Zoom Bug Could Have Let Uninvited People Join Private Meetings

If you use Zoom to host your remote online meetings, you need to read this piece carefully. The massively popular video conferencing software has patched a security loophole that could have allowed anyone to remotely eavesdrop on unprotected active meetings, potentially exposing private audio, video, and documents shared throughout the session. Besides hosting password-protected virtual

Posted on 28 January 2020 | 10:08 am

Millions of Devices Using LoRaWAN Exposed to Hacker Attacks

Millions of devices deployed across a wide range of sectors could be exposed to hacker attacks due to security issues associated with the use of LoRaWAN, cybersecurity firm IOActive warned on Tuesday.

read more

Posted on 28 January 2020 | 10:07 am

Data Privacy Day: A Vision for the Future

Original release date: January 28, 2020

January 28 is Data Privacy Day, an annual effort to empower individuals and organizations to respect privacy, safeguard data, and enable trust. This year, the National Cyber Security Alliance (NCSA) is bringing together experts on U.S. and international privacy for A Vision for the Future, an in-depth discussion on new privacy laws and regulations. The NCSA Stay Safe Online website will live stream the January 28 event beginning at 1 p.m. ET. Presentation topics will include how to prepare for and implement recent legislation, such as the California Consumer Privacy Act and the European Union’s General Data Protection Regulation.
 
The Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review NCSA’s tips on updating privacy settings and the following CISA Tips.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 28 January 2020 | 9:53 am

Health Data, Medical Documents Exposed by LabCorp Website Error

The exposed data was primarily related to cancer patients from LabCorp's ... On September 30, the information security team discovered a health ...

Posted on 28 January 2020 | 9:33 am

Ex-TalkTalk director who led cyber security operation after £77m data breach sues over claims ...

A former TalkTalk executive suing the telecoms giant under the equal pay law today described her redundancy from the company as a 'sham'.

Posted on 28 January 2020 | 9:22 am

DEF CON China Conference Postponed Amid Coronavirus Outbreak

The second edition of the DEF CON China hacking conference has been put on hold as the country is fighting the coronavirus outbreak. 

read more

Posted on 28 January 2020 | 9:17 am

UK Still Wary of China Hacking Threat After Limiting Huawei Access

The U.K.'s cyber security watchdog has made clear the threat of being hacked by China remains, but probably not via Huawei Technologies Co.

Posted on 28 January 2020 | 9:11 am

Security Awareness Expert Lance Spitzner to Give Keynote at SANS Minneapolis Cyber Security ...

BETHESDA, Md., Jan. 28, 2020 /PRNewswire/ -- SANS Institute, the global leader in cyber security training and certifications, today announced the ...

Posted on 28 January 2020 | 9:11 am

UK Still Wary of China Hacking Threat After Limiting Huawei Access

The U.K.'s cyber security watchdog has made clear the threat of being hacked by China remains, but probably not via Huawei Technologies Co.

Posted on 28 January 2020 | 9:11 am

Digital Fraud Is An Inside Job

Try wrapping your mind around the price tag of the average corporate data breach at $3.92 million per incident. Then multiply that by the 4.1 billion ...

Posted on 28 January 2020 | 9:00 am

What a ransomware attack on oil and gas could signal

A series of successful ransomware attacks on oil and gas facilities could have ... HSGAC ON THE CYBER BEAT — The Senate Homeland Security ...

Posted on 28 January 2020 | 9:00 am

Cyber insurance policies evolving to meet emerging risks — and premiums reflect it

Cyber insurance policies are mission-critical to protecting the business bottom line as tension increases in the information security landscape.

Posted on 28 January 2020 | 9:00 am

Use These Antivirus and Anti-Malware Apps Instead of Avast

If something is free—especially if it's a complicated something, or something you'd probably have to pay for otherwise—the familiar saying is often ...

Posted on 28 January 2020 | 9:00 am

Use These Antivirus and Anti-Malware Apps Instead of Avast

If something is free—especially if it's a complicated something, or something you'd probably have to pay for otherwise—the familiar saying is often ...

Posted on 28 January 2020 | 9:00 am

Identity Theft Resource Center®'s Annual End-of-Year Data Breach Report Reveals 17 Percent ...

According to the report, the number of U.S. data breaches tracked in 2019 (1,473) increased 17 percent from the total number of breaches reported in ...

Posted on 28 January 2020 | 9:00 am

Akamai Recognized as a January 2020 Gartner Peer Insights Customers' Choice for Web ...

Customers Praise Akamai's WAF Intelligent Edge Security Solutions in Independent Testimonials. Akamai Technologies, Inc., the intelligent edge ...

Posted on 28 January 2020 | 8:48 am

Mobile Anti Malware Market May See Exponential Growth Ahead | Major Giants Symantec, Sophos ...

The Global Mobile Anti Malware Market has witnessed continuous growth in the past few years and is projected to grow even further during the ...

Posted on 28 January 2020 | 8:48 am

China doesn't need a Huawei 'backdoor' to launch a cyber-attack against the UK, experts warn

China has better ways of hitting the UK with a cyber attack than trying to exploit a 'backdoor' in Huawei equipment, UK experts have concluded.

Posted on 28 January 2020 | 8:37 am

Public can weigh in on data privacy, security breaches

If you're a business owner in southeast Wisconsin worried about data breaches, or if you're a consumer that wants to know more about how to keep ...

Posted on 28 January 2020 | 8:37 am

Engaging the Attacker Prior to Impact

Engaging Attackers Prior to Impact Will Significantly Reduce the Overall Operational Risk of Your Networks

read more

Posted on 28 January 2020 | 8:28 am

Cybereason Launches Free Emotet-Locker Tool to Help Global Organizations and Local and State ...

There has been a global spike in Emotet malware attacks in recent months. To help organizations and local and state governments fight back against ...

Posted on 28 January 2020 | 8:26 am

Santa Fe Group Honored for Cyber Security Risk Mgmt (See Video)

The heightened pace of attacks and constant evolution of malware and tactics make it imperative that organizations and agencies be constantly ...

Posted on 28 January 2020 | 8:26 am

AppOmni Raises $10 Million to Help Companies Prevent Cloud Misconfigurations

Software-as-a-Service (SaaS) Security and Management Platform Provider Raises $10 Million in Series A Funding

read more

Posted on 28 January 2020 | 8:21 am

Cybersecurity contracts awarded to Airbus

FRANCE. Airbus CyberSecurity won five contracts with organizations in the industrial, finance, and institutional sectors, some of which are operators of ...

Posted on 28 January 2020 | 8:15 am

International Data Privacy Day: Our predictions for 2020

What better day than today, International Data Privacy Day, to explore what 2020 is likely to have in store for data and privacy? Almost two years ago ...

Posted on 28 January 2020 | 8:15 am

Tripwire and Eaton Technology Partnership Strengthens Cybersecurity Compliance for US Utilities

With this partnership, Tripwire and Eaton are making it easier and faster for U.S. utilities to comply with evolving cybersecurity requirements, including ...

Posted on 28 January 2020 | 8:09 am

The UK's top cyber officials have warned that Huawei has poor cybersecurity and that its processes ...

UK prime minister Boris Johnson has defied President Trump to permit Huawei to provide equipment for the country's 5G networks. Even as the UK ...

Posted on 28 January 2020 | 8:03 am

The UK's top cyber officials have warned that Huawei has poor cybersecurity and that its processes ...

UK prime minister Boris Johnson has defied President Trump to permit Huawei to provide equipment for the country's 5G networks. Even as the UK ...

Posted on 28 January 2020 | 8:03 am

Google Halts Publishing of Paid Chrome Extensions Due to Fraud

After observing an increase in the number of fraudulent transactions, Google over the weekend announced that it halted the publishing of paid items to the Chrome Web Store.

read more

Posted on 28 January 2020 | 7:53 am

CEOs are deleting their social media accounts to protect against hackers

To counter against the threat of cyber attacks, PwC recommends that ... Learning the lessons of the Dixons Carphone breach · In Bezos phone hack, ...

Posted on 28 January 2020 | 7:52 am

WhiteHat Security Joins the National Cyber Security Alliance in Global Effort to Support Data ...

WhiteHat Security, an independent subsidiary of NTT Security and a leading application security provider, has announced its commitment to Data ...

Posted on 28 January 2020 | 7:52 am

WhiteHat Security Joins the National Cyber Security Alliance in Global Effort to Support Data ...

SAN JOSE, Calif.--(BUSINESS WIRE)--WhiteHat Security, an independent subsidiary of NTT Security and a leading application security provider, has ...

Posted on 28 January 2020 | 7:52 am

MTTD and MTTR: Two Metrics to Improve Your Cybersecurity

For any organization to protect itself from cyberattacks and data breaches, it's critical to discover and respond to cyber threats as quickly as possible.

Posted on 28 January 2020 | 7:52 am

Cyber Security 1 AB: Extraordinary General Meeting

Extraordinary General Meeting in Cyber Security 1 AB (Publ). Stockholm Sweden – 28 January 2020, Cyber Security 1 AB (Publ) (“CYBER1” or the ...

Posted on 28 January 2020 | 7:52 am

MTTD and MTTR: Two Metrics to Improve Your Cybersecurity

For any organization to protect itself from cyberattacks and data breaches, it's critical to discover and respond to cyber threats as quickly as possible.

Posted on 28 January 2020 | 7:52 am

WhiteHat Security Joins the National Cyber Security Alliance in Global Effort to Support Data ...

One simple thing you can do is to update your privacy settings by using a helpful tool created by the National Cyber Security Alliance (NCSA).

Posted on 28 January 2020 | 7:52 am

Guardknox Applauded by Frost & Sullivan for Optimizing Automotive Cybersecurity to Help OEMs ...

28, 2020 /PRNewswire/ -- Based on its recent analysis of the global automotive cybersecurity solutions market, Frost & Sullivan recognizes Guardknox ...

Posted on 28 January 2020 | 7:52 am

IntSights Launches Hands-On Security Advisory Services to Train Global Customers in Cybersecurity

Leader in Global Threat Intelligence Offers In-Person Seminars Led by Seasoned Cybersecurity Professionals. NEW YORK, Jan. 28, 2020 ...

Posted on 28 January 2020 | 7:52 am

MTTD and MTTR: Two Metrics to Improve Your Cybersecurity

While there are dozens of metrics available to determine success, there are two key cybersecurity performance indicators every organization should ...

Posted on 28 January 2020 | 7:52 am

Cyber Security 1 AB: Extraordinary General Meeting

Extraordinary General Meeting in Cyber Security 1 AB (Publ). Stockholm Sweden – 28 January 2020, Cyber Security 1 AB (Publ) (“CYBER1” or the ...

