Cyber Dost: This Twitter handle tells you how to keep your online personal, financial data safe

The past year saw a flurry of privacy breaches across online platforms, bringing in point the question of data security in the digital world. The amount of ...

Posted on 19 January 2019 | 8:25 am

Security News This Week: Did Russia Take Another Shot at Hacking the DNC?

In other government news, we took a look at the major toll the government shutdown has taken on US cybersecurity. It ain't pretty. We broke down the ...

Posted on 19 January 2019 | 8:03 am

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday.

read more

Posted on 19 January 2019 | 7:57 am

Dennis Horton: Remember the basics to protect yourself from cybercrime

AI is being used frequently to predict and counter cybersecurity threats, and to give us some level of personal protection. However, cyber crooks also ...

Posted on 19 January 2019 | 7:07 am

Bo Weaver on Cloud security, skills gap, and software development in 2019

We also asked them about what they think about pentesting in cybersecurity, in general. They have also talked about their stance about the role of ...

Posted on 19 January 2019 | 7:07 am

Bettering Threat Intelligence And Cyber Security A New Role For Blockchain?

Blockchains are epitomised by security and safety when it comes to storing data on its distributed ledger; they use a trustless model to be utterly ...

Posted on 19 January 2019 | 6:56 am

Bettering Threat Intelligence And Cyber Security A New Role For Blockchain?

On this principle of protection, it would make sense to start applying blockchains to a new and emerging movement in cybersecurity. It has become ...

Posted on 19 January 2019 | 6:56 am

Jane Street Group LLC Lowers Position in ETFMG Prime Cyber Security ETF (HACK)

Jane Street Group LLC trimmed its holdings in shares of ETFMG Prime Cyber Security ETF (NYSEARCA:HACK) by 98.0% in the third quarter, ...

Posted on 19 January 2019 | 5:48 am

Jane Street Group LLC Lowers Position in ETFMG Prime Cyber Security ETF (HACK)

Jane Street Group LLC trimmed its holdings in shares of ETFMG Prime Cyber Security ETF (NYSEARCA:HACK) by 98.0% in the third quarter, ...

Posted on 19 January 2019 | 5:48 am

BY HEATHER COX - hcox@chronicle-tribune.com

Cybersecurity courses are in the offing at Oak Hill and Eastbrook high schools during the 2019-2020 and 2020-2021 school years to educate students ...

Posted on 19 January 2019 | 4:52 am

BY HEATHER COX - hcox@chronicle-tribune.com

Cybersecurity courses are in the offing at Oak Hill and Eastbrook high schools during the 2019-2020 and 2020-2021 school years to educate students ...

Posted on 19 January 2019 | 4:52 am

Arrested Portuguese hacker is Football Leaks 'whistleblower' - lawyers

LISBON (Reuters) - A Portuguese man arrested in Hungary on suspicion of extortion and secrecy violations hacked football bodies' documents - which ...

Posted on 19 January 2019 | 3:56 am

Edith Cowan University joins forces with PSB Academy to build talent reinforcements in cyber ...

That's the question Leonard Kleinman, Chief Cyber Security Advisor for RSA, Asia Pacific & Japan, and ECU alumnus, hoped to tackle ahead of the ...

Posted on 19 January 2019 | 12:45 am

Edith Cowan University joins forces with PSB Academy to build talent reinforcements in cyber ...

That's the question Leonard Kleinman, Chief Cyber Security Advisor for RSA, Asia Pacific & Japan, and ECU alumnus, hoped to tackle ahead of the ...

Posted on 19 January 2019 | 12:45 am

Excellence Recognized @ “Elets Digital Innovation and Cybersecurity Summit”

Haryana's Finance Minister Captain Abhimanyu felicitated government functionaries, industry vendors and startups at Digital Awards at Elets National ...

Posted on 19 January 2019 | 12:09 am

Excellence Recognized @ “Elets Digital Innovation and Cybersecurity Summit”

Haryana's Finance Minister Captain Abhimanyu felicitated government functionaries, industry vendors and startups at Digital Awards at Elets National ...

Posted on 19 January 2019 | 12:09 am

Growth hacking is like Walter White in Breaking Bad: a digital marketer's story of scaling smart

In a conversation with YourStory, Anirudh, 32, spoke about growth hacking for Indian entrepreneurs and how his journey to becoming a digital ...

Posted on 18 January 2019 | 11:15 pm

Over 900000 affected by Cebuana Lhuillier data breach

MANILA- Around 900,000 clients of Cebuana Lhuillier were affected by a breach that may have compromised their personal data, the local pawnshop ...

Posted on 18 January 2019 | 10:52 pm

How a dangerous piece of Android malware snuck into the Google Play store

Security researchers from Trend Micro recently unearthed a piece of Android malware known as Anibus that managed to sneak into the Google Play ...

Posted on 18 January 2019 | 10:07 pm

773 million email IDs hacked: How to check and what to do if yours was one of them

Dubbed Collection #1, Troy warned that the list can be used by criminals to carry out hacking attacks. Here's all you need to know about this huge ...

Posted on 18 January 2019 | 9:56 pm

Cyber security CEO won't take salary in order pay employees until shutdown ends

Moe Jafari is the the CEO of HumanTouch, a company that deals with many facets like cyber security in Tyson's Corner. They rely heavily on ...

Posted on 18 January 2019 | 9:22 pm

Cyber security CEO won't take salary in order pay employees until shutdown ends

Moe Jafari is the the CEO of HumanTouch, a company that deals with many facets like cyber security in Tyson's Corner. They rely heavily on ...

Posted on 18 January 2019 | 9:22 pm

Iowa State adopts new cybersecurity system to protect campus community

Iowa State University recently adopted a new identity and access management security platform, which resulted in a decrease in compromised student ...

Posted on 18 January 2019 | 8:30 pm

Iowa State adopts new cybersecurity system to protect campus community

Iowa State University recently adopted a new identity and access management security platform, which resulted in a decrease in compromised student ...

Posted on 18 January 2019 | 8:30 pm

DNC says it was targeted by Russian hackers after fall midterms

The Democratic National Committee (DNC) said in a new court filing this week that it was likely targeted by Russian hackers after the November ...

Posted on 18 January 2019 | 8:16 pm

Cebuana Lhuillier bares data breach, tells clients to secure accounts

MANILA - Cebuana Lhuillier on Saturday said one of its servers fell victim to data breach incidents that may have compromised the personal data of its ...

Posted on 18 January 2019 | 8:15 pm

Cebuana Lhuillier reports nationwide data breach

Financial firm Cebuana Lhuillier, known nationwide for its remittance services, reportedly suffered a nationwide data breach, which put at risk all the ...

Posted on 18 January 2019 | 8:03 pm

QualityIP celebrates growth in IT services out of downtown Kent

... QualityIP provides comprehensive IT solutions to IT clients, whether it's network efficiency, security, hardware repairs, long-term planning or software ...

Posted on 18 January 2019 | 6:33 pm

Millions of emails and passwords exposed in major data breach

Millions of emails and passwords have been compromised and posted to a hacking forum in a major data breach. According to security researcher ...

Posted on 18 January 2019 | 6:33 pm

Millions of emails and passwords exposed in major data breach

Cybersecurity expert Scott Schober says that hackers can use this information in a variety of ways. “They can perform identify theft or to try to take ...

Posted on 18 January 2019 | 6:33 pm

DNC says Russia tried to hack its servers again in November 2018

Democrats say the spear-phishing attack, which was attributed to Russian group Cozy Bear, was unsuccessful.

Posted on 18 January 2019 | 6:27 pm

DNC says Russia tried to hack its servers again in November 2018

The attacks were detected at the time by multiple cyber-security firms, which also attributed them to the ... Photos: Retro computer games that Eastern.

Posted on 18 January 2019 | 6:22 pm

DNC says Russia tried to hack its servers again in November 2018

The Democratic National Committee (DNC) claimed today that Russian hackers tried to break into its servers in November 2018, shortly after the ...

Posted on 18 January 2019 | 6:22 pm

10 Internet security tips to make 2019 your most cyber secure year ever

Cybersecurity promises to remain an important topic in the year ahead as more internet-connected devices enter the home, attackers increasingly ...

Posted on 18 January 2019 | 6:11 pm

10 Internet security tips to make 2019 your most cyber secure year ever

The new year is here, and now is the perfect time to wipe the slate clean and start 2019 off on the right foot. While many people's New Year's ...

Posted on 18 January 2019 | 6:11 pm

Broadalbin-Perth students aim to be best cybersecurity team in the nation

January 18, 2019 07:03 PM. Students in the Broadalbin-Perth School District have one of the best cybersecurity teams in the state. Now, they want to ...

Posted on 18 January 2019 | 6:11 pm

Emsisoft's free ransomware removal tools save users more than $500 million

1) Antivirus software: Good antivirus software with real-time protection capabilities can detect the presence of ransomware and stop it before it can ...

Posted on 18 January 2019 | 6:11 pm

Facebook Faces Potential Record US Fine on Privacy Violations

A U.S. privacy investigation of Facebook Inc., begun after a major data breach was exposed in March, is likely to result in a record fine against the ...

Posted on 18 January 2019 | 5:48 pm

Kim's Take: This data breach will go down as one of the biggest in history

There's been another data breach. But this breach will go down as one of the biggest in history. The latest data breach includes 770 million unique ...

Posted on 18 January 2019 | 5:26 pm

Welp, The DNC Believe They Were The Target Of Yet Another Hacking Attempt By Russia

The Democratic National Committee believe that late last year they were once again the target of a Russian cyberattack, according to new court ...

Posted on 18 January 2019 | 5:26 pm

Largest Data Breach Ever Exposes Hundreds​ of Millions of Passwords, Emails

These days, massive data breaches seem just like a common, even boring, fact of life. But occasionally, a breach comes along that gives people ...

Posted on 18 January 2019 | 5:26 pm

Collection #1 Data Breach: What Happened, and What You Can Do About It

Winthrop & Weinstine attorney Nadeem Schwen discusses the Collection #1 data breach, and how individuals and businesses can protect themselves ...

Posted on 18 January 2019 | 5:26 pm

CyberSecurity San Antonio Head Moving On To New Post

CyberSecurity San Antonio will have a new leader while Port San Antonio adds a new director of cybersecurity — moves some view as indicative of a ...

Posted on 18 January 2019 | 5:15 pm

CyberSecurity San Antonio Head Moving On To New Post

CyberSecurity San Antonio will have a new leader while Port San Antonio adds a new director of cybersecurity — moves some view as indicative of a ...

Posted on 18 January 2019 | 5:15 pm

Comprehensive Report on The Global Cybersecurity Market 2019-2025:Profiling Players IBM ...

The cybersecurity comprises of the technologies, processes and controls that are made to protect systems, data and networks from cyber-attacks.

Posted on 18 January 2019 | 5:03 pm

Facebook May Be Slapped with 'Record-Setting' FTC Fine for Data Breach Scandal

The US Federal Trade Commission is considering slapping Facebook with a “record-setting” fine for its epic data-breach scandal. The social media ...

Posted on 18 January 2019 | 5:03 pm

How can I tell if hackers have any of my passwords?

... a useful site called “Have I Been Pwned” reported that another huge cache of email addresses and passwords had been posted to a hacking forum.

Posted on 18 January 2019 | 5:03 pm

Criminals Stole SEC Filings in Insider Trading Scheme

"They targeted the Securities and Exchange Commission with a series of sophisticated and relentless cyber-attacks, stealing thousands of confidential ...

