Technology Solutions

 

IT Security Alert

The Hacker News Tue, 23 Jul 2019 11:31:50 PDT
  • A New 'Arbitrary File Copy' Flaw Affects ProFTPD Powered FTP Servers 

    A German security researcher has publicly disclosed details of a serious vulnerability in one of the most popular FTP server applications, which is currently being used by more than one million servers worldwide. The vulnerable software in question is ProFTPD, an open source FTP server used by a large number of popular businesses and websites including SourceForge, Samba and Slackware, and

  • Learn Ethical Hacking From Scratch — 2019 Training Bundle 

    The world of cybersecurity is fast-paced and ever-changing. New attacks are unleashed every day, and companies around the world lose millions of dollars as a result. The only thing standing in the way of cybercrime is a small army of ethical hackers. These cybersecurity experts are employed to find weaknesses before they can be exploited. It's a lucrative career, and anyone can find work

  • Equifax to Pay up to $700 Million in 2017 Data Breach Settlement 

    Equifax, one of the three largest credit-reporting firms in the United States, has to pay up to $700 million in fines to settle a series of state and federal investigations into the massive 2017 data breach that exposed the personal and financial data of nearly 150 million Americans—that's almost half the country. According to an official announcement by the U.S. Federal Trade Commission (FTC

  • Kazakhstan Begins Intercepting HTTPS Internet Traffic Of All Citizens Forcefully 

    If you are in Kazakhstan and unable to access the Internet service without installing a certificate, you're not alone. The Kazakhstan government has once again issued an advisory to all major local Internet Service Providers (ISPs) asking them to make it mandatory for all their customers to install government-issued root certificates on their devices in order to regain access to the Internet

  • Slack Resets Passwords For Users Who Hadn't Changed It Since 2015 Breach 

    If you use Slack, a popular cloud-based team collaboration server, and recently received an email from the company about a security incident, don't panic and read this article before taking any action. Slack has been sending a "password reset" notification email to all those users who had not yet changed passwords for their Slack accounts since 2015 when the company suffered a massive data

  • Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers 

    Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people. According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen data which included taxpayer's personal

  • EvilGnome: A New Backdoor Implant Spies On Linux Desktop Users 

    Security researchers have discovered a rare piece of Linux spyware that's currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned. It's a known fact that there are a very few strains of Linux malware exist in the wild as compared to Windows viruses because of its core

  • New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission 

    Earlier this month, The Hacker News covered a story on research revealing how over 1300 Android apps are collecting sensitive data even when users have explicitly denied the required permissions. The research was primarily focused on how app developers abuse multiple ways around to collect location data, phone identifiers, and MAC addresses of their users by exploiting both covert and side

  • Engage Your Management with the Definitive 'Security for Management' Presentation Template 

    In every organization, there is a person who's directly accountable for cybersecurity. The name of the role varies per the organization's size and maturity – CISO, CIO, and Director of IT are just a few common examples – but the responsibility is similar in all places. They're the person who understands the risk and exposure, knows how prepared the team and most important – what the gaps are

  • Hackers Can Manipulate Media Files You Receive Via WhatsApp and Telegram 

    If you think that the media files you receive on your end-to-end encrypted secure messaging apps can not be tampered with, you need to think again. Security researchers at Symantec yesterday demonstrated multiple interesting attack scenarios against WhatsApp and Telegram Android apps, which could allow malicious actors to spread fake news or scam users into sending payments to wrong accounts.

  • Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu 

    The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, also runs a hidden local web

  • iOS URL Scheme Could Let App-in-the-Middle Attackers Hijack Your Accounts 

    Security researchers have illustrated a new app-in-the-middle attack that could allow a malicious app installed on your iOS device to steal sensitive information from other apps by exploiting certain implementations of Custom URL Scheme. By default on Apple's iOS operating system, every app runs inside a sandbox of its own, which prevent all apps installed on the same device from accessing

  • This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes 

    Watch out! Facebook-owned photo-sharing service has recently patched a critical vulnerability that could have allowed hackers to compromise any Instagram account without requiring any interaction from the targeted users. Instagram is growing quickly—and with the most popular social media network in the world after Facebook, the photo-sharing network absolutely dominates when it comes to user

  • Zoom Video Conferencing for macOS Also Vulnerable to Critical RCE Flaw 

    The chaos and panic that the disclosure of privacy vulnerability in the highly popular and widely-used Zoom video conferencing software created earlier this week is not over yet. As suspected, it turns out that the core issue—a locally installed web server by the software—was not just allowing any website to turn on your device webcam, but also could allow hackers to take complete control

  • Facebook to Pay $5 Billion Fine to Settle FTC Privacy Investigation 

    After months of negotiations, the United States Federal Trade Commission (FTC) has approved a record $5 billion settlement with Facebook over its privacy investigation into the Cambridge Analytica scandal. The settlement will put an end to a wide-ranging probe that began more than a year ago and centers around the violation of a 2011 agreement Facebook made with the FTC that required Facebook

  • Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits 

    Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors. IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevented proactively? That's definitely a 'NO,' which is why there's a reactive approach in place to

  • New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices 

    Are you sure the WhatsApp app you are using on your Android device is legitimate, even if it's working perfectly as intended? ...Or the JioTV, AppLock, HotStar, Flipkart, Opera Mini or Truecaller app—if you have installed any of these? I'm asking this because cybersecurity researchers just yesterday revealed eye-opening details about a widespread Android malware campaign wherein attackers

  • Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets 

    Magecart strikes again! Cybersecurity researchers have identified yet another supply-chain attack carried out by payment card hackers against more than 17,000 web domains, which also include websites in the top 2,000 of Alexa rankings. Since Magecart is neither a single group nor a specific malware instead an umbrella term given to all those cyber criminal groups and individuals who inject

  • A New Ransomware Is Targeting Network Attached Storage (NAS) Devices 

    A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file storage units connected to a network or through the Internet, which allow users to store and

  • Powerful FinSpy Spyware Found Targeting iOS and Android Users in Myanmar 

    One of the most powerful, infamous, and advanced piece of government-grade commercial surveillance spyware dubbed FinSpy—also known as FinFisher—has been discovered in the wild targeting users in Myanmar. Created by German company Gamma International, FinSpy is spying software that can target various mobile platforms including iOS and Android, we well as desktop operating systems. Gamma

  • Hackers' Operating System Kali Linux Released for Raspberry Pi 4 

    We've got some really exciting news for you... Offensive Security has released an official version of Kali Linux for Raspberry Pi 4—the most powerful version of the compact computer board yet that was released just two weeks ago with the full 4GB of RAM at low cost and easy accessibility. Based on Debian, Kali Linux has always been the number one operating system for ethical hackers and

  • Marriott Faces $123 Million GDPR Fine Over Starwood Data Breach 

    After fining British Airways with a record fine of £183 million earlier this week, the UK's data privacy regulator is now planning to slap world's biggest hotel chain Marriott International with a £99 million ($123 million) fine under GDPR over 2014 data breach. This is the second major penalty notice in the last two days that hit companies for failing to protect its customers' personal and

  • Microsoft Releases July 2019 Security Updates, 2 Flaws Under Active Attack 

    Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity. The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure

  • Unpatched Prototype Pollution Flaw Affects All Versions of Popular Lodash Library 

    Lodash, a popular npm library used by more than 4 million projects on GitHub alone, is affected by a high severity security vulnerability that could allow attackers to compromise the security of affected services using the library and their respective user base. Lodash is a JavaScript library that contains tools to simplify programming with strings, numbers, arrays, functions, and objects,

  • Dashboards to Use on Palo Alto Networks for Effective Management 

    Enterprises should expect to see more cyberattacks launched against them. The data that they now gather and store have made their infrastructures key targets for hackers. Customer data and intellectual property can be sold in the black market for profit, and sensitive information can also be used by hackers to extort them. Enterprises are now aggressively shifting their workloads to the

Quick Heal Blog | Latest computer security news, tips, and advice Sat, 20 Jul 2019 18:08:21 +0000
  • Webcam Hacking – How to prevent webcam from hacking into your privacy? 