Posted on 28 January 2020 | 7:52 am

CEOs are deleting their social media accounts to protect against hackers

Cyber attacks are the are the biggest risk to businesses, with the prospect of falling victim hacking and other cyber crime the threats which the majority ...

Posted on 28 January 2020 | 7:52 am

Senate bill would create state cybersecurity coordinators

A bill that would require the Department of Homeland Security (DHS) to establish a Cybersecurity State Coordinator program was introduced in the ...

Posted on 28 January 2020 | 7:52 am

UK Approves Restricted Huawei Role in 5G Network

Britain on Tuesday greenlighted a limited role for Chinese telecoms giant Huawei in the country's 5G network, but underscored that "high risk vendors" would be excluded from "sensitive" core infrastructure.

read more

Posted on 28 January 2020 | 7:46 am

Critical Windows 10 Browser Flaw Causes Chaos As Users Race To Fix It

Windows Media Player, Microsoft print to PDF and local USB printers are all currently plagued by a critical vulnerability mitigation in the Windows 10 ...

Posted on 28 January 2020 | 7:41 am

Five Cyber Security Resolutions For 2020

It may be hard to believe but we're now firmly into 2020. In a cyber security context, many organisations will be looking back on another year and ...

Posted on 28 January 2020 | 7:41 am

Five Cyber Security Resolutions For 2020

In a cyber security context, many organisations will be looking back on another year and another set of lessons learned in what continues to be a ...

Posted on 28 January 2020 | 7:41 am

Netsurion: Master MSSP Cybersecurity Business Accelerates

The cybersecurity company doubled the number of endpoints under management via MSPs and signed up twice as many partners over the previous ...

Posted on 28 January 2020 | 7:41 am

Five Cyber Security Resolutions For 2020

In a cyber security context, many organisations will be looking back on another year and another set of lessons learned in what continues to be a ...

Posted on 28 January 2020 | 7:41 am

Data Breaches And Security 2020: Five Steps SMBs Can Take To Protect Their Data

When it comes to data security, 2019 was the most expensive year on record. While this reality has impacted companies of every size, small and ...

Posted on 28 January 2020 | 7:30 am

From Banking and Data Security to Compliance: Blockchain Grows Well Beyond its Cryptocurrency ...

Cryptocurrency and blockchain came to the forefront of our imaginations as a technological marriage, seen as a revolution, for digital transactions.

Posted on 28 January 2020 | 7:18 am

LabCorp website bug exposed thousands of medical documents

This latest security lapse was caused by a vulnerability on a part of LabCorp's website, understood to host the company's internal customer ...

Posted on 28 January 2020 | 7:18 am

1 in 10 Macs infected by crude malware that poses as Flash Player update, reports Kaspersky

The Shlayer malware isn't new. Two years ago when researchers discovered it infecting Mac computers they noted that the malware's technique of ...

Posted on 28 January 2020 | 7:18 am

Is Business Ready for an Extinction-level Event? Deloitte Poll Reports Destructive Cyberattacks as ...

From destructive malware to the growing threat of ransomware, attacks like these can propagate quickly and extensively impact an entire enterprise ...

Posted on 28 January 2020 | 7:11 am

Cyber Pirates Are Targeting Business Jets to Steal Valuable Data and Money

Connectivity firms like Satcom, Gogo and Honeywell all offer security measures to protect their jet clients. Satcom reported a 54 percent jump in critical ...

Posted on 28 January 2020 | 7:07 am

Digital Immunity Strengthens its Cybersecurity With Latest Version 3.0 of DI PROTECT™

FREMONT, CA: Digital Immunity, a Cybersecurity organization, is redefining how endpoints are protected with its Bioinformatic based security solution ...

Posted on 28 January 2020 | 7:07 am

Cyber Pirates Are Targeting Business Jets to Steal Valuable Data and Money

Although internet connections on aircraft lagged behind even refrigerators and doorbells for a while, they're pretty much a given now. The secure flow ...

Posted on 28 January 2020 | 7:07 am

Remove Ragnarok ransomware (Free Guide) - Decryption Steps Included

This threat was discovered by a researcher Karsten Hahn in the middle of January and reported by other sources because crypto-malware got ...

Posted on 28 January 2020 | 7:07 am

Cyber attackers eye SA businesses

In addition, July last year saw SA endure the longest running cyber attack ... Malware attacks in SA increased by 22% in the first quarter of 2019 ...

Posted on 28 January 2020 | 7:07 am

Syapse Appoints Kirk Fjeldheim as Chief Information Security Officer

Leading precision medicine company continues to expand its investment in technology and data security. SAN FRANCISCO, Jan. 28, 2020 (GLOBE ...

Posted on 28 January 2020 | 7:04 am

Avast free antivirus has been selling your browsing history to the highest bidder

When you install an antivirus on your computer, you expect it to protect your privacy from external threats. However, if you have used Avast antivirus ...

Posted on 28 January 2020 | 7:04 am

Cisco Launches Industrial IoT Security Solution

Cisco on Tuesday announced the launch of a security solution for the Industrial Internet of Things (IIoT) that is designed to help organizations identify threats across their IT and OT environments.

read more

Posted on 28 January 2020 | 7:01 am

How to protect personal data from online thieves

Doug Streit is the Chief Information Security Officer at Old Dominion University. He says there can be many different red flags that will tip you off to ...

Posted on 28 January 2020 | 7:00 am

Syapse Appoints Kirk Fjeldheim as Chief Information Security Officer

SAN FRANCISCO, Jan. 28, 2020 (GLOBE NEWSWIRE) -- Syapse today announced the appointment of Kirk Fjeldheim as Chief Information Security ...

Posted on 28 January 2020 | 6:56 am

SPCL achieve International Standard ISO 27001:2013 for Information Security Certification

PATIALA: Based on the recently conducted Information Security Management System (ISMS) audit, Punjab State Power Corporation Ltd. (PSPCL) has ...

Posted on 28 January 2020 | 6:56 am

How to protect personal data from online thieves

Doug Streit is the chief information security officer at Old Dominion University. He says there can be many different red flags that will tip you off to ...

Posted on 28 January 2020 | 6:56 am

Avast antivirus accused of selling user data

Cybersecurity firm Avast has been caught selling personal data to third parties. The company seems to have been gathering information about its ...

Posted on 28 January 2020 | 6:56 am

Implementation flaws make LoRaWAN networks vulnerable to attack

"Once the keys are compromised, the LoRaWAN network becomes vulnerable, as the keys are the source of the network's only security mechanism, ...

Posted on 28 January 2020 | 6:53 am

TAG Cyber profiles PortSys zero trust access control

28, 2020 /PRNewswire/ -- TAG Cyber, which provides expert cyber security analysis and guidance for enterprise cyber security teams, features ...

Posted on 28 January 2020 | 6:45 am

Experts On Gedia Automotive Group Hit By Massive Cyber Attack That Shuts Down IT Operations

It has been reported that Gedia Automotive Group has been the victim of a cyber-attack by a gang using ransomware known as Sodinokibi.

Posted on 28 January 2020 | 6:45 am

TAG Cyber profiles PortSys zero trust access control

28, 2020 /PRNewswire/ -- TAG Cyber, which provides expert cyber security analysis and guidance for enterprise cyber security teams, features ...

Posted on 28 January 2020 | 6:45 am

BSides Leeds: Security industry must improve ties with academia

The question of whether the security industry should improve its ties with ... a computer forensics and security student who led a workshop at BSides ...

Posted on 28 January 2020 | 6:45 am

The Cybersecurity 202: Mike Rogers, former Republican House Intel chief, blasts Congress for not ...

“Our world-leading cyber-security experts know more about Huawei than any country in the world – and they are satisfied that with our tough approach ...

Posted on 28 January 2020 | 6:45 am

The Cybersecurity 202: Mike Rogers, former Republican House Intel chief, blasts Congress for not ...

“Our world-leading cyber-security experts know more about Huawei than any country in the world – and they are satisfied that with our tough approach ...

Posted on 28 January 2020 | 6:45 am

Experts On Gedia Automotive Group Hit By Massive Cyber Attack That Shuts Down IT Operations

It has been reported that Gedia Automotive Group has been the victim of a cyber-attack by a gang using ransomware known as Sodinokibi.

Posted on 28 January 2020 | 6:45 am

Experts On Gedia Automotive Group Hit By Massive Cyber Attack That Shuts Down IT Operations

It has been reported that Gedia Automotive Group has been the victim of a cyber-attack by a gang using ransomware known as Sodinokibi.

Posted on 28 January 2020 | 6:45 am

With 5G And IoT, It's A New Day With New Risks

Telecommunications systems are embedded so deeply within the networks of nations across the globe that their security has become paramount.

Posted on 28 January 2020 | 6:33 am

Data Privacy Day 2020: Five Learnings from the Past

This Data Privacy Day 2020, we urge individuals and organizations around the world to learn from the fallout of the mega-breaches of the recent past.

Posted on 28 January 2020 | 6:33 am

When You Can't Stop Every Cyberattack, Try Honeypots

The honeypot is best known as a spy fiction concept. Generally, the term refers to an alluring agent whose job is to draw the attention of the target.

Posted on 28 January 2020 | 6:33 am

Sensational revelation about Avast antivirus software

Avast, the popular antivirus company, is allegedly selling its users' sensitive data to third parties. As per Vice and PCMag, this selling has been taking ...

Posted on 28 January 2020 | 6:33 am

CacheOut/L1DES: New Speculative Execution Attack Affecting Intel CPUs

Intel on Monday informed customers that researchers have identified yet another speculative execution attack method that can be launched against systems that use its processors.

read more

Posted on 28 January 2020 | 6:32 am

5 Security Trends and Predictions to Watch in 2020

As we move into 2020, we could see new AI-modeled malware that evades sandboxing or AI-enabled spear phishing that further increases attacks at ...

Posted on 28 January 2020 | 6:22 am

5 Security Trends and Predictions to Watch in 2020

The 2019 cybersecurity landscape was once again littered with attacks. From the resurgence of ransomware to mega data breaches, cybercriminals ...

Posted on 28 January 2020 | 6:22 am

BREAKING NEWS: Texas Public Utility Commission Allegedly Hacked by Iran

As of 7:38 AM Central, the official Public Utility Commission of Texas (PUCT) website is offline, apparently hacked and defaced by someone claiming ...

Posted on 28 January 2020 | 6:13 am

Maritime industry now a major target for computer cyber attacks

Their computer attacks are threatening vessels and ports that facilitate 95% of all UK trade – totalling around £500 billion. Says Rick Flood, managing ...

Posted on 28 January 2020 | 6:11 am

Huawei: What is 5G's core and why protect it?