Posted on 18 January 2019 | 5:03 pm

800 million accounts hacked: How to find out if you're one of them

Have you been hacked? That's the question hundreds of millions of people are asking after a "dark web" list came to light this week with e-mails and ...

Posted on 18 January 2019 | 4:52 pm

Improvements to SiteCheck Website Scanner

SiteCheck is Sucuri's free website malware and security scanner offered to anyone who wants to scan their websites for malware and blacklist status.

Posted on 18 January 2019 | 4:52 pm

800 million accounts hacked: How to find out if you're one of them

The more things you've signed up for online the more you're at risk. ... said Rob Gordon the Senior Information Security Engineer with USC Upstate.

Posted on 18 January 2019 | 4:52 pm

Privacy Perils: Protecting Data While on the Road

When the world's cyber-security experts meet at the largest computer security conference in Las Vegas, many of them leave their regular devices at ...

Posted on 18 January 2019 | 4:41 pm

Russia attempted to hack the DNC again after the 2018 Midterms, claim Democrats

New court documents filed by the Democratic National Committee unveiled a previously unknown infiltration attempt by Russian hackers.

Posted on 18 January 2019 | 4:41 pm

How prepared are Indian businesses to fight cyber fraud

In 2018, an engineering company in Mumbai was the victim of a cyber attack, who made transfer of over Rs 20 lakh from their accounts. According to ...

Posted on 18 January 2019 | 4:30 pm

Trend Micro reports Anubis-related malware apps

Trust Trend Micro when it publishes a special report. We have shared with you a number of related reports like that HiddenMiner Android malware ...

Posted on 18 January 2019 | 4:30 pm

DNC Says It Was Targeted Again by Russian Hackers After '18 Election

SAN FRANCISCO — The Democratic National Committee believes it was targeted in a hacking attempt by a Russian group in the weeks after the ...

Posted on 18 January 2019 | 4:18 pm

Linux Users Beware: Cryptojacking Malware Can Now Evade Cloud-based Security

As per reports by the Palo Alto Networks security firm, a new cryptojacking malware has been introduced that is capable of eluding cloud-based ...

Posted on 18 January 2019 | 3:56 pm

Cybersecurity and Maritime Industry

Nowadays, information security is considered as one of the most fundamental and critical factors that evaluates the reliability and availability of a ...

Posted on 18 January 2019 | 3:56 pm

Cybersecurity and Maritime Industry

Nowadays, information security is considered as one of the most fundamental and critical factors that evaluates the reliability and availability of a ...

Posted on 18 January 2019 | 3:56 pm

Cybersecurity and Maritime Industry

Nowadays, information security is considered as one of the most fundamental and critical factors that evaluates the reliability and availability of a ...

Posted on 18 January 2019 | 3:56 pm

Cybersecurity and Maritime Industry

Cybersecurity is in the foreground and constitutes the ongoing effort to protect ICT and network systems and all of the data from unauthorized access, ...

Posted on 18 January 2019 | 3:56 pm

VC Investments in Cybersecurity Hit Record Highs in 2018

Investors continued to pour money into the US cybersecurity market last year, as well as into several other countries, notably the UK, China, and Israel.

Posted on 18 January 2019 | 3:45 pm

Android malware uses phone motion sensors to hide itself

A similar escalation is happening within Android malware: as security researchers and the Google Play Store itself get better and better at tracking and ...

Posted on 18 January 2019 | 3:45 pm

MARKET REPORT: Investors log off from cyber security firm Sophos after a fall in clients follows ...

Online security firm Sophos had little good news for investors after admitting it was dogged by subdued performance for the last three months of 2018.

Posted on 18 January 2019 | 3:45 pm

VC Investments in Cybersecurity Hit Record Highs in 2018

Investors continued to pour money into the US cybersecurity market last year, as well as into several other countries, notably the UK, China, and Israel.

Posted on 18 January 2019 | 3:45 pm

MARKET REPORT: Investors log off from cyber security firm Sophos after a fall in clients follows ...

Online security firm Sophos had little good news for investors after admitting it was dogged by subdued performance for the last three months of 2018.

Posted on 18 January 2019 | 3:45 pm

Biggest Data Breach Yet Has Leaked 773 Million Emails. Here's What You Need to Do Now

Looks like it's time to change your passwords, again: security experts have flagged up a monster data breach made up of some 773 million email ...

Posted on 18 January 2019 | 3:45 pm

Baltimore Orders Security Review After Potential Staff Hack

(TNS) — Mayor Catherine Pugh ordered a security review after a ... Public Works director and was found with hacking tools on his own city computer, ...

Posted on 18 January 2019 | 3:33 pm

Providers Rise to Meet the Challenge of K–12 Data Security

Ensuring top-quality data security has become a growing challenge over the years. In 2018, the education sector had 101 reported data breaches and ...

Posted on 18 January 2019 | 3:33 pm

Baltimore Orders Security Review After Potential Staff Hack

(TNS) — Mayor Catherine Pugh ordered a security review after a ... Public Works director and was found with hacking tools on his own city computer, ...

Posted on 18 January 2019 | 3:33 pm

Baltimore Orders Security Review After Potential Staff Hack

(TNS) — Mayor Catherine Pugh ordered a security review after a technology staffer at Baltimore's water agency gave himself special access to the ...

Posted on 18 January 2019 | 3:33 pm

Baltimore Orders Security Review After Potential Staff Hack

It also included an email from a security officer in the city's IT department to Cumming. The security officer wrote that Clifton took steps to configure ...

Posted on 18 January 2019 | 3:33 pm

WiFi firmware bug affects laptops, smartphones, routers, gaming devices

List of impacted devices includes PS4, Xbox One, Samsung Chromebooks, and Microsoft Surface devices.

Posted on 18 January 2019 | 3:26 pm

Phillips Nizer Adds Data Technology and Cybersecurity Practice Head in New York

“As the regulator in charge of oversight of New York State's cybersecurity and virtual currency regulations for much of the financial services sector, ...

Posted on 18 January 2019 | 3:22 pm

Phillips Nizer Adds Data Technology and Cybersecurity Practice Head in New York

“As the regulator in charge of oversight of New York State's cybersecurity and virtual currency regulations for much of the financial services sector, ...

Posted on 18 January 2019 | 3:22 pm

Malware Mines Monero On Cloud Servers

According to the report, Rocke's malware targets public cloud infrastructure running on Linux servers, specifically going after cloud security products ...

Posted on 18 January 2019 | 3:22 pm

Rocke Malware: Sneaky Monero Miner Can Disable Cloud Security

There is a new malware out there to watch out for. Dubbed the Rocke Malware, this form of cryptojacking has the ability to disable cloud security ...

Posted on 18 January 2019 | 3:18 pm

New Monera CryptoMining Malware Targeting Alibaba and Tencent Clouds

“Palo Alto networks recently captured and investigated new samples of the Linux coin mining malware used by the Rocke group. The family was ...

Posted on 18 January 2019 | 3:11 pm

Strengthening cyber-security defences

"There is no magic wand that can solve all cyber-security problems. For different kinds of data, and the different adversaries working to obtain ...

Posted on 18 January 2019 | 3:00 pm

Two research centres at NUS, NTU set up to develop data protection tech in Smart Nation era

"There is no magic wand that can solve all cyber-security problems. For different kinds of data, and the different adversaries working to obtain ...

Posted on 18 January 2019 | 3:00 pm

New Year, New Features for Fallout EK

The new year is a time for resolutions and promises of change, so much so that even malware has returned from a bit of time off with some new ...

Posted on 18 January 2019 | 3:00 pm

2018 Cybersecurity Venture Capital Investment Reaches Record $5.3B, Nearly Double that of 2016

2018 proved to be an active year for cybersecurity investing, with record highs in dollars invested which included increased average deal size, ...

Posted on 18 January 2019 | 3:00 pm

Why wasn't cyber security strategy to cut Internet rolled out?

While the Committee of Inquiry's (COI) report into the SingHealth data breach gives several reasons for Internet surfing separation (ISS) not being ...

Posted on 18 January 2019 | 3:00 pm

Mitigating Breach Costs

By looking at all of the data, network and security teams can work together to see the completed puzzle and help make future attacks more difficult for ...

Posted on 18 January 2019 | 2:48 pm

Malware Evades Detection One Step at a Time

“We looked into this campaign and found that the apps dropped a malicious payload that we can safely link to the known banking malware Anubis ...

Posted on 18 January 2019 | 2:37 pm

Security experts, Wolf Halton and Bo Weaver, discuss pentesting and cybersecurity [Interview]

Bo Weaver: For one thing, pentesting has become an accepted and required practice in network security. I do remember the day when the attitude was ...

Posted on 18 January 2019 | 2:37 pm

Security experts, Wolf Halton and Bo Weaver, discuss pentesting and cybersecurity [Interview]

In their section, we talk about the role of pentesting in cybersecurity. Previously, the authors talked about why Kali Linux is the premier platform for ...

Posted on 18 January 2019 | 2:37 pm

China Is Building a National-Level Cybersecurity Industrial Park

A national-level cybersecurity industrial park is under development in Beijing, China to boost the industry and tap into the potential of domestic tech ...

Posted on 18 January 2019 | 2:30 pm

Exploit for Recent Flash Zero-Day Added to Fallout Exploit Kit

An updated version of the Fallout exploit kit recently emerged with an exploit for a recent Flash zero-day included in its arsenal, Malwarebytes Labs security researchers warn.

read more

Posted on 18 January 2019 | 2:30 pm

Researchers find Telegram bot chatter is actually Windows malware commands

Decrypted Telegram bot chatter was found to actually be a new Windows malware, dubbed GoodSender, which uses the messenger platform to listen ...

Posted on 18 January 2019 | 2:15 pm

Crypto Update: Coins Drift Lower but Damage Remains Limited

The major cryptocurrencies continue to trade in narrow ranges following last week's decline and this week's failed rally attempt. While Bitcoin is stuck ...

Posted on 18 January 2019 | 2:15 pm

Android ES File Explorer open port vulnerability divulged

Craig Young, computer security researcher for Tripwire's VERT, told SC Media the problem is even more severe than Alderson noted as the intruder ...

Posted on 18 January 2019 | 2:15 pm

Google Play boots fake apps that spy on devices' motion sensor data before dropping Anubis ...

... to be expunged from Google Play, according to researchers who discovered they were infecting users with a version of the Anubis banking malware ...

Posted on 18 January 2019 | 2:15 pm

Temporary micropatch available for zero-day Windows exploit

Microsoft releases patches on the second Tuesday of every month, a day that has become known in the software industry as Patch Tuesday. It rarely ...

Posted on 18 January 2019 | 2:15 pm

Dupont Capital Management Lowered Microsoft (MSFT) Stake By $3.50 Million; Kiltearn Partners ...

Some Historical MSFT News: 08/05/2018 – Microsoft Patch Tuesday, May 2018 Edition; 19/03/2018 – CORRECTED-Dropbox IPO oversubscribed; ...

Posted on 18 January 2019 | 2:14 pm

Conflicts can arise when moving Windows 10 to a new drive

A: Actually, I also use both LastPass and a VPN. I've had no problems getting LastPass to work while connected to my VPN, and I tested using VPN ...

Posted on 18 January 2019 | 2:03 pm

US midterms barely over when Russians came knocking on our servers (again), Democrats claim

Russian hackers attempted to infiltrate the Democratic National Committee (DNC) just after the US midterm elections last year, according to a new ...

Posted on 18 January 2019 | 2:03 pm

Survey: Execs worldwide back IoT security rules

The National Institute of Standards and Technology has also been working to develop guidance on IoT cybersecurity and privacy risks. It put a draft of ...

