patch Tuesday updates address several critical and important vulnerabilities in Adobe Acrobat Reader DC, Adobe Coldfusion, Creative Cloud Desktop Application, and Adobe Flash

  • Xiaomi Electric Scooters Vulnerable to Life-Threatening Remote Hacks 

    Smart devices definitely make our lives easier, faster, and more efficient, but unfortunately, an insecure smart device can also ruin your day, or sometime could even turn into the worst nightmare of your life. If you are an electric scooter rider, you should be concerned about yourself. In a report shared with The Hacker News in advance, researchers from mobile security firm Zimperium said

  • RunC Flaw Lets Attackers Escape Linux Containers to Gain Root on Hosts 

    A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system. The vulnerability, identified as CVE-2019-5736, was discovered by open source security researchers Adam Iwaniuk and

  • Beware!! New Windows .exe Malware Found Targeting macOS Computers 

    A malicious Windows EXE file can even infect your Mac computer as well. Yes, you heard me right — a .exe malware on macOS. Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac computers by deploying malicious EXE files that normally run only on Windows computers. Researchers

  • First Android Clipboard Hijacking Crypto Malware Found On Google Play Store 

    A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users. The malware, described as a "Clipper," masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging

Quick Heal Blog | Latest computer security news, tips, and advice Fri, 22 Feb 2019 13:05:50 +0000
  • Quick Heal Threat Report – Cryptojacking rising but Ransomware still #1 threat for consumers 

    In wake of the growing incidences of targeted cyber-attacks on enterprises using Cryptojacking, due to its ease of deployment and instant return on investments; it rather comes as a surprise that malware authors are still counting on Ransomware for targeting consumers and home users. Yes, you heard it right! According…

  • GandCrab Riding Emotet’s Bus! 

    Emotet Known for constantly changing its payload and infection vectors like spam mail, Malicious Doc and even Malicious JS files. It compromised a very high number of websites on the internet. Emotet malware campaign has existed since 2014. It comes frequently in intervals with different techniques and variants to deliver malware…

  • This Valentine fall for true love not for fake online dating apps 

    Valentine Day is that special time of the year when people are busy celebrating the essence of love. However, on the darker side, it is also a time when cyber criminals are looking to cash on your hunt for the love of your life. So, just in case you are…

  • 28 Fake Apps removed from Google Play Store post Quick Heal Security Lab reports 

    Quick Heal Security Lab has spotted 28 Fake Apps with over 48,000+ (all together) installations on Google Play Store. Google play has removed a total of 28 fake apps from the Play Store after reports by Quick Heal Security Lab. The apps do not have any legitimate functionality related to…

  • 3 essential ways to strengthen your business data security 

    For any business big or small, business data is an asset that they cannot afford to compromise at any cost. With a huge amount of data, from employee details to the credit card details of customers, stored in the form of vulnerable electronic records, the loss of even a single…

  • Anatova, A modular ransomware 

    While everyone was engaged in new year celebrations, malware authors were busy creating new ransomware for 2019. Quick Heal Security Labs has observed the first ransomware of 2019 — Anatova. During our analysis, we found that Anatova is not just ransomware but a modular one. By modular ransomware we mean,…

  • Mongolock Ransomware deletes files and targets databases 

    Ransomware has become one of the most dangerous cyber-attack methods because of the different techniques it uses to encrypt the files and evade the detection of security software to earn money. Also, at a time, it’s not limited to encrypting user’s files but also deletes the files and formats the…

  • GandCrab Ransomware along with Monero Miner and Spammer 

    Recently we saw a new campaign through spam mail attachment- zip file. It contains JavaScript file which delivers a bundle of GandCrab Ransomware, Monero miner and Spammer. This bundle of multiple malware variants is nothing new, it is common for ransomware to be paired with miner and spammer. This type…

  • Malspam email – Jack of all malware, master of none. 

    Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are…

  • Drone Safety – Flying Tips, Policies & Regulations 

    Drones Unmanned Aircraft System (UAS)/ Remotely Piloted Aircraft System (RPAS) commonly known as drones/ UAV are unmanned aerial vehicle without a human pilot aboard. The potential of drones is starting to be realized and it is making a big impact. They can take on complex tasks and reduce costs minimizing…

Troy Hunt's Blog Sun, 24 Feb 2019 00:56:31 GMT
WeLiveSecurity Sat, 23 Feb 2019 00:32:13 +0000
How can we help
  • Virus Removal Experts
  • All Desktop & Notebook Repairs
  • Screens, Motherboards, Hard drives
  • Soldering Jobs
  • Networking
  • Custom Builds
  • Website Design
What We Do