The core is distinct from the Radio Access Network (RAN), which is ... The Trump administration's cyber-security chiefs, along with their Australian ...

Posted on 28 January 2020 | 6:11 am

An Avast antivirus reportedly siphoned up browsing data to be sold at a later date

The investigation found that an Avast antivirus was collecting data from users. That data was then used by another Avast subsidiary called Jumpshot ...

Posted on 28 January 2020 | 6:11 am

Suspected Magecart Hackers Arrested in Indonesia

Three men have been arrested in Indonesia in a region-wide crackdown on gangs using the infamous Magecart digital skimming code, according to ...

Posted on 28 January 2020 | 6:11 am

Huawei set for limited role in UK 5G networks

Huawei has always denied that it would help the Chinese government attack one of its clients. The firm's founder has said he would "shut the company ...

Posted on 28 January 2020 | 6:11 am

LoRaWAN networks are spreading but security researchers say beware

IOActive security researchers say LoRaWAN networks are vulnerable to cyber-attacks despite boastful claims about the protocol's security features.

Posted on 28 January 2020 | 6:00 am

New 'Zoom Roulette' Security Warning: Your Video Calls At Risk From Hackers—Here's What You Do

In the cyber world, as elsewhere, bad guys have an annoying tendency to do bad things. And so if you leave yourself open you will be punished.

Posted on 28 January 2020 | 6:00 am

Government Plans New Laws For Smart Gadgets

This is in the face of concerns that many internet-enabled devices lack basic security features. Under the proposed laws, manufacturers would have to:.

Posted on 28 January 2020 | 6:00 am

New UK Government Guide Addresses 'Increasingly Complex' Cybersecurity at Maritime Ports

In other cyber security incidents, port assets have been infected with malware and there has been unintentional jamming or interference with wireless ...

Posted on 28 January 2020 | 6:00 am

New UK Government Guide Addresses 'Increasingly Complex' Cybersecurity at Maritime Ports

In other cyber security incidents, port assets have been infected with malware and there has been unintentional jamming or interference with wireless ...

Posted on 28 January 2020 | 6:00 am

LoRaWAN networks are spreading but security researchers say beware

Security experts have published a report today warning that the new and fast-rising LoRaWAN technology is vulnerable to cyber-attacks and ...

Posted on 28 January 2020 | 6:00 am

New UK Government Guide Addresses 'Increasingly Complex' Cybersecurity at Maritime Ports

In other cyber security incidents, port assets have been infected with malware and there has been unintentional jamming or interference with wireless ...

Posted on 28 January 2020 | 6:00 am

New 'Zoom Roulette' Security Warning: Your Video Calls At Risk From Hackers—Here's What You Do

This is the thinking behind the latest report from the cyber security research team at Check Point, disclosing a vulnerability in the software behind video ...

Posted on 28 January 2020 | 6:00 am

LoRaWAN Encryption Keys Easy to Crack, Jeopardizing Security of IoT Networks

New research from IOActive has found that “blindly” trusting the encryption of the widely adopted device protocol can lead to DDoS, sending of false ...

Posted on 28 January 2020 | 6:00 am

LoRaWAN Encryption Keys Easy to Crack, Jeopardizing Security of IoT Networks

In reality, LoRaWAN encryption keys are easily obtained by a savvy hacker to ... it's the perception that LoRaWAN is inherently secure that makes it so dangerous, ... issues and weaknesses can make these networks easy to hack.”.

Posted on 28 January 2020 | 6:00 am

New 'Zoom Roulette' Security Warning: Your Video Calls At Risk From Hackers—Here's What You Do

In the cyber world, as elsewhere, bad guys have an annoying tendency to do bad things. And so if you leave yourself open you will be punished.

Posted on 28 January 2020 | 6:00 am

Avast Antivirus Subsidiary Sells Highly Sensitive Web Browsing Data To Many World Leading ...

It has been reported that an antivirus program used by hundreds of millions of people around the world is selling highly sensitive web browsing data to ...

Posted on 28 January 2020 | 6:00 am

New plans to safeguard country's telecoms network and pave way for fast, reliable and secure ...

The Prime Minister chaired a meeting of the National Security Council (NSC), where it was agreed that the National Cyber Security Centre (NCSC) ...

Posted on 28 January 2020 | 6:00 am

Avast's free antivirus solution tracks users online to mine data for companies like Microsoft, Pepsi ...

Why it matters: Most people use antivirus software to make sure they get some much needed privacy and security protections while using their PCs ...

Posted on 28 January 2020 | 6:00 am

New UK Government Guide Addresses 'Increasingly Complex' Cybersecurity at Maritime Ports

In other cyber security incidents, port assets have been infected with malware and there has been unintentional jamming or interference with wireless ...

Posted on 28 January 2020 | 6:00 am

LoRaWAN network security 'easily bypassed' due to misconfiguration

IoT networks using the LoRaWAN protocol are often insecure, according to researchers, due to a range of encryption issues and poor configuration ...

Posted on 28 January 2020 | 6:00 am

LoRaWAN Encryption Keys Easy to Crack, Jeopardizing Security of IoT Networks

New research from IOActive has found that “blindly” trusting the encryption of the widely adopted device protocol can lead to DDoS, sending of false ...

Posted on 28 January 2020 | 6:00 am

Zoom Fixes Flaw Opening Meetings to Hackers

NEW ORLEANS – Enterprise video conferencing firm Zoom has issued a bevy of security fixes after researchers said the company's platform used ...

Posted on 28 January 2020 | 6:00 am

Avast Antivirus Subsidiary Sells Highly Sensitive Web Browsing Data To Many World Leading ...

It has been reported that an antivirus program used by hundreds of millions of people around the world is selling highly sensitive web browsing data to ...

Posted on 28 January 2020 | 6:00 am

NordVPN vs. ExpressVPN: Speed, security and price compared

When you're about to commit to a monthly or yearly Virtual Private Network (VPN) subscription, there are three factors to weigh: speed, security, and ...

Posted on 28 January 2020 | 6:00 am

New 'Zoom Roulette' Security Warning: Your Video Calls At Risk From Hackers—Here's What You Do

This is the thinking behind the latest report from the cyber security research team at Check Point, disclosing a vulnerability in the software behind video ...

Posted on 28 January 2020 | 6:00 am

Zoom vulnerability would have allowed hackers to eavesdrop on calls

Cybersecurity research company Check Point Research says in a report out today that it found security flaws in videoconferencing platform Zoom that ...

Posted on 28 January 2020 | 6:00 am

Secure your Google account by turning your iPhone into a physical key

Using your iPhone as a physical security key means that having it nearby also signs you and authenticates you into your Google account on your ...

Posted on 28 January 2020 | 6:00 am

Mac : Shlayer malware infects 10% of macOS computers

Apple Macs are the target of dangerous malware called Slayer. In operation for two years now, this malware managed to contaminate 10% of ...

Posted on 28 January 2020 | 5:51 am

What Experts Say On New UK IoT Legislation

... UK's National Cyber Security Centre (NCSC) and come following a consultation period with information security experts, product manufacturers and ...

Posted on 28 January 2020 | 5:48 am

Court Approves Historic Equifax Data Breach Settlement

The aftermath from one of the largest data breaches in U.S. history is nearing the end, as the presiding judge approved a proposed class action ...

Posted on 28 January 2020 | 5:48 am

Multiple NFL teams attacked by hackers on social media

A group of hackers targeted a total of 15 NFL teams on social media and took control of their Twitter, Facebook, and Instagram accounts. The BBC ...

Posted on 28 January 2020 | 5:48 am

Tissue Regenix hit by cyber attack

"The company is engaged with its third-party IT service provider, the relevant legal authorities and cyber security experts to rectify the incident as ...

Posted on 28 January 2020 | 5:26 am

Tissue Regenix Forced To Take US Systems Offline After Cyber Attack

(Alliance News) - Medical devices maker Tissue Regenix Group PLC on Tuesday said it has halted manufacturing in the US in the short-term after it ...

Posted on 28 January 2020 | 5:26 am

Tissue Regenix hit by cyber security breach

The incident involved unauthorised access to its computer systems and those of its third-party IT service provider in the United States. Investigations ...

Posted on 28 January 2020 | 5:26 am

Why 2020 is a turning point for cybersecurity

Risks related to cybersecurity and data governance are now the top concerns of chief audit executives and corporate boards. This new normal will ...

Posted on 28 January 2020 | 5:26 am

The 10 data privacy fails of the decade – and what we learnt from them

As we enter the 2020s, let's take a look back over the data privacy fails that shaped the previous decade – and what we learnt from them - so we can ...

Posted on 28 January 2020 | 5:26 am

6 Facebook security mistakes to fix on Data Privacy Day

Tuesday is Data Privacy Day, an occasion that should serve as a reminder to spend a few minutes going through your online accounts to ensure your ...

Posted on 28 January 2020 | 5:26 am

Royal Yachting Association Confirms Data Breach

“The affected information included name, email and hashed passwords – the majority held with the salted hash function, which is used to secure ...

Posted on 28 January 2020 | 5:15 am

Data Privacy Day: Gaining and maintaining trust is key for data defenders

Data Privacy Day, like many of the new man-made holidays, can come across as a day dedicated to marketing fodder. However, this does not mean ...

Posted on 28 January 2020 | 5:15 am

Windows 7 definitely won't ever receive any more bug fixes (errm… apart from this one for its ...

Patch Tuesday update for Windows 7 contained a bug. Specifically, if you had chosen to “stretch” the background wallpaper you had chosen for your ...

Posted on 28 January 2020 | 5:03 am

Last week's internet outage due to cyber 'attack,' Chief Information Officer says

An “attack” on the University's network caused a campus-wide internet outage on Jan. 20, affecting various systems and services beginning about 12 ...

Posted on 28 January 2020 | 5:03 am

Chrome Web Store Announces Temporary Shutdown After Wave Of Fraudulent Transactions ...

Chrome Web Store Announces Temporary Shutdown After Wave Of ... any commercial Chrome extensions on the official Chrome Web Store, security ...

Posted on 28 January 2020 | 5:03 am

Last week's internet outage due to cyber 'attack,' Chief Information Officer says

20, Trojan malware created a “denial-of-service attack on a single machine that caused a campus-wide outage of IT resources.” Malware is software ...

Posted on 28 January 2020 | 5:03 am

Last week's internet outage due to cyber 'attack,' Chief Information Officer says

An “attack” on the University's network caused a campus-wide internet outage on Jan. 20, affecting various systems and services beginning about 12 ...

Posted on 28 January 2020 | 5:03 am

Seattle tries out mobile voting

Critics of mobile or online voting, including security experts, believe it opens up the prospect of server penetration attacks, client-device malware, ...