Posted on 18 January 2019 | 2:03 pm

TWC9: Alexa Azure DevOps Skills, Hacking Your Career, ML.NET 0.9, 6502 Assembly in VS Code ...

This week on Channel 9, Christina is reliving the days of Tom from MySpace, while also breaking down the latest developer news, including: [00:33] ...

Posted on 18 January 2019 | 1:52 pm

Mondelez's $100M Fight With Zurich May Curb Hack Coverage

Conversely, Joshua Mooney, co-chair of White and Williams LLP's cyber law and data protection group, said Mondelez's assertion that Zurich's ...

Posted on 18 January 2019 | 1:52 pm

Messenger: It's time to undo the 'splitting and hacking' of St. Louis and put it back together

“I am in favor of total consolidation of St. Louis County, but I am not in favor of dividing it, splitting and hacking it in this manner,” the St. Louis lawyer ...

Posted on 18 January 2019 | 1:45 pm

Linux-Targeting Cryptojacking Malware Disables Cloud-Based Security Measures: Report

A new cryptojacking malware has the ability to disable cloud-based security measures to avoid detection on Linux servers, research by information ...

Posted on 18 January 2019 | 1:41 pm

Android malware uses accelerometer readings to figure out if it was running on a real phone or in ...

Malware authors have a problem: they want their software to run aggressively when no one is looking at it, but to shut down entirely if the device it's ...

Posted on 18 January 2019 | 1:41 pm

773m email addresses, 21m passwords stolen in large-scale data breach

More than 773 million e-mail addresses amounting to a hefty 87GB have been discovered to be hacked, a security researcher revealed, in what is ...

Posted on 18 January 2019 | 1:41 pm

GUEST ESSAY: Why the hack of South Korea's weapons, munitions systems was so predictable

In today's environment for commercial business, let alone government security and defense agencies, the de rigueur approach for cyber security ...

Posted on 18 January 2019 | 1:41 pm

Linux-Targeting Cryptojacking Malware Disables Cloud-Based Security Measures: Report

A new cryptojacking malware has the ability to disable cloud-based security measures to avoid detection on Linux servers, research by information ...

Posted on 18 January 2019 | 1:41 pm

Leveraging Identity to Tackle Insider Threats in Government

Government employees have access to key applications and sensitive information that can impact citizens and national security, and in many cases, ...

Posted on 18 January 2019 | 1:41 pm

BSides Delaware 2018, David Schuetz' (@DarthNull) 'How Things Work: A Deep Dive Into ...

BSides Delaware 2018, David Schuetz' (@DarthNull) 'How Things Work: A Deep Dive Into 1Password Security'. by Marc Handelman on January 18, ...

Posted on 18 January 2019 | 1:41 pm

Technology services conference readies for kickoff with KnowBe4

B-Sides is a information technology security conference, hosted by the Tampa Bay chapter of ISC(2). The Clearwater-based company is a nonprofit ...

Posted on 18 January 2019 | 1:30 pm

Hackers Actively Scanning for ThinkPHP Vulnerability, Akamai Says

There is widespread scanning for a recently disclosed remote code execution vulnerability in the ThinkPHP framework, Akamai reveals. 

read more

Posted on 18 January 2019 | 1:22 pm

Russian Hackers Allegedly Attempted to Breach the DNC After the 2018 Midterms

Russian hackers attempted to breach Democratic National Committee email addresses in a spear-phishing campaign just after the 2018 midterms, ...

Posted on 18 January 2019 | 1:18 pm

Ingenious! The Android malware which only triggers if you're moving

It's a truth universally acknowledged that malware authors don't like security companies detecting their malicious code. Or indeed app stores detecting ...

Posted on 18 January 2019 | 1:18 pm

What's next for mainframe security?

The ability to access tax returns or Social Security information from a phone is a strong draw even though, most of the time, there hasn't been enough ...

Posted on 18 January 2019 | 1:07 pm

Democrats allege new Russian hack attempts against DNC

Late Thursday night, the Democratic National Committee amended a lawsuit — stemming from the 2016 DNC hack — against Russia, several ...

Posted on 18 January 2019 | 12:55 pm

Former Baltimore IT worker who was target of investigation loses new job with school system

... the inspector general's investigation released Thursday, saying the hacking tools and other materials on his computer were part of security research.

Posted on 18 January 2019 | 12:45 pm

GandCrab returns with trojans and redundency

Researchers described BetaBot as a “Swiss army knife” type of malware without a sole purpose but instead having a behavior determined by its C2 ...

Posted on 18 January 2019 | 12:45 pm

Hack: 'Ko has her magic back, great for the game'

Damon Hack reveals why Lydia Ko is the best thing he saw in the Diamond Resorts Tournament of Champions second round.

Posted on 18 January 2019 | 12:41 pm

SEC and New Jersey US Attorney's Office Bring Parallel Charges in EDGAR Hacking Scheme

The SEC charged a Ukrainian hacker, six individual traders in California, Ukraine and Russia, and two entities. In 2015, the SEC charged the hacker ...

Posted on 18 January 2019 | 12:36 pm

Protecting Space with a Bold Cyber Security Portfolio and Strategy

This nearly 10-fold increase in machinery orbiting the Earth brings with it a number of cyber-security-related challenges. The first is related to “space ...

Posted on 18 January 2019 | 12:33 pm

Protecting Space with a Bold Cyber Security Portfolio and Strategy

This nearly 10-fold increase in machinery orbiting the Earth brings with it a number of cyber-security-related challenges. The first is related to “space ...

Posted on 18 January 2019 | 12:33 pm

Verizon to roll out free robocoll spam protection to all customers

Call Filter service to be made available to all wireless and wired customers with compatible phones in March 2019.

Posted on 18 January 2019 | 12:32 pm

Can State's New Cyber Bureau Hack It?

At a time when the United States and its adversaries are making major investments in offensive hacking capabilities, current and former officials say ...

Posted on 18 January 2019 | 12:30 pm

Data breach leaks millions of passwords: crypto users beware

Over the last hours, several reports have emerged on Reddit and other sources regarding a large data breach containing millions of passwords and ...

Posted on 18 January 2019 | 12:11 pm

Phony job interview leads to cyberattack on Chilean ATMs

Hackers pretending to screen a Chilean ATM network staffer for a new job instead slipped malware onto his work computer, leading to a broader ...

Posted on 18 January 2019 | 12:11 pm

Cyberattack forces Health Sciences North to place systems on downtime at 24 hospitals

A cyberattack on Health Sciences North in Sudbury, Ontario, yesterday has reportedly disrupted multiple systems at 24 of the Canadian health ...

Posted on 18 January 2019 | 12:11 pm

Xbash Malware Uninstalls Cloud Security Products

Recent samples of the destructive Xbash Linux malware can uninstall cloud security protection products from infected servers, Palo Alto Networks reports. 

read more

Posted on 18 January 2019 | 12:00 pm

Health-care sector is far too vulnerable to cybersecurity threats

When it comes to investing in technology, many health-care organizations opt to fund information technology (IT) infrastructure not cyber security.

Posted on 18 January 2019 | 12:00 pm

Xbash Malware Uninstalls Cloud Security Products

Recent samples of the destructive Xbash Linux malware can uninstall cloud security protection products from infected servers, Palo Alto Networks ...

Posted on 18 January 2019 | 12:00 pm

Netflix, YouTube, Amazon and Apple accused of GDPR breach

Tech companies including Netflix, YouTube, Amazon, Apple and Spotify are in breach of the EU's new data regulations, according to a complaint filed ...

Posted on 18 January 2019 | 11:50 am

French defense chief touts offensive tack in new cyber strategy

PARIS — The French military plans to develop and deploy offensive cyber weapons and improve the protection of its networks from “security events," ...

Posted on 18 January 2019 | 11:48 am

More than 770 million emails and passwords exposed in a massive breach

It seems like data breaches happen all the time nowadays. After this latest one, cybersecurity experts said if you haven't changed your password, the ...

Posted on 18 January 2019 | 11:48 am

Marco Rubio Proposes New Federal Data Privacy Bill

U.S. Senator Marco Rubio (R-Fla.) introduced a bill on Wednesday designed to provide privacy legislation for the entire nation -- that is, federal law. It is based on the Privacy Act of 1974, which was introduced post-Watergate to protect people from government storage and retrieval of personal data.

read more

Posted on 18 January 2019 | 11:43 am

'Zero-day virus' impacts hospitals across Ontario

The as-yet-unidentified malware resulted in the cancellation of medical appointments and treatments, with Giroux stating that “21 of the 24 ...

Posted on 18 January 2019 | 11:37 am

Safeguard Your Data and Privacy with This Highly-Versatile VPN

It seems as though not a day goes by without news breaking of another large-scale cyber attack. Both individual hackers and government-sponsored ...

Posted on 18 January 2019 | 11:33 am

IBD Stock Of The Day: This Cybersecurity Provider Rides Cloud To Profits

When companies use private telecom networks, web security gateways enforce rules on what workers can access and inspect data traffic for malware.

Posted on 18 January 2019 | 11:26 am

CableLabs tracks down blockchain security threats

Blockchain creates a shared ecosystem across parties to exchange information in a way that grants permission, but the Security Technologies arm of ...

Posted on 18 January 2019 | 11:26 am

'Twitter, show me the gross inevitable conclusion of toxic rockstar culture'

“There is no standardized review/scoring system in computer security scene,” the site said, writing in a blog post on January 3. “We built pwnhead.com ...

Posted on 18 January 2019 | 11:15 am

Barracuda Adds Incident Response to Email Security Offering

Barracuda Networks this week announced automated incident response capabilities are now available for customers using its Total Email Protection solution. 

read more

Posted on 18 January 2019 | 11:15 am

Huge cache of stolen credentials both stunning and old news

Stunning in that it's a single resource that someone or some group has been using to aid their work, particularly credential stuffing attacks.

Posted on 18 January 2019 | 11:15 am

Windows 7 Support Ends in One Year – Here's Why You Should Care

In essence, it means that the clock is ticking for their online security. Microsoft doesn't just release a new operating system, and then rest on its laurels.

Posted on 18 January 2019 | 11:03 am

By 2021, Cyber Security Market to Reach USD 180.77 Billion, Globally: Zion Market Research

According to the research report published by Zion Market Research, global cyber security market was valued at USD 105.45 billion in 2015, ...

Posted on 18 January 2019 | 11:01 am

This phone malware only works while you walk

A new sort of smartphone malware was discovered that only activates while the host phone is in motion. This malware utilizes the phone's motion ...

Posted on 18 January 2019 | 10:41 am

PCI SSC Releases New Security Standards for Payment Software

The Payment Card Industry Security Standards Council (PCI SSC) this week announced new security standards for the design, development and maintenance of payment software.

read more

Posted on 18 January 2019 | 10:38 am

'Major flaws' in cyber insurance policies identified

Cover can also be limited to the brief period that businesses are interrupted during a cyber attack, ignoring the significant knock-on revenue impact ...

Posted on 18 January 2019 | 10:36 am

Microsoft: Switch to iOS or Android because Windows 10 Mobile is ending

That's going to come to an end on Patch Tuesday this coming December. Certain online services will continue to operate beyond that date; device ...

Posted on 18 January 2019 | 10:35 am

Tech Trends: The Integrator's Role in Cyber Specification

Specifying a cyber-secure installation starts with a consultant, but must take into account the ... Is there a formal information security program in place?

Posted on 18 January 2019 | 10:31 am

HSN system infected with zero day virus

HSN's computer virus affecting 24 hospitals in north east ... They have a cyber security firm on the ground working on it, but there's more clarity on just ...