    Imagine a day when you open your inbox and there’s this one mail containing obscene pics of you flashing on the screen. Right below is a message asking you to pay a hefty ransom to prevent your pics from getting shared with all your accounts. The thought itself is enough…

  • Ransomware As A Tool – LockerGoga 

    Ransomware authors keep experimenting with the development of payload in various dimensions. In the timeline of ransomware implementations, we have seen its evolution from a simple screen locker to multi-component model for file encryption, from novice approach to a sophisticated one. The Ransomware as a Tool has evolved in wild…

  • Beware! Email attachments can make you victim of spear phishing attacks 

    In the last few months, we’ve seen a sudden increase in Spear Phishing attacks. Spear phishing is a variation of a phishing scam wherein hackers send a targeted email to an individual which appears to be from a trusted source. In this type of attack, the attacker uses social engineering tricks and some…

  • The website I visited behaves weirdly. I wonder if I’m hacked? 

    After a busy day at office or business, you settle down on the sofa at home with coffee and you want to catch your favourite show on your phone or TV. While streaming you want to make a payment for your bills that are due. You connect to your Wi-Fi…

  • Beware! The padlock icon and HTTPS are no more indicators of safe website 

    The evolving cyber threat landscape has taken a new leap. The recent past shows a startling rise in the number of incidences of phishing attacks, where visitors have been lured into clicking fraudulent links, under the cover of security marks like padlock icon and ‘HTTPS’. Considering the rising number of…

  • What makes Quick Heal’s Next Generation Suite of Features a SMART choice to protect your privacy? 

    The cyber threat landscape is evolving every second, with thousands of new potential threats being detected every single day. With people becoming more and more conscious about their privacy and private data, such evolving threats can have a significant impact on the personal and financial life of people. In order…

  • APT-27 like Newcore RAT, Virut exploiting MySQL for targeted attacks on enterprise 

    In today’s world data is everything, and to store and process this large amount of data, everyone started using computing devices. Database servers which are used for storing this precious data on computing devices include MySQL, MongoDB, MSSQL, etc. But unfortunately, not everyone is conscious about its security. In fact, approximately…

  • CVE-2019-11815: Experts discovered a privilege escalation vulnerability in the Linux Kernel 

    Red Hat engineers and experts discovered a memory corruption vulnerability in Linux kernel, which is basically a flaw while implementation of RDS (Remote desktop Protocol) over TCP. This flaw has affected Red Hat, Ubuntu, Debian and SUSE and security advisories have been issued for all. This flaw could enable an…

  • Quick Heal supports the Windows 10 May 2019 Update 

    As part of the Windows 10 Updates, Microsoft has now come up with a new update for Windows 10 PCs. It’s called Windows 10 19H1 (Windows 10 May 2019 Update). This post lists down some of the highlights of this particular update and Quick Heal’s compatibility with the OS. Highlights…

  • What is Emotet? 

    Emotet malware was first identified in 2014 as Banking trojan. Emotet has evolved from banking trojan to threat distributor till now. It has hit many organizations very badly in 2018 with its functionalities like spamming and spreading. Further with its widespread rich/existence at many organizations, it became threat distributor. Since…

Troy Hunt's Blog Tue, 23 Jul 2019 15:02:16 GMT
WeLiveSecurity Tue, 23 Jul 2019 20:12:20 +0000
How can we help
  • Virus Removal Experts
  • All Desktop & Notebook Repairs
  • Screens, Motherboards, Hard drives
  • Soldering Jobs
  • Networking
  • Custom Builds
  • Website Design
What We Do