Posted on 28 January 2020 | 4:52 am

The Dream Team: why data security, compliance and privacy come hand in hand

Security, compliance and privacy teams work with and, therefore, understand different pieces of the data puzzle and it is only when they collaborate ...

Posted on 28 January 2020 | 4:52 am

Windows 7 support is dead, but these 7 security tips will still protect your laptop

Most of the major antivirus vendors are not yet ending support for Windows 7 devices, according to independent IT security research institute AV-Test.

Posted on 28 January 2020 | 4:52 am

The Dream Team: why data security, compliance and privacy come hand in hand

This is a guest blogpost by Anthony Di Bello, VP Strategic Development, OpenText. Today's business landscape is littered with valuable data.

Posted on 28 January 2020 | 4:52 am

How to Keep Your Information Safe for Data Privacy Day 2020

January 28, 2020 marks the 13th iteration of Data Privacy Day. An extension of the celebration for Data Protection Day in Europe, Data Privacy Day ...

Posted on 28 January 2020 | 4:52 am

It's 2020 and hacking wallets is still a PR stunt for cryptocurrency startups

According to the terms and conditions, to be eligible for a share of the additional bounty, hackers must submit in “written detail” how they hacked the ...

Posted on 28 January 2020 | 4:52 am

Windows 7 support is dead, but these 7 security tips will still protect your laptop

Windows 7 does have some built-in security protections, but you should also have some kind of third-party antivirus software running to avoid malware ...

Posted on 28 January 2020 | 4:52 am

The Dream Team: why data security, compliance and privacy come hand in hand

This is a guest blogpost by Anthony Di Bello, VP Strategic Development, OpenText. Today's business landscape is littered with valuable data.

Posted on 28 January 2020 | 4:52 am

In Snub to US, Britain Will Allow Huawei in 5G Networks

The government said after Tuesday's meeting of its National Security Council that it is taking some steps that will allow it "to mitigate the potential risk ...

Posted on 28 January 2020 | 4:32 am

Saudi Hackers Target Super Bowl 2020: NFL, Chiefs And 49ers Accounts Compromised

The hackers behind the account hijackings have been named as a Saudi group known as OurMine. The BBC reported that OurMine took responsibility ...

Posted on 28 January 2020 | 4:30 am

Balancing the act of agility and security in healthcare

The WannaCry cyberattack in 2017, which disrupted the NHS along with countless other organisations, was a big wake-up call for the cybersecurity of ...

Posted on 28 January 2020 | 4:30 am

Ring app for Android full to the brim with third-party trackers: report

The EFF claims that the app is sending out vast amounts of customer PII.

Posted on 28 January 2020 | 4:22 am

Cyberbit Range, the Hyper-Realistic Cyber Training Platform, Comes to the Cloud

Cloud-based cyber range will provide access to real-world cyberattack simulation exercises. Cyberbit announced that its world-leading simulation ...

Posted on 28 January 2020 | 4:18 am

Tissue Regenix US manufacturing hit after cyber breach

(Reuters) - Medical products maker Tissue Regenix Group said on Tuesday its computer systems and those of a third-party IT service provider in the ...

Posted on 28 January 2020 | 4:18 am

Persona raises $17.5M for an identify verification platform that goes beyond user IDs and passwords

The proliferation of data breaches based on leaked passwords, and the rising tide of regulation that puts a hard stop on just how much user ...

Posted on 28 January 2020 | 4:18 am

Shlayer macOS malware unleashes ads, involves fake Flash traps

"Many people think that malware only targets Windows and that Macs are safe," said BleepingComputer. Well, you know where that discussion may be ...

Posted on 28 January 2020 | 4:07 am

Remove Kronos malware (Free Instructions) - Removal Guide

Kronos malware – banking trojan that had a few updates since 2014 when it first got released. This malware is the type of virus that pretends to be a ...

Posted on 28 January 2020 | 4:07 am

Persona, The Internet's Identity Verification Layer, Raises $17.5M Led By Coatue, First Round Capital

Persona, the identity verification (IDV) startup on a mission to secure every ... Equifax paid $700M for its data breach and Facebook and Google paid ...

Posted on 28 January 2020 | 4:07 am

Indian Apple users are one of the worst affected by macOS Malware Shlayer: Report

According to a new report, Indians are one of the most affected by the macOS malware called Shlayer. This is one of the most widespread macOS ...

Posted on 28 January 2020 | 4:07 am

In snub to US, Britain will allow Huawei in 5G networks

The government said after Tuesday's meeting of its National Security Council that it is taking some steps that will allow it “to mitigate the potential risk ...

Posted on 28 January 2020 | 3:59 am

16 NFL teams have their social media accounts hijacked by OurMine hacking gang

Yesterday the social media accounts of at least 16 NFL teams were hijacked by a hacking gang with a history of mischievous attacks. The hacking ...

Posted on 28 January 2020 | 3:56 am

Data Privacy Day: Enhance Data Security in 10 Minutes or Less

SCOTTSDALE, Ariz., Jan. 28, 2020 /PRNewswire/ -- In recognition of Data Privacy Day, CyberScout, a global leader in identity theft resolution, data ...

Posted on 28 January 2020 | 3:56 am

TalaTek to Offer Cybersecurity Maturity Model Certification Assessment and Certification Services

TalaTek, an integrated risk management firm, announced that it will offer Cybersecurity Maturity Model Certification (CMMC) assessment and ...

Posted on 28 January 2020 | 3:56 am

2020 Political Campaigns Are Trying To Avoid A 2016-Style Hack

Paranoia is the best strategy for political campaigns when it comes to digital security. After all, who can forget the massive hack of the Hillary Clinton ...

Posted on 28 January 2020 | 3:56 am

Enterprise Antivirus Software Market applications, developments by: Symantec, McAfee, Trend ...

The report estimates 2019-2024 market development trends of Enterprise Antivirus Software industry. The report makes some important proposals for ...

Posted on 28 January 2020 | 3:56 am

Automotive cybersecurity begins with secure ASIC, FPGA and SoC hardware

Is your vehicle secure? Tesla found out the hard way. Hacking typically begins by finding a series of vulnerability issues that create a path through the ...

Posted on 28 January 2020 | 3:56 am

Rocket League Recalls Support to MacOS and Linux, Offers Refund

... a fan of Rocket League and if you own either a Mac or Linux OS. They will no longer support online functionalities in their upcoming and final update ...

Posted on 28 January 2020 | 3:45 am

Cybersecurity Centre of Excellence inaugurated in Hyderabad

Hyderabad: The Cybersecurity Centre of Excellence (CCoE), a joint initiative of Government of Telangana and Data Security Council of India (DSCI) ...

Posted on 28 January 2020 | 3:45 am

Cyber security biggest threat to sector

NCVO's annual Road Ahead report outlines key areas affecting the sector and says cyber security is a top priority for the third sector as many ...

Posted on 28 January 2020 | 3:33 am

Google, Microsoft Buying Your Sensitive Personal Data From Avast Antivirus!

Your antivirus software may or may not protect you as much as you'd expect, but they are slowly becoming a threat to your privacy for sure. A recent ...

Posted on 28 January 2020 | 3:33 am

How eLearning Can Increase Company Cybersecurity Across the Board

Cybersecurity protocol is part and parcel of every business, but many still relegate it to the realm of IT. While it's true that IT and tech staff are mostly in ...

Posted on 28 January 2020 | 3:33 am

Practice Fusion to pay $145m for accepting pharma kickbacks in opioid prescription scam

Updated: Software was used to boost opioid prescriptions on behalf of pharmaceutical companies in a scheme deemed "abhorrent."

Posted on 28 January 2020 | 3:12 am

In-Cloud Malware Analysis and Detection Market 2020: Development, Growth, Key Factors And ...

In-Cloud Malware Analysis and Detection Market research report is the new statistical data source added by Research n Reports. It uses several ...

Posted on 28 January 2020 | 3:00 am

nCipher Security executives comment on Data Privacy Day

It is intended to further educate consumers and businesses about how to best secure data, build trust, and make decisions that foster privacy and ...

Posted on 28 January 2020 | 2:48 am

Hackers Exploited Trend Micro Antivirus Zero-day In Mitsubishi Electric Hack

It now turns out that the attackers exploited a vulnerability in their antivirus program for the attack. Specifically, they exploited a zero-day bug in the ...

Posted on 28 January 2020 | 2:48 am

Hackers Exploited Trend Micro Antivirus Zero-day In Mitsubishi Electric Hack

The Japanese electronics giant Mitsubishi Electric disclosed a hack last week. It now turns out that the attackers exploited a vulnerability in their ...

Posted on 28 January 2020 | 2:48 am

Antivirus maker Avast responds to allegation of selling users' browsing data

Popular antivirus maker Avast on Tuesday responded to a report that its subsidiary Jumpshot had collected users' browsing data and sold them to ...

Posted on 28 January 2020 | 2:48 am

People shocked as Avast antivirus sold user data

New Delhi: After a sensational investigation found that popular Avast antivirus -- installed on nearly 435 millions Windows, Mac and mobile devices ...

Posted on 28 January 2020 | 2:37 am

Report reveals this antivirus program sold users' data to Google, Microsoft

San Francisco: In a sensational revelation, an investigation on Monday claimed that the popular Avast antivirus -- installed on nearly 435 millions ...

Posted on 28 January 2020 | 2:37 am

Interpol operation identifies compromised e-commerce sites

The malware, known as a JavaScript-sniffer, targets online shopping Web sites. According to Interpol, when a Web site is infected, the malware steals ...

Posted on 28 January 2020 | 2:26 am

Avast!: Antivirus or Spyware?

Whenever you think about improving your PC's data security, your mind may wander off to an antivirus program. Of course, not everyone can afford a ...

Posted on 28 January 2020 | 2:15 am

Detect Cyberattacks Early for Business Resiliency

SOAR platforms are the latest security innovation to help organizations thwart cyberattacks and stay secure. Data breaches are new normal, whether ...

Posted on 28 January 2020 | 2:03 am

Data Privacy Day: What It Is, Its Importance, and What It Means for Your Information Security

Data Privacy Day occurs on January 28 every year and is observed primarily in the United States, Canada, European Union, and Israel. However ...

Posted on 28 January 2020 | 1:58 am

Avast Harvesting User Data To Third Parties Including Microsoft, Google

Avast antivirus is one of the popular antiviruses and claims nearly 435 million downloads on Windows, Mac, and even mobile devices worldwide.

Posted on 28 January 2020 | 1:41 am

The Best Windows 10 Antivirus for Home Users

While many consider antivirus products useless software because they can very well stay away from cyber-threats on their own, others prefer to install ...