Posted on 18 January 2019 | 10:30 am

Massive Data Breach Leaks 772 million Emails, 21 million Passwords

The breach was first reported by Troy Hunt, the security researcher who runs the site Have I Been Pwned, where you can check if your email or ...

Posted on 18 January 2019 | 10:28 am

DNC: Target of Russia cyberattack after 2018 midterms

The Democratic National Committee filed a legal complaint Thursday night alleging that it was the target of a cyberattack by Russia one week after the ...

Posted on 18 January 2019 | 10:24 am

Collection #1 Breach Posts 773 Million Hacked Accounts for Sale

If the sheer number of data breaches occurring daily hasn't done it, the revelation that data related to 773 million accounts has been collected and put ...

Posted on 18 January 2019 | 10:18 am

Best Password Managers for Android in 2019

1Password— easily the best password manager we've tested, combined with a quality Android app; Dashlane — simple, secure, and packed with ...

Posted on 18 January 2019 | 10:12 am

Best Password Managers for Android in 2019

What LastPass lacks in features, it makes up for in ease of use. After logging into LastPass with your master password, you'll be able to see a catalog ...

Posted on 18 January 2019 | 10:12 am

Best Password Managers for Android in 2019

1Password— easily the best password manager we've tested, combined with a quality Android app; Dashlane — simple, secure, and packed with ...

Posted on 18 January 2019 | 10:12 am

Best Password Managers for Android in 2019

After an onslaught of online scams and data breaches made headline news last year, making your digital security a priority in 2019 is more than just a ...

Posted on 18 January 2019 | 10:12 am

Collection 1 breach prompts calls for security updates, investment

While the Collection 1 data dump – a whopping 773 million unique emails – dazzled with its size, it also underscored the need to shift away from ...

Posted on 18 January 2019 | 10:07 am

The Shift News cyber attack reported by Mapping Media Freedom

The vicious cyber attack perpetrated on The Shift News following revelations of corruption on the public hospitals deal negotiated by Minister Konrad ...

Posted on 18 January 2019 | 10:07 am

Fighting AI With AI: Army Seeks Autonomous Cyber Defenses

The U.S. Army is seeking information about “Autonomous Cyber” ... and protect its own intelligent systems against sophisticated cyberattacks. In other ...

Posted on 18 January 2019 | 10:07 am

IndigoVision's HD Ultra Camera Range

As well as being smart these cameras take cyber-security seriously with ... Control Center user interface in the event that a cyber-attack takes place.

Posted on 18 January 2019 | 9:56 am

NASA Embraces Bitcoin Blockchain to Prevent Aerospace Cyber Attacks & Air Traffic Mgt

Distributed ledger technology (DLT) is the grit of the flourishing Bitcoin (BTC) and the crypto sector at large. DLT is a revolutionary method to hold ...

Posted on 18 January 2019 | 9:56 am

West African banks suffer wave of malware attacks

Since mid-2017, cybercriminals have been targeting financial institutions in a number of West African countries using a variety of commodity malware ...

Posted on 18 January 2019 | 9:45 am

Making the Most of Mobile Opportunities – With or Without the Internet

Since offline apps exchange data between other devices, the internet and the cloud, businesses must look at their security practices across all devices ...

Posted on 18 January 2019 | 9:45 am

Employee's firing prompts Baltimore IT security review

BALTIMORE, MD (AP) — A Baltimore employee was found with hacking tools on his city computer, prompting the mayor to order a security review.

Posted on 18 January 2019 | 9:45 am

Zero-Day Virus Forces EHR Downtime at 21 Health Science North Hospitals

“But we had good backup data, so we will be able to restore information. So we're confident that by Friday, we will begin restoring our most major ...

Posted on 18 January 2019 | 9:45 am

Do You Know Your Customers?

Information Security Buzz spoke to a variety of technology professionals to gauge exactly what 'Know Your Customer' Day means to them and their ...

Posted on 18 January 2019 | 9:33 am

Cyber Security market 2018-2025 upcoming market behaviour forecast with trends, challenges and ...

Cyber Security Market covers definition, classification, industry value, price, cost and gross profit. It also covers types, enterprises and applications.

Posted on 18 January 2019 | 9:22 am

Cyber attacks on banks a big challenge: Goa DGP

He expressed concern over the mega financial crimes being committed by cyber fraudsters, and described the attack on financial institutions as a ...

Posted on 18 January 2019 | 9:17 am

Industry experts comment on Collection #1 data breach

Industry experts have been providing comments on the Collection #1 data breach – the largest ever database of breached login details leaked on the ...

Posted on 18 January 2019 | 9:11 am

Over 772 million email addresses leaked in massive breach

“It's made up of many different individual data breaches from literally thousands of different sources.” The unique email addresses totalled ...

Posted on 18 January 2019 | 9:11 am

Microsoft Launches Azure DevOps Bug Bounty Program

Microsoft announces new Azure DevOps bounty program

read more

Posted on 18 January 2019 | 9:07 am

Global Antivirus Software Market 2019 Top Trends | Avast Software, ESET, F-Secure, Fortinet and ...

The essential thought of Global Antivirus Software statistical surveying report is to remember the basic parts of the industry including creating market ...

Posted on 18 January 2019 | 9:02 am

Brexit could increase the UK's cyberattack risk – is education the answer?

Brexit runs the risk of making the UK less able to defend against a cyberattack, prompting one expert to call for an increased focus on cybersecurity ...

Posted on 18 January 2019 | 9:02 am

Deriving true value from actionable threat intelligence

NTT Security look at how relevant and actionable threat intelligence is key to protecting organisations against cyber attacks. Intelligence has long ...

Posted on 18 January 2019 | 9:00 am

'Collection #1' data breach is just the beginning, cyber security experts warn

Cyber security journalist Brian Krebs reported that he had spoken to someone selling the collection, and that it is just one part of a numbered series ...

Posted on 18 January 2019 | 8:48 am

US Carriers Promise Again To Stop Selling Customer Location Data

US Carriers Promise Again To Stop Selling Customer Location Data ... Jonathan Deveaux, Head of Enterprise Data Protection at Comforte AG:.

Posted on 18 January 2019 | 8:48 am

'Collection #1' data breach is just the beginning, cyber security experts warn

Cyber security journalist Brian Krebs reported that he had spoken to someone selling the collection, and that it is just one part of a numbered series ...

Posted on 18 January 2019 | 8:48 am

Who Goes There? How Blockchain Could Transform Identity And Access Management

Digital identity is, of course, closely linked with issues of privacy and data protection, particularly following the introduction of stricter data protection ...

Posted on 18 January 2019 | 8:48 am

South Korean Defense Agency Breached

In today's environment for commercial business, let alone government security and defense agencies, the de rigueur approach for cyber security ...

Posted on 18 January 2019 | 8:26 am

Rate of Cybersecurity Venture Funding Not Sustainable, Investors Say

Venture capital firm Strategic Cyber Ventures (SCV) considers itself a part of the overall security industry. "First and foremost we are cyber operators," it states on its website. "We advance cybersecurity through expert investment in synergistic teams and technology solving the world's security problems."

read more

Posted on 18 January 2019 | 8:16 am

The Best macOS Apps That Actually Make Good Use of the Touch Bar

Password-remembering manager extraordinaire 1Password also has some solid Touch Bar support to take advantage of. The main way you're going ...

Posted on 18 January 2019 | 8:15 am

Why anomaly detection should be your number one priority in 2019

In networking, anomaly detection is a form of AI that is used within monitoring tools to identify anomalous behavior that could indicate a cyberattack.

Posted on 18 January 2019 | 8:09 am

France to invest more money and staff in cyber defense: minister

18 (Xinhua) -- France planned to pour more money and human resources into cyber military resources to better defend against cyber attacks from ...

Posted on 18 January 2019 | 8:06 am

New strategy for cyber security in the Danish maritime sector

The responsibility for cyber and information security in the maritime sector lies with the Danish Maritime Authority. The new strategy covers ...

Posted on 18 January 2019 | 8:03 am

Impact of U.S. Government Shutdown on Cybersecurity: Feedback Friday

The failure of President Donald Trump and the Democratic Party to reach an agreement over funding for the controversial Mexico border wall has led to the longest government shutdown in US history.

read more

Posted on 18 January 2019 | 7:53 am

MEGA Data Breach

This information could be used for credential stuffing attacks which can harm ... Fortunately, security technologies like data loss prevention (DLP), ...

Posted on 18 January 2019 | 7:41 am

Android MALWARE used a clever trick to hide itself on phones

So how was this app able to avoid Google's antivirus checks? Because on the surface they appear malware-free.

Posted on 18 January 2019 | 7:32 am

Antivirus Software Market Increasing Demand for Smartphones Creates Growth Opportunities ...

A report, titled “the Antivirus Software Market” has been added to our repository. The report represents the current situation of the market based on ...

Posted on 18 January 2019 | 7:18 am

Kaspersky Security Cloud Free Review – Protect your Windows PC

Kaspersky Security Cloud (basic version) is a free Antivirus solution for Windows computers which also offers secure connection(VPN) when browsing ...

Posted on 18 January 2019 | 6:45 am

These malicious Android apps will only strike when you move your smartphone

Apps containing the Anubis banking Trojan and an interesting motion sensor have been found in the Google Play store.

Posted on 18 January 2019 | 5:52 am

Temporary fix available for one of the two Windows zero-days released in December

The temporary patch was released because Microsoft didn't release an official patch for either of the two zero-days during the January Patch Tuesday ...

Posted on 18 January 2019 | 5:46 am

Temporary fix available for one of the two Windows zero-days released in December

Microsoft did not issue official fixes during the recent January Patch Tuesday update window.

Posted on 18 January 2019 | 5:46 am

New Android Malware Apps Use Motion Sensor to Evade Detection

Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research team, infecting thousands of Android users who have

Posted on 18 January 2019 | 5:37 am

773 million email addresses exposed in 'mega data breach' — here's how to see if yours is one of ...

Some managers, like LastPass, allow users to do this easily through a feature called “auto change.” Hunt noted that anyone who doesn't trust a digital ...

Posted on 18 January 2019 | 4:30 am

Hungary's Vulnerability to Cyber-Attacks Up

Hungary was the 38th most vulnerable country during the period, with 27.6 percent of Kaspersky antivirus software users were subject to attacks via ...

Posted on 18 January 2019 | 4:07 am

Microsoft launches Azure DevOps bug bounty program, $20,000 rewards on offer

The Redmond giant is keenly interested in remote code execution and privilege escalation flaws.

Posted on 18 January 2019 | 4:02 am

Authentication Will Soon Be Required To View Chrome OS Saved Passwords

Whether you're using a third-party password manager like LastPass or 1Password, or using built-in password managers in your operating system, ...

Posted on 18 January 2019 | 3:55 am

Facebook Closes Hundreds of 'Inauthentic' Russia-Linked Pages

Facebook announced Thursday that it has removed more than 500 pages, groups and accounts originating in Russia for engaging in what the social network called "coordinated inauthentic behavior."

read more

Posted on 18 January 2019 | 2:49 am

Microsoft Releases KB4480955 Preview of Monthly Rollup for Windows 7

Most likely, the public rollout of next month's Patch Tuesday fixes will include the fix for this glitch. The January 2019 monthly rollup for Windows 7 has ...