Posted on 28 January 2020 | 1:30 am

Avast's Free Antivirus Tracks Your Browsing Activity & Sells It For Millions

Jumpshot, an Avast division responsible for selling data, accesses user data from Avast Antivirus' free browser extension. According to the report, ...

Posted on 28 January 2020 | 1:30 am

Saudi hackers deface social media accounts of NFL and 15 of its teams

A group of Saudi-based teenagers hacked social media accounts of the National Football League (NFL) and 15 of its teams, defacing them with ...

Posted on 28 January 2020 | 1:16 am

Cloud-based malware analysis Market 2020: Development, Growth, Key Factors And Forecast to ...

Cloud-based malware analysis Market research report explores the current outlook in global and key regions from the perspective of players, ...

Posted on 28 January 2020 | 1:07 am

The average ransom demand for a REvil ransomware infection is a whopping $260,000

Security researchers sinkhole the REvil ransomware servers and gain an insight into the operation of today's biggest ransomware gang.

Posted on 28 January 2020 | 1:00 am

The Symbiotic, Parasitic Relationship Between Privacy, Security

It has long been the case that good security is essential for good privacy. However, a not-so-recent trend illustrates that, from a technical, legal and ...

Posted on 28 January 2020 | 12:56 am

The average ransom demand for a REvil ransomware infection is a whopping $260000

However, in a report published today and shared with ZDNet, the security team at KPN, a Dutch telecommunications provider, said it was able to ...

Posted on 28 January 2020 | 12:56 am

This antivirus software firm is allegedly selling users' data

NEW DELHI: Antivirus software firm Avast is reportedly selling 'highly sensitive' web browsing data. As reported by Motherboard and PCMag, Avast is ...

Posted on 28 January 2020 | 12:45 am

Anti-virus company Avast has reportedly been selling its 435 million users' browsing data

Avast, a company that makes free antivirus software, which is used by over 435 million users around the globe, has reportedly been selling the web ...

Posted on 28 January 2020 | 12:11 am

Data breach: Why it’s time to adopt a risk-based approach to cybersecurity

The recent high-profile ransomware attack on foreign currency exchange specialist Travelex highlights the devastating results of a targeted cyber-attack. In the weeks following the initial attack, Travelex struggled to bring its customer-facing systems back online. Worse still, despite Travelex’s assurances that no customer data had been compromised, hackers were demanding $6 million for 5GB of sensitive customer information they claim to have downloaded. Providing services to some of the world’s largest banking corporations including HSBC, … More

The post Data breach: Why it’s time to adopt a risk-based approach to cybersecurity appeared first on Help Net Security.

Posted on 27 January 2020 | 11:30 pm

Hackers Take Over NFL Teams Twitter Accounts One Week Before Super Bowl

The Twitter accounts of approximately 15 NFL teams got hacked a few hours ago by who appears to be Saudi Arabia-based hacking group OurMine.

Posted on 27 January 2020 | 11:26 pm

Data breach: Why it's time to adopt a risk-based approach to cybersecurity

With cybercriminals representing a persistent risk to enterprise wellbeing, it's little wonder that CEOs, CFOs, CISOs and CIOs now view cybersecurity ...

Posted on 27 January 2020 | 11:26 pm

Accessing Your Student Link Data Will Take a New Extra Step

Duo Security, the new sentry guarding student information, has been used for six years by University employees when accessing BUworks, which ...

Posted on 27 January 2020 | 11:26 pm

How to detect and prevent issues with vulnerable LoRaWAN networks

IOActive researchers found that the LoRaWAN protocol – which is used across the globe to transmit data to and from IoT devices in smart cities, Industrial IoT, smart homes, smart utilities, vehicle tracking and healthcare – has a host of cyber security issues that could put network users at risk of attack. Such attacks could cause widespread disruption or in extreme cases even put lives at risk. Session Keys and Functions in LoRaWAN v1.0.3 Vulnerable … More

The post How to detect and prevent issues with vulnerable LoRaWAN networks appeared first on Help Net Security.

Posted on 27 January 2020 | 11:25 pm

Security Firm Cloudfare Provided Protection to Child Pornography Sites, Report Says

Network security behemoth Cloudflare may have to rethink its policy of taking on all customers after a report highlighted that the company is helping ...

Posted on 27 January 2020 | 11:03 pm

Interpol uncovers cyber crime operation in Indonesia

Dubbed Operation Night Fury, the operation was conducted with the support of cyber security firm Group-IB, which provided data on the reach of the ...

Posted on 27 January 2020 | 11:03 pm

Interpol uncovers cyber crime operation in Indonesia

An Interpol-coordinated cyber operation against a strain of malware targeting e-commerce websites has identified hundreds of compromised websites ...

Posted on 27 January 2020 | 11:03 pm

Good Guy Microsoft: Free Fix for Windows 7 Confirmed

... hasn't provided any specifics as to when this patch could go live, but there's a chance it would get the go-ahead the next Patch Tuesday which takes ...

Posted on 27 January 2020 | 11:03 pm

What to watch for in cybersecurity this year

Cybersecurity in the insurance industry is more than just a must-have — it's an absolute necessity. Without it, whole systems are at risk of crashing ...

Posted on 27 January 2020 | 11:03 pm

Security risks for e-scooters and riders exposed

Micromobility vehicles, such as e-scooters, zip in and out of traffic. For this reason, micromobility is seen as an alleviating trend to help tackle traffic congestion. However, a research out of UTSA finds e-scooters have risks beyond the perils of potential collisions. Computer science experts at UTSA have published the first review of the security and privacy risks posed by e-scooters and their related software services and applications. “We were already investigating the risks posed … More

The post Security risks for e-scooters and riders exposed appeared first on Help Net Security.

Posted on 27 January 2020 | 11:00 pm

School Board Association to help JSASD find superintendent

Under personnel, the board approved job descriptions for the following positions: network-computer technician; security guard and event staff. All were ...

Posted on 27 January 2020 | 10:52 pm

Saudi hackers deface social media accounts of NFL, 15 teams

San Francisco, Jan 28 (IANS) A group of Saudi-based teenagers hacked social media accounts of the National Football League (NFL) and 15 of its ...

Posted on 27 January 2020 | 10:41 pm

52% of companies use cloud services that have experienced a breach

Seventy-nine percent of companies store sensitive data in the public cloud, according to a McAfee survey. Anonymized cloud event data showing percentage of files in the cloud with sensitive data While these companies approve an average of 41 cloud services each, up 33 percent from last year, thousands of other services are used ad-hoc without vetting. In addition, 52 percent of companies use cloud services that have had user data stolen in a breach. By … More

The post 52% of companies use cloud services that have experienced a breach appeared first on Help Net Security.

Posted on 27 January 2020 | 10:30 pm

Top 10 Cybersecurity Newsletters You Should Subscribe To Stay Updated

To help you keep informed about cybersecurity, Analytics India Magazine has curated the top cybersecurity newsletter that one can subscribe.

Posted on 27 January 2020 | 10:30 pm

Benefits of blockchain pilot programs for risk management planning

Through 2022, 80% of supply chain blockchain initiatives will remain at a proof-of-concept (POC) or pilot stage, according to Gartner. One of the main reasons for this development is that early blockchain pilots for supply chain pursued technology-oriented models that have been successful in other sectors, such as banking and insurance. However, successful blockchain use cases for supply chain require a different approach. “Modern supply chains are very complex and require digital connectivity and agility … More

The post Benefits of blockchain pilot programs for risk management planning appeared first on Help Net Security.

Posted on 27 January 2020 | 10:00 pm

Facebook blames Apple iOS for Jeff Bezos' phone hacking, claims WhatsApp is unhackable

In an interview to the BBC last week, Facebook's VP of Global Affairs and Communications, Nick Clegg said it wasn't WhatsApp's fault because ...

Posted on 27 January 2020 | 9:00 pm

$250K Bitcoin Bounty Offered for Cold Wallet Hack

GK8, a high-security custody solution for cryptocurrency firm, is offering a Bitcoin bounty of up to US$250,000 for hacking their new cold wallet.

Posted on 27 January 2020 | 8:40 pm

Security Compass enables CSPs to set up and develop their FedRAMP initiatives

Security Compass, a software security company that provides organizations with technology to make software secure, has introduced feature enhancements to SD Elements that enable cloud service providers (CSPs) to set up and develop their Federal Risk and Authorization Management Program (FedRAMP) continuous compliance initiatives in a coherent and structured way. Available now, SD Elements customers will automatically receive FedRAMP reporting capabilities supported by new FedRAMP content in the knowledgebase, and SD Elements tasks with additional … More

The post Security Compass enables CSPs to set up and develop their FedRAMP initiatives appeared first on Help Net Security.

Posted on 27 January 2020 | 8:30 pm

Jeff Bezos Phone Hack: Facebook Blames iOS for its Hacking

Facebook has blamed Apple's operating system such as its hacking of Amazon Founder and CEO Jeff Bezos' telephone, stating WhatsApp's ...

Posted on 27 January 2020 | 8:22 pm

Cisco’s first Cybersecurity Co-Innovation Center in Europe opens in Milan

Cisco‘s first Cybersecurity Co-Innovation Center in Europe opened its doors in Milan at the Leonardo da Vinci Science and Technology Museum. The center was inaugurated in the presence of Paola Pisano, Minister for Technological Innovation and Digitization; Roberto Baldoni, Deputy Director General of DIS (Prime Ministerial Department of Security Information); and Giuseppe Sala, Mayor of Milan. Cisco Chairman and CEO Chuck Robbins gave the inaugural address, joined by the CEO of Cisco Italy, Agostino Santoni, … More

The post Cisco’s first Cybersecurity Co-Innovation Center in Europe opens in Milan appeared first on Help Net Security.

Posted on 27 January 2020 | 8:00 pm

Interpol Arrests Possible Magecart Attackers in Indonesia

Sanguine Security also identified the suspects as being part of the Magecart family because the malware used in their attacks communicated with the ...

Posted on 27 January 2020 | 7:52 pm

Pentagram Rebrands Dashlane

Pentagram recently designed the new branding for Dashlane, a cross-platform password manager and digital wallet application. The new look is a ...

Posted on 27 January 2020 | 7:52 pm

Avast Explains Cybersecurity AI at Enigma Conference | Avast

After finding a new malware sample, our products are automatically updated with new models, providing crucial, up-to-the-second protection ...