Posted on 18 January 2019 | 2:42 am

Bug in Twitter Android App Exposed Protected Tweets

Twitter revealed on Thursday that users of its Android application may have had their supposedly protected tweets made public due to a bug.

read more

Posted on 18 January 2019 | 1:01 am

A Twitter Bug Left Android Users' Private Tweets Exposed For 4 Years

Twitter just admitted that the social network accidentally revealed some Android users' protected tweets to the public for more than 4 years — a kind of privacy blunder that you'd typically expect from Facebook. When you sign up for Twitter, all your Tweets are public by default, allowing anyone to view and interact with your Tweets. Fortunately, Twitter also gives you control of your

Posted on 18 January 2019 | 12:49 am

Most Facebook users aren’t aware that Facebook tracks their interests

Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their traits and interests, which is then used by to target them with relevant ads. The survey According to the results of a new Pew Research Center surveys, which polled a representative sample of US-based, adult Facebook users: 88% discovered that the site had generated … More

The post Most Facebook users aren’t aware that Facebook tracks their interests appeared first on Help Net Security.

Posted on 18 January 2019 | 12:45 am

Mining malware evades agent-based cloud security solutions

Cloud infrastructures are a growing target for threat actors looking to mine cryptocurrency, as their vast computational power allows them to multiply the mining malware’s effect. Keeping its presence from being noticed as long as possible is, naturally, a goal worth striving for and criminals are coming up with new ways to achieve it. One of the approaches, employed by a threat group dubbed Rocke, is to uninstall agent-based cloud security products before downloading the … More

The post Mining malware evades agent-based cloud security solutions appeared first on Help Net Security.

Posted on 18 January 2019 | 12:30 am

New infosec products of the week: January 18, 2019

XebiaLabs launches new DevOps risk and compliance capability for software releases The XebiaLabs DevOps Platform provides a single pane of glass for technical and business stakeholders to track the release chain of custody across the end-to-end CI/CD toolchain, from code to production. And, with visibility into security and compliance issues, teams can take action to ensure that release failure risks, security vulnerabilities, and IT governance violations are resolved early in the software delivery cycle. ExtraHop … More

The post New infosec products of the week: January 18, 2019 appeared first on Help Net Security.

Posted on 18 January 2019 | 12:15 am

Portuguese Hacker Linked to 'Football Leaks' Held in Hungary

A Portuguese hacker said by his lawyers to have played a pivotal role in the Football Leaks whistleblower website was fighting extradition from Hungary to Portugal on Thursday on charges of extortion.

Rui Pinto, 30, was arrested on Wednesday.

read more

Posted on 18 January 2019 | 12:07 am

New requirements for the secure design and development of modern payment software

The PCI Security Standards Council (PCI SSC) published new requirements for the secure design and development of modern payment software. The PCI Secure Software Standard and the PCI Secure Lifecycle (Secure SLC) Standard are part of a new PCI Software Security Framework, which includes a validation program for software vendors and their software products and a qualification program for assessors. The programs will be launched later in 2019. “Innovation in payments is moving at an … More

The post New requirements for the secure design and development of modern payment software appeared first on Help Net Security.

Posted on 18 January 2019 | 12:00 am

Protecting privileged access in DevOps and cloud environments

While security strategies should address privileged access and the risk of unsecured secrets and credentials, they should also closely align with DevOps culture and methods to avoid negatively impacting developer velocity and slowing the release of new services. Example of tools in the DevOps pipeline Despite this, 73 percent of organizations surveyed for the 2018 CyberArk Global Advanced Threat Landscape report have no strategy to address privileged access security for DevOps. Key recommendations The report … More

The post Protecting privileged access in DevOps and cloud environments appeared first on Help Net Security.

Posted on 17 January 2019 | 11:45 pm

Global Antivirus Software Market 2019 - Massive Industry Improvement Till 2025

Global Antivirus Software Market Research Report 2019 aides as a rule Antivirus Software inconspicuous components including the latest examples, ...

Posted on 17 January 2019 | 11:44 pm

Risk managers see cybersecurity as the biggest threat to business

Sword GRC canvassed amost 150 risk managers from highly risk-aware organizations worldwide for their opinions. Overall, cybersecurity was seen as the biggest risk to business by a quarter of organizations. In the UK, Brexit and the resulting potential economic fall-out was cited as the biggest risk to business by 14% of risk managers. The most notable regional variation was in the US where 40% of organizations see cybersecurity as the most threatening risk. The most … More

The post Risk managers see cybersecurity as the biggest threat to business appeared first on Help Net Security.

Posted on 17 January 2019 | 11:30 pm

Amazon Web Services announces AWS Backup

Amazon Web Services released AWS Backup, a backup service that makes it faster and simpler for customers to back up their data across AWS services and on-premises, helping customers meet their business and regulatory backup compliance requirements. AWS Backup makes protecting storage volumes, databases, and file systems easier by giving customers a single service to configure and audit the AWS resources they backup, automate backup scheduling, set retention policies, and monitor recent backups and restores … More

The post Amazon Web Services announces AWS Backup appeared first on Help Net Security.

Posted on 17 January 2019 | 9:30 pm

Immuta expands GRC expertise to help enterprises build data science programs

Immuta revealed that financial services industry veteran Richard Geering has joined as the company’s Vice President of Governance, Risk, and Compliance (GRC), reporting to CEO Matthew Carroll. Richard joins Immuta from the Royal Bank of Canada (RBC), where he served as Chief Operational Risk Officer for Investor and Treasury Services. He brings 25 years of experience in financial services and risk management, with broad domain knowledge in data analytics. Working alongside Immuta’s product and sales … More

The post Immuta expands GRC expertise to help enterprises build data science programs appeared first on Help Net Security.

Posted on 17 January 2019 | 9:00 pm

Advanced Fraud Solutions partners with Q6 Cyber to fight card fraud

Advanced Fraud Solutions and Q6 Cyber unveiled that they have partnered to integrate Q6 data feeds directly into the TrueCards fraud prevention software platform. TrueCards is a tool allowing financial institutions’ fraud teams to monitor card holder transactions for test sites, breaches, and common points of compromise (CPC). Q6 Cyber employs an approach to monitoring the “Digital Underground,” including the DarkWeb and DeepWeb. Leveraging years of law enforcement and intelligence experience in the dark corners … More

The post Advanced Fraud Solutions partners with Q6 Cyber to fight card fraud appeared first on Help Net Security.

Posted on 17 January 2019 | 8:30 pm

Onapsis signs agreement to acquire ERP cybersecurity company Virtual Forge

Onapsis has entered into a definitive agreement to acquire privately-held Virtual Forge, headquartered in Heidelberg, Germany. Onapsis’s platform is the cybersecurity solution that protects the ERP systems and business-critical applications of the world’s largest organizations. Founded in 2006, Virtual Forge is the provider of solutions to prevent, detect and remediate cybersecurity and compliance risks in customizations and extensions of SAP applications. The combination of Onapsis and Virtual Forge will empower customers to have visibility, incident … More

The post Onapsis signs agreement to acquire ERP cybersecurity company Virtual Forge appeared first on Help Net Security.

Posted on 17 January 2019 | 8:00 pm

Hacker behind 'Football Leaks' arrested in Hungary

Hacker is a 30-year-old Portuguese man. Police haven't released his name, but several news outlets claim he's named Rui Pinto, a man they've identified and have been tracking for years.

Posted on 17 January 2019 | 5:08 pm

Twitter bug revealed private tweets for some Android users for almost five years

Some Twitter for Android users had their private tweets exposed to non-followers and search engines.

Posted on 17 January 2019 | 2:40 pm

773M Password ‘Megabreach’ is Years Old

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. A story in The Guardian breathlessly dubbed it "the largest collection ever of breached data found." But in an interview with the apparent seller, KrebsOnSecurity learned that it is not even close to the largest gathering of stolen data, and that it is at least two to three years old.

Posted on 17 January 2019 | 2:11 pm

Ongoing Attacks Hit West African Financial Institutions Since Mid-2017

Cyber-attacks that have been ongoing since at least mid-2017 hit financial institutions in West Africa, Symantec security researchers report.

read more

Posted on 17 January 2019 | 12:40 pm

Online stores for governments and multinationals hacked via new security flaw

Little-known database management tool allowed hackers to take over sites and inject malicious code that steals payment card details.

Posted on 17 January 2019 | 12:35 pm

New Magecart Group Targets French Ad Agency

A new threat actor operating under the “Magecart” umbrella landed a malicious skimmer on hundreds of websites through a supply chain attack, security firms reveal.

read more

Posted on 17 January 2019 | 12:26 pm

773 Million Records Amassed in Massive Data Breach Collection

A newly discovered set of compromised login details contains roughly 773 million email addresses, Australian web security expert Troy Hunt reveals.

read more

Posted on 17 January 2019 | 12:01 pm

Misconfigured Server Leaks Oklahoma Department of Securities Data

A storage server configured for public access was found to expose terabytes of data belonging to the Oklahoma Department of Securities, UpGuard reveals.

read more

Posted on 17 January 2019 | 11:02 am

West African banks hit by multiple hacking waves last year

Banks in Cameroon, Congo (DR), Equatorial Guinea, Ghana, and the Ivory Coast have been hit.

Posted on 17 January 2019 | 10:46 am

Serious Flaws Found in ControlByWeb Industrial Weather Station

Researchers have discovered two potentially serious vulnerabilities in an industrial-grade weather station made by ControlByWeb, a company that specializes in products that allow organizations to remotely monitor and control electrical devices.

read more

Posted on 17 January 2019 | 10:45 am

ERP Security Firm Onapsis Acquires Competitor Virtual Forge

Onapsis, a company specializing in cybersecurity and compliance solutions for enterprise resource planning (ERP) products, on Wednesday announced that it has entered a definitive agreement to acquire competitor Virtual Forge.

read more

Posted on 17 January 2019 | 9:27 am

Some Android GPS apps are just showing ads on top of Google Maps

Apps have been downloaded over 50 million times. Google has failed to removed them, even if they blatantly break their own license.

Posted on 17 January 2019 | 8:13 am

Flaw in Reservation System Impacts Many Airlines

A vulnerability discovered in a reservation system used by hundreds of airlines around the world could expose the details of millions of their customers, researchers warned this week.

read more

Posted on 17 January 2019 | 7:34 am

Oklahoma gov data leak exposes FBI investigation records, millions of department files

Updated: An Oklahoma Department of Securities server allowed anyone to download government files.

Posted on 17 January 2019 | 7:21 am

Facebook removes propaganda network linked to Russian media group Sputnik

Facebook says Sputnik employees ran hundreds of Facebook pages and accounts, some posing as politicians in other countries.

Posted on 17 January 2019 | 5:57 am

Ukrainian Police Arrest 6 Hackers Linked to DDoS and Financial Attacks

Ukrainian Police have this week busted out two separate groups of hackers involved in carrying out DDoS attacks against news agencies and stealing money from Ukrainian citizens, respectively. According to the authorities, the four suspected hackers they arrested last week, all aged from 26 to 30 years, stole more than 5 million Hryvnia (around 178,380 USD) from the bank accounts of Ukrainian

Posted on 17 January 2019 | 3:37 am

Zix acquires AppRiver in $275 million deal

It seems like 2019 is the year to purchase cloud security companies.

Posted on 17 January 2019 | 3:02 am

Unprotected Government Server Exposes Years of FBI Investigations

A massive government data belonging to the Oklahoma Department of Securities (ODS) was left unsecured on a storage server for at least a week, exposing a whopping 3 terabytes of data containing millions of sensitive files. The unsecured storage server, discovered by Greg Pollock, a researcher with cybersecurity firm UpGuard, also contained decades worth of confidential case files from the

Posted on 17 January 2019 | 1:45 am

Drupal Releases Security Updates

Original release date: January 16, 2019

Drupal has released security updates addressing vulnerabilities in Drupal 7.x, 8.5.x, and 8.6.x. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Drupal’s security advisories SA-CORE-2019-001 and SA-CORE-2019-002 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 16 January 2019 | 6:49 pm

Google Chrome extension that steals card numbers still available on Web Store

Fake "Flash Player" extension has been available since February 2018, was installed by roughly 400 users.