Posted on 27 January 2020 | 7:41 pm

Cybraics partners with AVANT to expand reach of its AI-backed threat detection services

Cybersecurity and analytics firm Cybraics announced a partnership with AVANT, an IT decision-making platform for next-generation technologies, further expanding the reach of the company’s artificial intelligence-backed threat detection services. “We are excited to partner with AVANT to offer our advanced threat detection services throughout their nationwide network of Trusted Advisors,” said Nate Grinnell, Vice President of Sales, Cybraics. “Robust cybersecurity practices are essential for the health of all companies, but many still have limited resources … More

The post Cybraics partners with AVANT to expand reach of its AI-backed threat detection services appeared first on Help Net Security.

Posted on 27 January 2020 | 7:30 pm

OurMine Hackers Are Back, Hijack NFL Teams' Social Accounts

It looks like the OurMine crew is back and they're on a hacking spree, taking brief control of the social media accounts of high-profile individuals.

Posted on 27 January 2020 | 7:07 pm

DEF CON China conference put on hold due to coronavirus outbreak

DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.

Posted on 27 January 2020 | 7:02 pm

Alfresco and Tech Mahindra collaborate on four jointly-developed insurance solutions

Alfresco Software, an open source content, process and governance software company, and Tech Mahindra, a leading provider of digital transformation, consulting and re-engineering services and solutions, announced collaboration on four jointly-developed, transformative insurance solutions. The collaboration combines Tech Mahindra’s insurance expertise and experience in the insurance industry with Alfresco’s powerful Digital Business Platform to create solutions for risk management, automated underwriting, a self-learning chatbot, and intelligent claims handling. Gautam Bhasin, Global Head – Banking, Financial … More

The post Alfresco and Tech Mahindra collaborate on four jointly-developed insurance solutions appeared first on Help Net Security.

Posted on 27 January 2020 | 7:00 pm

Russian hacker behind an elite crime forum pleads guilty to multiple charges

Last week, a well-connected Russian cybercrime boss, Aleksei Burkov, pleaded guilty to running an online criminal marketplace and a site that sold ...

Posted on 27 January 2020 | 6:56 pm

Prescott Valley police warn of scammers pretending to be APS workers

Do not click on any links or attachments—they could contain malware that will infect your computer and steal your personal information. • If asked for ...

Posted on 27 January 2020 | 6:56 pm

Fake Flash Update Trojan Is Infecting Mac Computers

This is a malware that disguises itself as a Flash Player update. It will prompt users to install the latest update, but in reality, it will install a trojan on the ...

Posted on 27 January 2020 | 6:33 pm

SecureLink announces distribution partnership with ShiftLeft for GCC and Egypt

SecureLink, a risk advisory firm based in Dubai and part of the StarLink group, the region’s “True” Value-Added-Distributor (VAD), announced signing a distribution partnership with ShiftLeft for GCC and Egypt. ShiftLeft is the fastest and most accurate application security testing product in the industry. It integrates directly into DevOps pipelines via pull request or build, and it can analyze 500,000 lines of code in under 10 minutes. This enables AppSec teams to insert security into … More

The post SecureLink announces distribution partnership with ShiftLeft for GCC and Egypt appeared first on Help Net Security.

Posted on 27 January 2020 | 6:30 pm

IE and FIREFOX-Patching nightmare begins in 2020…

... users to a known vulnerability in the browser's scripting engine and admitted that a patch was unlikely before next month's Patch Tuesday release.

Posted on 27 January 2020 | 4:30 pm

4 Ways to Minimize the Threat of a Phishing Attack

Now that we've seen the treacherous nature of data breaches, malware, and other hacking threats, it's an organization's responsibility to respond to ...

Posted on 27 January 2020 | 2:15 pm

Hackers hijack social media accounts for the NFL and 15 teams

UPDATED: OurMine crew hijacks social media accounts for the NFL, the 49ers, Cardinals, Bears, Bills, Broncos, Browns, Bucs, Cowboys, Colts, Chiefs, Eagles, Giants, Packers, Texans, and Vikings.

Posted on 27 January 2020 | 1:58 pm

Rui Pinto: Hacker Who Targeted Football and Angola's 'Princess'

Prosecutors in Portugal have denounced him as a criminal hacker, but his supporters describe the man behind the "Luanda Leaks" revelations as a public interest whistleblower.

read more

Posted on 27 January 2020 | 1:42 pm

Who Got Hacked This Week? January 27 Edition

In order to prevent getting hacked in the future, you need to understand who got hacked in the past. Cyber security is a constantly evolving threat to ...

Posted on 27 January 2020 | 1:41 pm

Attacks on ADC Ramp Up as Citrix Releases Remaining Patches

Citrix has released the full set of patches for the recently disclosed security flaw tracked as CVE-2019-19781, but attacks on vulnerable systems are ramping up.

read more

Posted on 27 January 2020 | 1:38 pm

Taking the next step in your application security program

... problems such as unsafe function use, race conditions, buffer overflows, and input validation errors that allow for attacks such as SQL injection.

Posted on 27 January 2020 | 1:18 pm

6 fast ways to protect your computer from scammers, according to the FTC

If you're reading this, then you're probably aware that the internet is not a safe place. The threat of identity theft, hacking, and scamming is there ...

Posted on 27 January 2020 | 12:56 pm

German Privacy Watchdog Investigates Clothing Retailer H&M

A German privacy watchdog says it has opened an investigation into clothing retailer H&M amid evidence that the Swedish retailer had committed “massive data protection breaches” by spying on its customer service representatives in Germany.

read more

Posted on 27 January 2020 | 12:50 pm

This Is What Hacking an iPhone Actually Looks Like + Hidden Details

TheMacMan added that they've worked in computer forensics for 10 years and have helped create hacking tools used by law enforcement. ... that those tools actually lacked a required component that could actually hack an iPhone.

Posted on 27 January 2020 | 12:45 pm

Russian Cybercrime Boss Burkov Pleads Guilty

Aleksei Burkov, an ultra-connected Russian hacker once described as "an asset of supreme importance" to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.

Posted on 27 January 2020 | 12:21 pm

Three Magecart Hackers Arrested in Indonesia

Three individuals suspected of being involved in Magecart online skimming attacks were arrested late last year in Indonesia.

read more

Posted on 27 January 2020 | 11:26 am

Lessons Learned From 2016, but U.S. Faces New Election Threats

It’s been more than three years since Russia’s sweeping and systematic effort to interfere in U.S. elections through disinformation on social media, stolen campaign emails and attacks on voting systems. U.S. officials have made advances in trying to prevent similar attacks from undermining the 2020 vote, but the potential threats have increased and some old problems have not been addressed. A look at what has changed since 2016 and what has not.

read more

Posted on 27 January 2020 | 10:33 am

Indian People Gets Most Affected By “Shlayer”, Most Widespread MacOS Threat

Top countries where users have been affected by the threat include the US (31 ... They also found a flaw that allowed hackers to “create a persistent ...

Posted on 27 January 2020 | 10:18 am

Black wallpaper bug from Windows 7's 'final' update will get fixed

After installing the KB4534310 update on Patch Tuesday, many users complained that their wallpaper turned black. While some forum-goers were ...

Posted on 27 January 2020 | 9:56 am

World Economic Forum on Securing the Aviation Industry in the Age of Convergence

Aviation Cybersecurity

World Economic Forum Calls for Global Collaboration to Enhance Cyber Resilience in the Aviation Industry

read more

Posted on 27 January 2020 | 9:46 am

Windows 7 has one more update in store for everyone

... the exact date for the update has not been confirmed, it is likely that Windows 7 might see the promised update on February 11 on Patch Tuesday.

Posted on 27 January 2020 | 9:33 am

RCE Exploit for Windows RDP Gateway Demoed by Researcher

A remote code execution (RCE) exploit for Windows Remote Desktop Gateway (RD Gateway) was demoed by InfoGuard AG penetration tester Luca ...

Posted on 27 January 2020 | 9:11 am

RCE Exploit for Windows RDP Gateway Demoed by Researcher

... remote code execution rated by Redmond as critical, and they were patched by Microsoft on January 14, as part of the January Patch Tuesday.

Posted on 27 January 2020 | 9:11 am

NSA Shares Guidance on Mitigating Cloud Vulnerabilities

The U.S. National Security Agency (NSA) has published advice on mitigating cloud vulnerabilities. While the advice is primarily designed for government agencies and departments, it nevertheless contains good advice for any commercial organization considering or embarking on -- or already deployed in -- a cloud environment.

read more

Posted on 27 January 2020 | 9:01 am

RHEL 8 Still Vulnerable to “Magellan 2” SQLite Bugs, as Patches Drop

While Tencent says it hasn't seen exploits in the wild and Computer Business Review has yet to see a proof-of-concept of the attack* – which if ...

Posted on 27 January 2020 | 8:37 am

Huawei and Supply Chain Security - The Great Geopolitical Debate

Huawei and Protecting the Supply Chain

read more

Posted on 27 January 2020 | 8:23 am

Windows 7 died without will and estate plan

Those oft-neglected patches, updates, privacy and security settings, backup and ... a moment, most home users are familiar with either Microsoft or Apple's OS. ... Moving or upgrading to a supported version of an operating system or ...

Posted on 27 January 2020 | 7:41 am

Trend Micro OfficeScan Flaw Apparently Exploited in Mitsubishi Electric Hack

A cyberattack disclosed recently by Mitsubishi Electric, which resulted in hackers gaining access to the company’s network and stealing corporate data, likely involved exploitation of a vulnerability in Trend Micro’s OfficeScan product.

read more

Posted on 27 January 2020 | 7:20 am

Fortinet removes SSH and database backdoors from its SIEM product

Patches have been released for CVE-2019-17659 and CVE-2019-16153.

Posted on 27 January 2020 | 7:14 am

Ex-Spotify exec Jackie Jantos joins Dashlane as company names AOR and begins major ...

New York and Paris-based identity protection company Dashlane has tapped former Spotify VP-Global Brand and Creative Jackie Jantos as VP of ...

Posted on 27 January 2020 | 7:08 am

PoC Exploits Created for Recently Patched 'BlueGate' Windows Server Flaws

Proof-of-concept (PoC) exploits have been released for two recently patched Remote Desktop Gateway vulnerabilities that can be exploited for remote code execution.

read more

Posted on 27 January 2020 | 6:49 am

Cybersecurity: A guide for parents to keep kids safe online

Cybersecurity, cyberbullying, and mobile devices can be a minefield -- so here is a guide to take the stress out of cyberspace for parents.

Posted on 27 January 2020 | 6:47 am

Microsoft will release another Windows 7 update for everyone

... choice will apply to the desktop. Windows 7 could theoretically get a fix on February 11 when Microsoft will be delivering Patch Tuesday updates.