Posted on 16 January 2019 | 6:27 pm

Hackers breach and steal data from South Korea's Defense Ministry

Government says hackers breached 30 computers and stole data from 10.

Posted on 16 January 2019 | 1:54 pm

Hackers infect e-commerce sites by compromising their advertising partner

Magecart strikes again, one of the most notorious hacking groups specializes in stealing credit card details from poorly-secured e-commerce websites. According to security researchers from RiskIQ and Trend Micro, cybercriminals of a new subgroup of Magecart, labeled as "Magecart Group 12," recently successfully compromised nearly 277 e-commerce websites by using supply-chain attacks. Magecart

Posted on 16 January 2019 | 12:04 pm

Fortnite Flaws Allowed Hackers to Takeover Gamers' Accounts

Check Point researchers have discovered multiple security vulnerabilities in Fortnite, a massively popular online battle game, one of which could have allowed remote attackers to completely takeover player accounts just by tricking users into clicking an unsuspectable link. The reported Fortnite flaws include a SQL injection, cross-site scripting (XSS) bug, a web application firewall bypass

Posted on 16 January 2019 | 10:35 am

Advertising network compromised to deliver credit card stealing code

Hundreds of online stores confirmed to be impacted, thousands or more under investigation.

Posted on 16 January 2019 | 8:09 am

VOIPO database exposed millions of call and SMS logs, system data

The database was used for development purposes but the data on offer to the public was valid.

Posted on 16 January 2019 | 7:34 am

Flight Booking System Flaw Affected Customers of 141 Airlines Worldwide

Almost half of the fight travelers around the world were found exposed to a critical security vulnerability discovered in online flight ticket booking system that allowed remote hackers to access and modify their travel details and even claim their frequent flyer miles. Israeli network security researcher Noam Rotem discovered the vulnerability when he booked a flight on the Israeli airline

Posted on 16 January 2019 | 6:56 am

NanoCore Trojan is protected in memory from being killed off

If you are infected with this malware, you might find it is more difficult to eradicate than standard Trojans.

Posted on 16 January 2019 | 6:19 am

Fortnite security issue would have granted hackers access to accounts

Check Point recommends that Fortnite players enable two-factor authentication (2FA) for their accounts.

Posted on 16 January 2019 | 4:43 am

Unprotected VOIP Server Exposed Millions of SMS Messages, Call Logs

A California-based Voice-Over-IP (VoIP) services provider VOIPO has accidentally left tens of gigabytes of its customer data, containing millions of call logs, SMS/MMS messages, and plaintext internal system credentials, publicly accessible to anyone without authentication. VOIPo is one of a leading providers of Voice-Over-IP (VoIP) services in the United States offering reseller VoIP, Cloud

Posted on 16 January 2019 | 3:21 am

5 Popular Web Hosting Services Found Vulnerable to Multiple Flaws

A security researcher has discovered multiple one-click client-side vulnerabilities in the some of the world's most popular and widely-used web hosting companies that could have put millions of their customers as well as billions of their sites' visitors at risk of hacking. Independent researcher and bug-hunter Paulos Yibelo, who shared his new research with The Hacker News, discovered roughly

Posted on 16 January 2019 | 1:15 am

“Stole $24 Million But Still Can’t Keep a Friend”

Unsettling new claims have emerged about Nicholas Truglia, a 21-year-old Manhattan resident accused of hijacking cell phone accounts to steal tens of millions of dollars in cryptocurrencies from victims. The lurid details, made public in a civil lawsuit filed this week by one of his alleged victims, paints a chilling picture of a man addicted to thievery and all its trappings. The documents suggest that Truglia stole from his father and even a dead man -- all the while lamenting that his fabulous new wealth brought him nothing but misery.

Posted on 15 January 2019 | 6:52 pm

Oracle Releases January 2019 Security Bulletin

Original release date: January 15, 2019

Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Oracle January 2019 Critical Patch Update and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 15 January 2019 | 4:30 pm

Two Hackers Charged with Hacking SEC System in Stock-Trading Scheme

The U.S. authorities have charged two Ukrainian hackers for hacking into the Securities and Exchange Commission's EDGAR filing system and stealing sensitive market-moving reports of companies before their public release. EDGAR, or Electronic Data Gathering, Analysis, and Retrieval, is an online filing system wherein companies submit their financial filings. The system processes around 1.7

Posted on 15 January 2019 | 1:34 pm

Oracle Critical Patch Update Advisory - January 2019

Posted on 15 January 2019 | 1:30 pm

Reminder: Microsoft to end support for Windows 7 in 1-year from today

A new reminder for those who are still holding on to the Windows 7 operating system—you have one year left until Microsoft ends support for its 9-year-old operating system. So it's time for you to upgrade your OS and say goodbye to Windows 7, as its five years of extended support will end on January 14, 2020—that's precisely one year from today. After that date, the tech giant will no longer

Posted on 15 January 2019 | 9:29 am

36-Year-Old SCP Clients' Implementation Flaws Discovered

A set of 36-year-old vulnerabilities has been uncovered in the Secure Copy Protocol (SCP) implementation of many client applications that can be exploited by malicious servers to overwrite arbitrary files in the SCP client target directory unauthorizedly. Session Control Protocol (SCP), also known as secure copy, is a network protocol that allows users to securely transfer files between a

Posted on 15 January 2019 | 6:32 am

How to Secure Your Mid-Size Organization From the Next Cyber Attack

If you are responsible for the cybersecurity of a medium-sized company, you may assume your organization is too small to be targeted. Well, think again. While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that small and mid-sized companies are experiencing similar threats. According to Verizon’s 2018 Data

Posted on 15 January 2019 | 5:51 am

Unpatched vCard Flaw Could Let Attackers Hack Your Windows PCs

A zero-day vulnerability has been discovered and reported in the Microsoft's Windows operating system that, under a certain scenario, could allow a remote attacker to execute arbitrary code on Windows machine. Discovered by security researcher John Page (@hyp3rlinx), the vulnerability was reported to the Microsoft security team through Trend Micro's Zero Day Initiative (ZDI) Program over 6

Posted on 15 January 2019 | 4:08 am

Does WhatsApp Have A Privacy Bug That Could Expose Your Messages?

In-short conclusion—Whatsapp service or its 45-days deletion policy doesn't seem to have a bug. For detailed logical explanation, please read below. An Amazon employee earlier today tweeted details about an incident that many suggest could be a sign of a huge privacy bug in the most popular end-to-end encrypted Whatsapp messaging app that could expose some of your secret messages under

Posted on 15 January 2019 | 3:00 am

Police Can't Force You To Unlock Your Phone Using Face or Fingerprint Scan

Can feds force you to unlock your iPhone or Android phone? ..."NO" A Northern California judge has ruled that federal authorities can't force you to unlock your smartphone using your fingerprints or other biometric features such as facial recognition—even with a warrant. The ruling came in the case of two unspecified suspects allegedly using Facebook Messenger to threaten a man with the

Posted on 15 January 2019 | 2:17 am

Courts Hand Down Hard Jail Time for DDoS

Seldom do people responsible for launching crippling cyberattacks face justice, but increasingly courts around the world are making examples of the few who do get busted for such crimes. On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against a number of hospitals in 2014. Also last week, a 30-year-old in the United Kingdom was sentenced to 32 months in jail for using an army of hacked devices to crash large portions of Liberia's Internet access in 2016.

Posted on 14 January 2019 | 1:37 pm

DDoSing Hospital Networks Landed This Hacktivist in Jail for Over 10 Years

A simple DDoS attack could land you in jail for 10 years or even more. A Massachusetts man has been sentenced to over 10 years in prison for launching DDoS attacks against the computer network of two healthcare organizations in 2014 to protest the treatment of a teenager at the centers. Beyond serving 121 months in prison, Martin Gottesfeld, 34, was also ordered by U.S. District Judge

Posted on 11 January 2019 | 5:54 am

PyLocky Ransomware Decryption Tool Released — Unlock Files For Free

If your computer has been infected with PyLocky Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search might end here. Security researcher Mike Bautista at Cisco's Talos cyber intelligence unit have released a free decryption tool that makes it possible for victims infected with the PyLocky ransomware to unlock their encrypted files

Posted on 11 January 2019 | 1:11 am

DNS Infrastructure Hijacking Campaign

Original release date: January 10, 2019 | Last revised: January 11, 2019

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling man-in-the-middle attacks.

NCCIC encourages administrators to review the FireEye and Cisco Talos Intelligence blogs on global DNS infrastructure hijacking for more information. Additionally, NCCIC recommends the following best practices to help safeguard networks against this threat:


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 10 January 2019 | 3:13 pm

Secret Service: Theft Rings Turn to Fuze Cards

Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards, a smartcard technology that allows users to store dozens of cards on a single device, the U.S. Secret Service warns.

Posted on 10 January 2019 | 10:27 am

Over 202 Million Chinese Job Seekers' Details Exposed On the Internet

Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of MongoDB, a NoSQL high performance and cross-platform document-oriented database, hosted by an

Posted on 10 January 2019 | 9:31 am

New Systemd Privilege Escalation Flaws Affect Most Linux Distributions

Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the "systemd-journald" service

Posted on 10 January 2019 | 6:18 am

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks. Safe Links has been included by Microsoft in Office 365 as part of its ATP (Advanced Threat Protection

Posted on 10 January 2019 | 5:08 am

Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security

Almost every activity on the Internet starts with a DNS query, a key function of the Internet that works as an Internet's directory where your device looks up for the server IP addresses after you enter a human-readable web address (e.g., thehackernews.com). Since DNS queries are sent in clear text over UDP or TCP without encryption, the information can reveal not only what websites an

Posted on 10 January 2019 | 2:39 am

Turns Out Kaspersky Labs Helped FBI Catch Alleged NSA Leaker

Remember "The Shadow Brokers" and the arrest of a former NSA contractor accused of stealing 50 Terabytes of top secret documents from the intelligence agency? It turns out that, Kaspersky Lab, which has been banned in US government computers over spying fears, was the one who tipped off the U.S. government and helped the FBI catch NSA contractor Harold T. Martin III, unnamed sources familiar

Posted on 10 January 2019 | 1:04 am

Juniper Networks Releases Multiple Security Updates

Original release date: January 09, 2019

Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Juniper’s Security Advisories webpage and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 9 January 2019 | 4:06 pm

Cisco Releases Security Updates

Original release date: January 09, 2019

Cisco has released security updates to address vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.
 
The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 9 January 2019 | 1:27 pm

German Police Seek Help In Finding Parcel Bomber With MAC Address

German police are seeking your help in gathering information related to a MAC address that could lead to the cell phone device used by a DHL blackmailer who last year parceled out bombs at different addresses in Brandenburg and Berlin. Between November 2017 and April 2018, someone used German parcel delivery service DHL to sent out several so-called improvised explosive devices (IEDs) in

Posted on 9 January 2019 | 9:40 am

Patch Tuesday, January 2019 Edition

Microsoft on Tuesday released updates to fix roughly four dozen security issues with its Windows operating systems and related software. All things considered, this first Patch Tuesday of 2019 is fairly mild, bereft as it is of any new Adobe Flash updates or zero-day exploits. But there are a few spicy bits to keep in mind. Read on for the gory details.