Posted on 27 January 2020 | 5:49 am

Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks

The Indonesian National Police in a joint press conference with Interpol and cybersecurity firm Group-IB earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers. Dubbed 'Operation Night Fury,' the investigation was led by Interpol's ASEAN Cyber

Posted on 27 January 2020 | 5:48 am

The US Army uses facial recognition to train AI. Now, it needs to protect it

As facial recognition use ramps up despite its controversy, the technology is being applied in the military realm.

Posted on 27 January 2020 | 3:55 am

Magecart gang arrested in Indonesia

First-ever arrest of a Magecart hacker gang.

Posted on 27 January 2020 | 3:51 am

Trump, Johnson Talk Security Ahead of Huawei Decision

Prime Minister Boris Johnson discussed telecoms security with US President Donald Trump as he prepares to announce if Britain will use China's Huawei in its 5G networks, officials said Saturday.

read more

Posted on 25 January 2020 | 8:43 am

The Chrome Web Store is currently facing a wave of fraudulent transactions

Google temporarily suspends publishing and updating of paid Chrome extensions following a spike in fraudulent transactions.

Posted on 25 January 2020 | 7:48 am

Cisco Webex Vulnerability Exploited to Join Meetings Without a Password

Cisco on Friday informed customers that it has patched a vulnerability that allowed unauthorized users to join password-protected Webex meetings. Cisco said the flaw had been exploited.

read more

Posted on 25 January 2020 | 6:36 am

Mozilla has banned nearly 200 malicious Firefox add-ons over the last two weeks

Mozilla's security staff is cracking down on malicious Firefox add-ons.

Posted on 25 January 2020 | 2:00 am

Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Hackers exploited a Trend Micro OfficeScan zero-day to plant malicious files on Mitsubishi Electric servers.

Posted on 24 January 2020 | 2:51 pm

Cisco Releases Security Updates

Original release date: January 24, 2020

Cisco has released security updates to address a vulnerability affecting Cisco Webex Meetings Suite and Cisco Webex Meetings Online. A remote attacker could exploit this vulnerability to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Cisco Security Advisory cisco-sa-20200124-webex-unauthjoin for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 24 January 2020 | 11:21 am

Class-action lawsuit filed against controversial Clearview AI startup

Plaintiffs claim New York startup broke Illinois privacy laws regarding the use of residents' biometrics data.

Posted on 24 January 2020 | 11:05 am

Does Your Domain Have a Registry Lock?

If you're running a business online, few things can be as disruptive or destructive to your brand as someone stealing your company's domain name and doing whatever they wish with it. Even so, most major Web site owners aren't taking full advantage of the security tools available to protect their domains from being hijacked. Here's the story of one recent victim who was doing almost everything possible to avoid such a situation and still had a key domain stolen by scammers.

Posted on 24 January 2020 | 10:37 am

NSA Releases Guidance on Mitigating Cloud Vulnerabilities

Original release date: January 24, 2020

The National Security Agency (NSA) has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud vulnerabilities, and potential mitigation measures.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators and users to review NSA's guidance on Mitigating Cloud Vulnerabilities and CISA’s page on APTs Targeting IT Service Provider Customers and Analysis Report on Microsoft Office 365 and other Cloud Security Observations for information on implementing a defense-in-depth strategy to protect infrastructure assets.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 24 January 2020 | 8:47 am

Hackers target unpatched Citrix servers to deploy ransomware

REvil ransomware gang has been spotted abusing Citrix bug to infect victims.

Posted on 24 January 2020 | 8:10 am

Privacy worries cited as possible reason for DNA test firm 23andMe's sales downturn

It may be no surprise considering US law enforcement was recently granted permission to plunder DNA databases.

Posted on 24 January 2020 | 7:39 am

Citrix releases new patches to plug critical server vulnerability

Additional versions of Citrix ADC and Citrix Gateway can now be protected against the severe security issue.

Posted on 24 January 2020 | 5:58 am

Owner of stolen data marketplace Cardplanet pleads guilty

The trading post was a hotbed of stolen US credit card information.

Posted on 24 January 2020 | 4:47 am

Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards

Image credit: Times of Israel. Aleksei Burkov, a 29-year-old Russian hacker, on Thursday pleaded guilty to multiple criminal charges for running two illegal websites that helped cyber criminals commit more than $20 million in credit card fraud. The first website Burkov operated was an online marketplace for buying and selling stolen credit card and debit card numbers—called Cardplanet—which

Posted on 24 January 2020 | 3:51 am

Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack

Citrix has finally started rolling out security patches for a critical vulnerability in ADC and Gateway software that attackers started exploiting in the wild earlier this month after the company announced the existence of the issue without releasing any permanent fix. I wish I could say, "better late than never," but since hackers don't waste time or miss any opportunity to exploit

Posted on 24 January 2020 | 1:05 am

New York state wants to ban government agencies from paying ransomware demands

Another NY Senate bill would create a cyber security enhancement fund and restricting the use of taxpayer moneys in paying ransoms

Posted on 23 January 2020 | 3:26 pm

Citrix Releases Security Updates for SD-WAN WANOP

Original release date: January 23, 2020

Citrix has released security updates to address the CVE-2019-19781 vulnerability in Citrix SD-WAN WANOP. An attacker could exploit this vulnerability to take control of an affected system. Citrix has also released an Indicators of Compromise Scanner that aims to identify evidence of successful exploitation of CVE-2019-19781.

The Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends users and administrators review the Citrix Security Bulletin CTX267027 and apply the necessary updates. CISA also recommends users and administrators:

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 23 January 2020 | 3:20 pm

MDhex vulnerabilities impact GE patient vital signs monitoring devices

GE Healthcare plans to release patches in Q2 2020.

Posted on 23 January 2020 | 12:34 pm

Cisco Releases Security Updates

Original release date: January 23, 2020

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

 

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 23 January 2020 | 10:45 am

250 Million Microsoft Customer Support Records Exposed Online

If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million "Customer Service and Support" (CSS) records on the Internet due to a misconfigured server containing logs of conversations between its support

Posted on 23 January 2020 | 2:36 am

Apple Addresses iPhone 11 Location Privacy Concern

Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month.

Posted on 22 January 2020 | 5:14 pm

Increased Emotet Malware Activity

Original release date: January 22, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or dropper of other malware. Emotet primarily spreads via malicious email attachments and attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. If successful, an attacker could use an Emotet infection to obtain sensitive information. Such an attack could result in proprietary information and financial loss as well as disruption to operations and harm to reputation.

CISA recommends users and administrator adhere to the following best practices to defend against Emotet. See CISA’s Alert on Emotet Malware for detailed guidance.

CISA encourages users and administrators to review the following resources for information about defending against Emotet and other malware.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 22 January 2020 | 5:04 pm

Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp

The iPhone of Amazon founder Jeff Bezos, the world's richest man, was reportedly hacked in May 2018 after receiving a WhatsApp message from the personal account of Saudi crown prince Mohammed bin Salman, the Guardian newspaper revealed today. Citing unnamed sources familiar with digital forensic analysis of the breach, the newspaper claimed that a massive amount of data was exfiltrated from

Posted on 22 January 2020 | 2:39 pm

IC3 Issues Alert on Employment Scams

Original release date: January 22, 2020

The Internet Crime Complaint Center (IC3) has issued an alert warning consumers of fake jobs and hiring scams targeting applicants’ personally identifiable information (PII). Cyber criminals posing as legitimate employers spoof company websites and post fake job openings to lure victims. Cyber criminals will conduct fake interviews and even offer positions to victims before requesting PII such as Social Security numbers and bank account information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the IC3 Alert and CISA’s Tips on Avoiding Social Engineering and Phishing Attacks and Website Security for more information. If you believe you are a victim of cybercrime, file a complaint with IC3 at www.ic3.gov.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 22 January 2020 | 9:57 am

Download: The State of Security Breach Protection 2020 Survey Results

What are the key considerations security decision-makers should take into account when designing their 2020 breach protection? To answer this, we polled 1,536 cybersecurity professionals in The State of Breach Protection 2020 survey (Download the full survey here) to understand the common practices, prioritization, and preferences of the organization today in protecting themselves from

Posted on 22 January 2020 | 6:36 am

Reminder: Safeguard Websites from Cyberattacks

Original release date: January 21, 2020

Protect personal and organizational public-facing websites from defacement, data breaches, and other types of cyberattacks by following cybersecurity best practices. The Cybersecurity and Information Security Agency (CISA) encourages users and administrators to review CISA’s updated Tip on Website Security and take the necessary steps to protect against website attacks.   

For more information, review:

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 21 January 2020 | 12:02 pm

Samba Releases Security Updates

Original release date: January 21, 2020

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Samba Security Announcements for CVE-2019-14902, CVE-2019-14907, and CVE-2019-19344 and apply the necessary updates and workarounds.

 

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 21 January 2020 | 10:11 am

Cyber Criminals Use Fake Job Listings To Target Applicants' Personally Identifiable Information

Posted on 21 January 2020 | 10:00 am

BitDam Study Exposes High Miss Rates of Leading Email Security Systems

Imagine receiving an email from US VP Mike Pence's official email account asking for help because he has been stranded in the Philippines. Actually, you don't have to. This actually happened. Pence's email was hacked when he was still the governor of Indiana, and his account was used to attempt to defraud several people. How did this happen? Is it similar to how the DNC server was hacked?

Posted on 21 January 2020 | 6:08 am

DDoS Mitigation Firm Founder Admits to DDoS

A Georgia man who co-founded a service designed to protect companies from crippling distributed denial-of-service (DDoS) attacks has pleaded to paying a DDoS-for-hire service to launch attacks against others.

Posted on 20 January 2020 | 5:13 pm

Evaluating Your Security Controls? Be Sure to Ask the Right Questions

Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options. But what do you specifically want to know? And how are the findings relevant to the threat landscape you face at this moment? "Decide what you want to know and then choose the best tool for the job."

Posted on 20 January 2020 | 6:22 am

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

Internet Explorer is dead, but not the mess it left behind. Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it. The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote

Posted on 18 January 2020 | 9:56 am

Citrix Adds SD-WAN WANOP, Updated Mitigations to CVE-2019-19781 Advisory

Original release date: January 17, 2020

Citrix has released an article with updates on CVE-2019-19781, a vulnerability affecting Citrix Application Delivery Controller (ADC) and Citrix Gateway. This vulnerability also affects Citrix SD-WAN WANOP product versions 10.2.6 and version 11.0.3. The article includes updated mitigations for Citrix ADC and Citrix Gateway Release 12.1 build 50.28. An attacker could exploit CVE-2019-19781 to take control of an affected system. Citrix plans to begin releasing security updates for affected software starting January 20, 2020.

The Cybersecurity and Infrastructure Security Agency (CISA) recommends users and administrators:

This product is provided subject to this Notification and this Privacy & Use policy.