Posted on 9 January 2019 | 8:46 am

Get 10 Popular Books To Learn Advanced Hacking [2018 Bundle]

It should come as no surprise that cybersecurity is one of the most important and lucrative fields in the world right now, and it’s becoming more important every day—thanks to a growing number of cyber attacks that are targeting everything from individuals and startups to Fortune 500 companies and entire government agencies. So it should also come as no surprise that demand for talented and

Posted on 9 January 2019 | 4:42 am

Microsoft Releases January 2019 Security Updates

Original release date: January 08, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft’s January 2019 Security Update Summary and Deployment Information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 8 January 2019 | 2:40 pm

Adobe Releases Security Updates

Original release date: January 08, 2019

Adobe has released security updates to address vulnerabilities in Adobe Connect and Adobe Digital Editions. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Advisories APSB19-05 and APSB19-04, and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 8 January 2019 | 11:36 am

Dirt-Cheap, Legit, Windows Software: Pick Two

Buying heavily discounted, popular software from second-hand sources online has always been something of an iffy security proposition. But purchasing steeply discounted licenses for cloud-based subscription products like recent versions of Microsoft Office can be an extremely risky transaction, mainly because you may not have full control over who has access to your data.

Posted on 8 January 2019 | 9:00 am

CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server

Original release date: January 04, 2019

The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security advisories for CVE-2018-8611 and CVE-2018-8626 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 4 January 2019 | 12:34 pm

Apple Phone Phishing Scams Getting Better

A new phone-based phishing scam that spoofs Apple Inc. is likely to fool quite a few people. It starts with an automated call that display's Apple's logo, address and real phone number, warning about a data breach at the company. The scary part is that if the recipient is an iPhone user who then requests a call back from Apple's legitimate customer support Web page, the fake call gets indexed in the iPhone's "recent calls" list as a previous call from the legitimate Apple Support line.

Posted on 3 January 2019 | 1:21 pm

Adobe Releases Security Updates

Original release date: January 03, 2019

Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Adobe Security Bulletin APSB19-02 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 3 January 2019 | 1:08 pm

NRSMiner updates to newer version

More than a year after the world first saw the Eternal Blue exploit in action during the May 2017 WannaCry outbreak, we are still seeing unpatched machines in Asia being infected by malware that uses the exploit to spread. Starting in mid-November 2018, our telemetry reports indicate that the newest version of the NRSMiner cryptominer, […]

Posted on 2 January 2019 | 11:04 pm

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned. The company says its systems were hit by the Ryuk ransomware, the same malware strain that crippled printing and delivery operations for multiple major U.S. newspapers over the weekend.

Posted on 2 January 2019 | 12:32 pm

Happy 9th Birthday, KrebsOnSecurity!

Hard to believe we’ve gone another revolution around the Sun: Today marks the 9th anniversary of KrebsOnSecurity.com! This past year featured some 150 blog posts, but as usual the biggest contribution to this site came from the amazing community of readers here who have generously contributed their knowledge, wit and wisdom in more than 10,000 […]

Posted on 29 December 2018 | 9:51 am

Securing New Devices

Original release date: December 28, 2018

During the holidays, internet-connected devices also known as Internet of Things (IoT) are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of this information, and the security of these devices, is not always guaranteed.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), recommends these important steps you should consider to make your Internet of Things more secure:

Use strong passwords. Passwords are a common form of authentication and are often the only barrier between you and your personal information. Some internet-enabled devices are configured with default passwords to simplify setup. These default passwords are easily found online, so they don't provide any protection. Choose strong passwords to help secure your device. See Choosing and Protecting Passwords for more information.

Evaluate your security settings. Most devices offer a variety of features that you can tailor to meet your needs and requirements. Enabling certain features to increase convenience or functionality may leave you more at risk. It is important to examine the settings, particularly security settings, and select options that meet your needs without putting you at increased risk. If you install a patch or a new version of software, or if you become aware of something that might affect your device, reevaluate your settings to make sure they are still appropriate. See Good Security Habits for more information.

Ensure you have up-to-date software. When manufacturers become aware of vulnerabilities in their products, they often issue patches to fix the problem. Patches are software updates that fix a particular issue or vulnerability within your device’s software. Make sure to apply relevant patches as soon as possible to protect your devices. See Understanding Patches for more information.

Connect carefully. Once your device is connected to the internet, it’s also connected to millions of other computers, which could allow attackers access to your device. Consider whether continuous connectivity to the internet is needed. See Securing Your Home Network for more information.


This product is provided subject to this Notification and this Privacy & Use policy.


Posted on 28 December 2018 | 2:57 pm

Serial Swatter and Stalker Mir Islam Arrested for Allegedly Dumping Body in River

A 22-year-old man convicted of cyberstalking and carrying out numerous bomb threats and swatting attacks -- including a 2013 swatting incident at my home -- was arrested Sunday morning in the Philippines after allegedly helping a friend dump the body of a housemate into a local river.

Posted on 23 December 2018 | 2:24 pm

WordPress 5.0.1 Security Release

WordPress 5.0.1 is now available. This is a security release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. Plugin authors are encouraged to read the 5.0.1 developer notes for information on backwards-compatibility. WordPress versions 5.0 and earlier are affected by the following bugs, which are fixed in version […]

Posted on 12 December 2018 | 9:13 pm

Phishing Campaign targeting French Industry

We have recently observed an ongoing phishing campaign targeting the French industry. Among these targets are organizations involved in chemical manufacturing, aviation, automotive, banking, industry software providers, and IT service providers. Beginning October 2018, we have seen multiple phishing emails which follow a similar pattern, similar indicators, and obfuscation with quick evolution over the course […]

Posted on 26 November 2018 | 7:16 am

Ethics In Artificial Intelligence: Introducing The SHERPA Consortium

In May of this year, Horizon 2020 SHERPA project activities kicked off with a meeting in Brussels. F-Secure is a partner in the SHERPA consortium – a group consisting of 11 members from six European countries – whose mission is to understand how the combination of artificial intelligence and big data analytics will impact ethics […]

Posted on 22 November 2018 | 2:25 am

Spam campaign targets Exodus Mac Users

We’ve seen a small spam campaign that attempts to target Mac users that use Exodus, a multi-cryptocurrency wallet. The theme of the email focuses mainly on Exodus. The attachment was “Exodus-MacOS-1.64.1-update.zip” and the sender domain was “update-exodus[.]io”, suggesting that it wanted to associate itself to the organization. It was trying to deliver a fake Exodus […]

Posted on 2 November 2018 | 12:56 pm

Business Email Compromise: Gift Cards

Posted on 24 October 2018 | 10:00 am

Oracle Critical Patch Update Advisory - October 2018

Posted on 16 October 2018 | 2:30 pm

Cyber Actors Increasingly Exploit The Remote Desktop Protocol to Conduct Malicious Activity

Posted on 27 September 2018 | 9:00 am

Cybercriminals Utilize Social Engineering Techniques To Obtain Employee Credentials To Conduct Payroll Diversion

Posted on 18 September 2018 | 9:00 am

Education Technologies: Data Collection and Unsecured Systems Could Pose Risks to Students

Posted on 13 September 2018 | 9:00 am

Oracle Security Alert for CVE-2018-11776 - 31 August 2018

Posted on 31 August 2018 | 7:00 pm

Value-Driven Cybersecurity

Constructing an Alliance for Value-driven Cybersecurity (CANVAS) launched ~two years ago with F-Secure as a member. The goal of the EU project is “to unify technology developers with legal and ethical scholars and social scientists to approach the challenge of how cybersecurity can be aligned with European values and fundamental rights.” (That’s a mouthful, right?) […]

Posted on 31 August 2018 | 8:20 am

Taking Pwnie Out On The Town

Black Hat 2018 is now over, and the winners of the Pwnie Awards have been published. The Best Client-Side Bug was awarded to Georgi Geshev and Rob Miller for their work called “The 12 Logic Bug Gifts of Christmas.” Georgi and Rob work for MWR Infosecurity, which (as some of you might remember) was acquired by F-Secure […]

Posted on 14 August 2018 | 6:58 am

Oracle Security Alert for CVE-2018-3110 - 10 August 2018

Posted on 10 August 2018 | 2:30 pm

Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims

Posted on 7 August 2018 | 12:00 pm

Cyber Actors Use Internet of Things Devices as Proxies for Anonymity and Pursuit of Malicious Cyber Activities

Posted on 2 August 2018 | 10:00 am

How To Locate Domains Spoofing Campaigns (Using Google Dorks) #Midterms2018

The government accounts of US Senator Claire McCaskill (and her staff) were targeted in 2017 by APT28 A.K.A. “Fancy Bear” according to an article published by The Daily Beast on July 26th. Senator McCaskill has since confirmed the details. And many of the subsequent (non-technical) articles that have been published has focused almost exclusively on […]

Posted on 30 July 2018 | 12:17 pm

Oracle Critical Patch Update Advisory - July 2018

Posted on 17 July 2018 | 2:30 pm

Business E-mail Compromise The 12 Billion Dollar Scam

Posted on 12 July 2018 | 12:00 pm

WordPress 4.9.7 Security and Maintenance Release

WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads […]

Posted on 5 July 2018 | 12:00 pm

Business Email Compromise Contributes To Large Scale Business Losses Nationwide

Posted on 11 June 2018 | 9:30 am

Foreign Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Posted on 25 May 2018 | 8:00 am

Video: Creating Graph Visualizations With Gephi

I wanted to create a how-to blog post about creating gephi visualizations, but I realized it’d probably need to include, like, a thousand embedded screenshots. So I made a video instead.

Posted on 24 May 2018 | 2:50 am

Pr0nbots2: Revenge Of The Pr0nbots

A month and a half ago I posted an article in which I uncovered a series of Twitter accounts advertising adult dating (read: scam) websites. If you haven’t read it yet, I recommend taking a look at it before reading this article, since I’ll refer back to it occasionally. To start with, let’s recap. In my […]

Posted on 4 May 2018 | 5:03 am

Oracle Critical Patch Update Advisory - April 2018

Posted on 17 April 2018 | 2:30 pm

WordPress 4.9.5 Security and Maintenance Release

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented […]

Posted on 3 April 2018 | 2:56 pm

Tech Support Fraud

Posted on 28 March 2018 | 12:00 pm

Marketing “Dirty Tinder” On Twitter

About a week ago, a Tweet I was mentioned in received a dozen or so “likes” over a very short time period (about two minutes). I happened to be on my computer at the time, and quickly took a look at the accounts that generated those likes. They all followed a similar pattern. Here’s an […]

Posted on 16 March 2018 | 4:49 am

How To Get Twitter Follower Data Using Python And Tweepy

In January 2018, I wrote a couple of blog posts outlining some analysis I’d performed on followers of popular Finnish Twitter profiles. A few people asked that I share the tools used to perform that research. Today, I’ll share a tool similar to the one I used to conduct that research, and at the same […]

Posted on 27 February 2018 | 6:07 am

Improving Caching Strategies With SSICLOPS

F-Secure development teams participate in a variety of academic and industrial collaboration projects. Recently, we’ve been actively involved in a project codenamed SSICLOPS. This project has been running for three years, and has been a joint collaboration between ten industry partners and academic entities. Here’s the official description of the project. “The Scalable and Secure […]

Posted on 26 February 2018 | 2:11 am

Increase in W-2 Phishing Campaigns

Posted on 21 February 2018 | 12:00 pm

Searching Twitter With Twarc

Twarc makes it really easy to search Twitter via the API. Simply create a twarc object using your own API keys and then pass your search query into twarc’s search() function to get a stream of Tweet objects. Remember that, by default, the Twitter API will only return results from the last 7 days. However, […]

Posted on 16 February 2018 | 8:33 am

Impersonation of the Internet Crime Complaint Center

Posted on 1 February 2018 | 12:00 pm

NLP Analysis Of Tweets Using Word2Vec And T-SNE

In the context of some of the Twitter research I’ve been doing, I decided to try out a few natural language processing (NLP) techniques. So far, word2vec has produced perhaps the most meaningful results. Wikipedia describes word2vec very precisely: “Word2vec takes as its input a large corpus of text and produces a vector space, typically of several […]

Posted on 30 January 2018 | 6:37 am

NLP Analysis And Visualizations Of #presidentinvaalit2018

During the lead-up to the January 2018 Finnish presidential elections, I collected a dataset consisting of raw Tweets gathered from search words related to the election. I then performed a series of natural language processing experiments on this raw data. The methodology, including all the code used, can be found in an accompanying blog post. […]

Posted on 30 January 2018 | 6:35 am

How To Get Tweets From A Twitter Account Using Python And Tweepy

In this blog post, I’ll explain how to obtain data from a specified Twitter account using tweepy and Python. Let’s jump straight into the code! As usual, we’ll start off by importing dependencies. I’ll use the datetime and Counter modules later on to do some simple analysis tasks. from tweepy import OAuthHandler from tweepy import […]

Posted on 26 January 2018 | 2:35 am

Fraudulent Online Vehicle Sales

Posted on 17 January 2018 | 12:00 pm

How To Get Streaming Data From Twitter

I occasionally receive requests to share my Twitter analysis tools. After a few recent requests, it finally occurred to me that it would make sense to create a series of articles that describe how to use Python and the Twitter API to perform basic analytical tasks. Teach a man to fish, and all that. In […]

Posted on 17 January 2018 | 6:50 am

WordPress 4.9.2 Security and Maintenance Release

WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for […]

Posted on 16 January 2018 | 5:00 pm

Oracle Critical Patch Update Advisory - January 2018

Posted on 16 January 2018 | 1:30 pm

Further Analysis Of The Finnish Themed Twitter Botnet

In a blog post I published yesterday, I detailed the methodology I have been using to discover “Finnish themed” Twitter accounts that are most likely being programmatically created. In my previous post, I called them “bots”, but for the sake of clarity, let’s refer to them as “suspicious accounts”. These suspicious accounts all follow a […]

Posted on 12 January 2018 | 7:52 am

Someone Is Building A Finnish-Themed Twitter Botnet

Finland will hold a presidential election on the 28th January 2018. Campaigning just started, and candidates are being regularly interviewed by the press and on the TV. In a recent interview, one of the presidential candidates, Pekka Haavisto, mentioned that both his Twitter account, and the account of the current Finnish president, Sauli Niinistö had […]

Posted on 11 January 2018 | 9:27 am

Some Notes On Meltdown And Spectre

The recently disclosed Meltdown and Spectre vulnerabilities can be viewed as privilege escalation attacks that allow an attacker to read data from memory locations that aren’t meant to be accessible. Neither of these vulnerabilities allow for code execution. However, exploits based on these vulnerabilities could allow an adversary to obtain sensitive information from memory (such […]

Posted on 9 January 2018 | 8:46 am

WordPress 4.9.1 Security and Maintenance Release

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's […]

Posted on 29 November 2017 | 2:33 pm

Oracle Security Alert for CVE-2017-10269 - 13 November 2017

Posted on 13 November 2017 | 1:30 pm

WordPress 4.8.3 Security Release

WordPress 4.8.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to […]

Posted on 31 October 2017 | 9:20 am

Oracle Security Alert for CVE-2017-10151 - 27 October 2017

Posted on 27 October 2017 | 2:30 pm

Oracle Critical Patch Update Advisory - October 2017

Posted on 17 October 2017 | 2:30 pm

Oracle Security Alert for CVE-2017-9805 - 22 September 2017

Posted on 22 September 2017 | 2:30 pm

WordPress 4.8.2 Security and Maintenance Release

WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this […]

Posted on 19 September 2017 | 5:17 pm

Oracle Critical Patch Update Advisory - July 2017

Posted on 18 July 2017 | 2:30 pm

Oracle Security Alert for CVE-2017-3629

Posted on 19 June 2017 | 2:30 pm

WordPress 4.7.5 Security and Maintenance Release

WordPress 4.7.5 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.4 and earlier are affected by six security issues: Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing. Improper handling of post meta data values in the XML-RPC […]

Posted on 16 May 2017 | 5:39 pm

WordPress Now on HackerOne

WordPress has grown a lot over the last thirteen years – it now powers more than 28% of the top ten million sites on the web. During this growth, each team has worked hard to continually improve their tools and processes. Today, the WordPress Security Team is happy to announce that WordPress is now officially […]

Posted on 15 May 2017 | 11:02 am

Oracle Critical Patch Update Advisory - April 2017

Posted on 18 April 2017 | 2:30 pm

WordPress 4.7.3 Security and Maintenance Release

WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata.  Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick redirect […]

Posted on 6 March 2017 | 11:53 am

Oracle Critical Patch Update Advisory - January 2017

Posted on 17 January 2017 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2016

Posted on 18 October 2016 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2016

Posted on 19 July 2016 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2016

Posted on 19 April 2016 | 2:30 pm

Oracle Security Alert for CVE-2016-0636 - 23 Mar 2016

Posted on 23 March 2016 | 2:30 pm

Oracle Critical Patch Update Advisory - January 2016

Posted on 19 January 2016 | 1:30 pm

Oracle Security Alert for CVE-2015-4852 - 10 November 2015

Posted on 10 November 2015 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2015

Posted on 20 October 2015 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2015

Posted on 14 July 2015 | 2:30 pm

Oracle Security Alert for CVE-2015-3456 - 15 May 2015

Posted on 15 May 2015 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2015

Posted on 14 April 2015 | 2:30 pm

Oracle Security Alert for CVE-2016-0603 - 5 February 2016

Posted on 5 February 2015 | 1:30 pm

Oracle Critical Patch Update Advisory - January 2015

Posted on 20 January 2015 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2014

Posted on 14 October 2014 | 2:30 pm

Oracle Security Alert for CVE-2014-7169 - 26 September 2014

Posted on 26 September 2014 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2014

Posted on 15 July 2014 | 2:30 pm

Oracle Security Alert for CVE-2014-0160 - 18 April 2014

Posted on 18 April 2014 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2014

Posted on 15 April 2014 | 2:30 pm

Oracle Critical Patch Update Advisory - January 2014

Posted on 14 January 2014 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2013

Posted on 15 October 2013 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2013

Posted on 16 July 2013 | 2:30 pm

Oracle Java SE Critical Patch Update Advisory - June 2013

Posted on 18 June 2013 | 2:30 pm

Oracle Java SE Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 2:30 pm

Oracle Security Alert for CVE-2013-1493 - 04 Mar 2013

Posted on 4 March 2013 | 1:30 pm

Updated Release of the Oracle Java SE Critical Patch Update - February 2013

Posted on 19 February 2013 | 1:30 pm

Oracle Java SE Critical Patch Update Advisory - February 2013

Posted on 1 February 2013 | 1:30 pm

Oracle Critical Patch Update Advisory - January 2013

Posted on 15 January 2013 | 1:30 pm

Oracle Security Alert for CVE-2013-0422 - 13 Jan 2013

Posted on 13 January 2013 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 2:26 pm

Oracle Java SE Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 2:26 pm

Oracle Security Alert for CVE-2012-4681 - 30 Aug 2012

Posted on 30 August 2012 | 2:26 pm

Oracle Security Alert for CVE-2012-3132 - 10 Aug 2012

Posted on 10 August 2012 | 2:14 pm

Oracle Critical Patch Update (CPU) Advisory - July 2012

Posted on 19 July 2012 | 5:15 pm

Oracle Java SE Critical Patch Update Advisory - June 2012

Posted on 12 June 2012 | 3:00 pm

Oracle Security Alert for CVE-2012-1675

Posted on 30 April 2012 | 3:01 pm

Oracle Critical Patch Update (CPU) Advisory - April 2012

Posted on 18 April 2012 | 10:40 am

Oracle Java SE Critical Patch Update Advisory - February 2012

Posted on 14 February 2012 | 2:00 pm

Oracle Security Alert for CVE-2011-5035

Posted on 31 January 2012 | 3:20 pm

Oracle Critical Patch Update (CPU) Advisory - January 2012

Posted on 17 January 2012 | 2:44 pm

Oracle Critical Patch Update (CPU) Advisory - October 2011

Posted on 24 October 2011 | 1:33 pm

Oracle Security Alert for CVE-2011-3192

Posted on 15 September 2011 | 4:22 pm

Oracle Critical Patch Update (CPU) Advisory - July 2011

Posted on 19 July 2011 | 5:45 pm

Oracle Java SE Critical Patch Update Advisory - June 2011

Posted on 7 June 2011 | 5:18 pm

Oracle Critical Patch Update (CPU) - April 2011

Posted on 19 April 2011 | 3:00 pm

Oracle Java SE and Java for Business Critical Patch Update Advisory - February 2011

Posted on 15 February 2011 | 4:00 pm

Oracle Critical Patch Update (CPU) - January 2011

Posted on 18 January 2011 | 1:40 pm

Oracle Critical Patch Update (CPU) - October 2010

Posted on 12 October 2010 | 11:07 am

Oracle Critical Patch Update (CPU) - July 2010

Posted on 14 July 2010 | 2:35 pm

Oracle Critical Patch Update (CPU) - April 2010

Posted on 13 April 2010 | 4:01 pm

Oracle Security Alert for CVE-2010-0073 - February 2010

Oracle Security Alert for CVE-2010-0073

Posted on 4 February 2010 | 2:00 pm

Critical Patch Update - January 2010

Posted on 13 January 2010 | 12:05 pm

Critical Patch Update - October 2009

Posted on 20 October 2009 | 10:39 am

Critical Patch Update - July 2009

Posted on 15 July 2009 | 8:00 pm

Critical Patch Update - April 2009

Posted on 14 April 2009 | 5:40 pm

Critical Patch Update - January 2009

Posted on 14 April 2009 | 5:40 pm

Critical Patch Update - October 2008

Posted on 15 October 2008 | 1:53 pm

Critical Patch Update - July 2008

Posted on 15 July 2008 | 3:01 pm

Critical Patch Update - April 2008

Posted on 15 April 2008 | 5:13 pm

Critical Patch Update - January 2008

Posted on 15 January 2008 | 4:55 pm

Critical Patch Update - October 2007

Posted on 16 October 2007 | 3:47 pm

Critical Patch Update - July 2007

Posted on 17 July 2007 | 3:21 pm

Critical Patch Update - April 2007

Posted on 18 April 2007 | 10:57 am

Critical Patch Update - January 2007

Posted on 16 January 2007 | 5:35 pm

Critical Patch Update - October 2006

Posted on 17 October 2006 | 1:37 pm

Critical Patch Update - April 2006

Posted on 18 April 2006 | 3:42 pm

Critical Patch Update - January 2006

Posted on 17 January 2006 | 6:20 pm

Critical Patch Update - January 2005

Posted on 18 October 2005 | 5:28 pm

Critical Patch Update - April 2005

Posted on 18 October 2005 | 5:28 pm

Critical Patch Update - October 2005

Posted on 18 October 2005 | 5:25 pm

Critical Patch Update - July 2005

Posted on 12 July 2005 | 2:46 pm