Posted on 17 January 2020 | 8:34 pm

Use iPhone as Physical Security Key to Protect Your Google Accounts

Great news for iOS users! You can now use your iPhone or iPad, running iOS 10 or later, as a physical security key for securely logging into your Google account as part of the Advanced Protection Program for two-factor authentication. Android users have had this feature on their smartphones since last year, but now Apple product owners can also use this advanced, phishing-resistant form of

Posted on 16 January 2020 | 1:23 pm

Broadening the Scope: A Comprehensive View of Pen Testing

Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used as a keystone in

Posted on 16 January 2020 | 12:07 pm

Download Ultimate 'Security for Management' Presentation Template

There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, we'll refer to this individual as the CISO. This person is the

Posted on 15 January 2020 | 3:20 am

Patch Tuesday, January 2020 Edition

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency. This month also marks the end of mainstream support for Windows 7, a still broadly-used operating system that will no longer be supplied with security updates.

Posted on 14 January 2020 | 8:31 pm

Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What's so special about the latest Patch Tuesday is that one of the updates fixes a serious flaw in the core cryptographic component of widely used Windows 10, Server 2016 and 2019

Posted on 14 January 2020 | 1:51 pm

Oracle Critical Patch Update Advisory - January 2020

Posted on 14 January 2020 | 1:30 pm

Adobe Releases First 2020 Patch Tuesday Software Updates

Adobe today released software updates to patch a total of 9 new security vulnerabilities in two of its widely used applications, Adobe Experience Manager and Adobe Illustrator. It's the first Patch Tuesday for the year 2020 and one of the lightest patch releases in a long time for Adobe users. Moreover, none of the security vulnerabilities patched this month were either publicly disclosed or

Posted on 14 January 2020 | 8:52 am

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020.

Posted on 13 January 2020 | 4:17 pm

Phishing for Apples, Bobbing for Links

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures has emerged as the most targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or stolen. Today's piece looks at the well-crafted links used in some of these lures.

Posted on 13 January 2020 | 10:09 am

Password Manager Software Market (2020 To 2027) | By Top Players LastPass, 1Password, Okta ...

The global Password Manager Software Market is expected to reach at xx % in the forecast period, stated by a recent study of Contrive Datum Insights.

Posted on 13 January 2020 | 1:18 am

PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability

It's now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC

Posted on 11 January 2020 | 4:22 am

Alleged Member of Neo-Nazi Swatting Group Charged

Federal investigators on Friday arrested a Virginia man accused of being part of a neo-Nazi group that targeted hundreds of people in "swatting" attacks, wherein fake bomb threats, hostage situations and other violent scenarios were phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target's address.

Posted on 10 January 2020 | 9:22 pm

Lawmakers Prod FCC to Act on SIM Swapping

Crooks have stolen tens of millions of dollars and other valuable commodities from thousands of consumers via "SIM swapping," a particularly invasive form of fraud that involves tricking a target's mobile carrier into transferring someone's wireless service to a device they control. But the U.S. Federal Communications Commission (FCC), the entity responsible for overseeing wireless industry practices, has so far remained largely silent on the matter. Now, a cadre of Senate lawmakers is demanding to know what, if anything, the agency might be doing to track and combat SIM swapping.

Posted on 9 January 2020 | 1:44 pm

Researchers Demonstrate How to Hack Any TikTok Account by Sending SMS

TikTok, the 3rd most downloaded app in 2019, is under intense scrutiny over users' privacy, censoring politically controversial content and on national-security grounds—but it's not over yet, as the security of billions of TikTok users would be now under question. The famous Chinese viral video-sharing app contained potentially dangerous vulnerabilities that could have allowed remote attackers

Posted on 9 January 2020 | 12:14 pm

Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!

Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems? If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla's website. Why the urgency? Mozilla earlier today released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a critical zero-day vulnerability in its browsing

Posted on 9 January 2020 | 4:34 am

Tricky Phish Angles for Persistence, Not Passwords

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user's data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim's email, files and contacts -- even after the victim has changed their password.

Posted on 7 January 2020 | 3:35 pm

3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group

Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store⁠—you have been hacked and being tracked. These newly detected malicious Android apps are Camero, FileCrypt, and callCam that are believed to be linked to Sidewinder APT, a sophisticated hacking group specialized in cyber

Posted on 7 January 2020 | 10:41 am

Are You Ready for Microsoft Windows 7 End of Support on 14th January 2020?

January 14, 2020, is a day cybersecurity stakeholders should pay attention to, as it marks the end of Microsoft support in Windows 7. From a security perspective, both the routine monthly security patches as well as hotfixes for attacks in the wild will not be available, effectively making any newly discovered vulnerability a Windows 7 zero-day. Cynet 360 autonomous breach protection is a

Posted on 7 January 2020 | 9:02 am

Xiaomi Cameras Connected to Google Nest Expose Video Feeds From Others

Internet-connected devices have been one of the most remarkable developments that have happened to humankind in the last decade. Although this development is a good thing, it also stipulates a high security and privacy risk to personal information. In one such recent privacy mishap, smart IP cameras manufactured by Chinese smartphone maker Xiaomi found mistakenly sharing surveillance footage

Posted on 3 January 2020 | 4:58 am

Landry's Restaurant Chain Suffers Payment Card Theft Via PoS Malware

Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale (POS) systems that allowed cybercriminals to steal customers' payment card information. Landry's owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outlets with over 60 different brands such as Landry's Seafood, Chart House, Saltgrass Steak House,

Posted on 2 January 2020 | 2:13 pm

How Organizations Can Defend Against Advanced Persistent Threats

Advanced persistent threats (APTs) have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time. They typically perform complex hacks that allow them to steal or destroy data and resources. According to Accenture, APTs have been organizing themselves into groups that

Posted on 25 December 2019 | 10:44 am

The Best Templates for Posting Cybersecurity Jobs

The cybersecurity of a company is heavily reliant upon the skills and knowledge of the people who install, manage, and operate its security products. This means that recruiting and nurturing the best security team possible should be a CISO's top priority. Cynet's Ultimate Cybersecurity Job Posting Templates (download here) provide a list of the main responsibilities and skills for typical

Posted on 23 December 2019 | 6:41 am

Hacker Who Tried to Blackmail Apple for $100,000 Sentenced in London

A 22-year-old man who claimed to have access to over 300 million iCloud accounts and threatened to factory reset all accounts unless Apple pays ransom has pleaded guilty in London for trying to blackmail Apple. In March 2017, Kerem Albayrak from North London claimed to be a spokesman for a hacking group called the "Turkish Crime Family" and in possession of 319 million iCloud accounts.

Posted on 21 December 2019 | 9:39 am

WordPress 5.3.1 Security and Maintenance Release

WordPress 5.3.1 is now available! This security and maintenance release features 46 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. WordPress 5.3.1 is a short-cycle maintenance release. The next major release will be version 5.4. You can download WordPress 5.3.1 by clicking the button at the top of this page, […]

Posted on 12 December 2019 | 6:07 pm

WordPress 5.2.4 Update

Late-breaking news on the 5.2.4 short-cycle security release that landed October 14. When we released the news post, I inadvertently missed giving props to Simon Scannell of RIPS Technologies for finding and disclosing an issue where path traversal can lead to remote code execution. Simon has done a great deal of work on the WordPress […]

Posted on 18 November 2019 | 10:47 pm

Oracle Critical Patch Update Advisory - October 2019

Posted on 15 October 2019 | 2:30 pm

WordPress 5.2.4 Security Release

WordPress 5.2.4 is now available! This security release fixes 6 security issues. WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Updated versions of WordPress 5.1 and earlier are also available for any users who have not yet updated to 5.2. Security Updates Props to Evan Ricafort for finding an […]

Posted on 14 October 2019 | 4:54 pm

WordPress 5.2.3 Security and Maintenance Release

WordPress 5.2.3 is now available! This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade. If you haven’t yet updated to 5.2, there are also updated versions […]

Posted on 4 September 2019 | 8:51 pm

Mitigations Against Adversarial Attacks

This is the fourth and final article in a series of four articles on the work we’ve been doing for the European Union’s Horizon 2020 project codenamed SHERPA. Each of the articles in this series contain excerpts from a publication entitled “Security Issues, Dangers And Implications Of Smart Systems”. For more information about the project, […]

Posted on 11 July 2019 | 1:53 am

Adversarial Attacks Against AI

This article is the third in a series of four articles on the work we’ve been doing for the European Union’s Horizon 2020 project codenamed SHERPA. Each of the articles in this series contain excerpts from a publication entitled “Security Issues, Dangers And Implications Of Smart Systems”. For more information about the project, the publication […]

Posted on 11 July 2019 | 1:52 am

Malicious Use Of AI

This article is the second in a series of four articles on the work we’ve been doing for the European Union’s Horizon 2020 project codenamed SHERPA. Each of the articles in this series contain excerpts from a publication entitled “Security Issues, Dangers And Implications Of Smart Systems”. For more information about the project, the publication […]

Posted on 11 July 2019 | 1:50 am

Bad AI

This article is the first in a series of four articles on the work we’ve been doing for the European Union’s Horizon 2020 project codenamed SHERPA. Each of the articles in this series contain excerpts from a publication entitled “Security Issues, Dangers And Implications Of Smart Systems”. For more information about the project, the publication […]

Posted on 11 July 2019 | 1:49 am

Security Issues, Dangers, And Implications of Smart Information Systems

F-Secure is participating in an EU-funded Horizon 2020 project codenamed SHERPA (as mentioned in a previous blog post). F-Secure is one of eleven partners in the consortium. The project aims to develop an understanding of how machine learning will be used in society in the future, what ethical issues may arise, and how those issues […]

Posted on 8 July 2019 | 4:19 am

Sockpuppies!

Yesterday, a colleague of mine, Eero Kurimo, told me about something odd he’d seen on Twitter. Over the past few days, a number of pictures of cute puppies had shown up on his timeline as promoted tweets. Here’s an example: “Mainostettu” is the Finnish word Twitter uses to denote that a tweet has been promoted. […]

Posted on 1 July 2019 | 3:14 am

Oracle Security Alert for CVE-2019-2729 - 18 Jun 2019

Posted on 18 June 2019 | 5:00 pm

Live Coverage Of A Disinformation Operation Against The 2019 EU Parliamentary Elections

I recently worked with investigative journalists from Yle, attempting to uncover disinformation on social media around the May 2019 European elections. This work was also part of F-Secure’s participation in the SHERPA project, which involves developing an understanding of adversarial attacks against machine learning systems – in this case, recommendation systems on social networks. My […]

Posted on 24 May 2019 | 12:10 pm

Spam Trends: Top attachments and campaigns

Malware authors tend to prefer specific types of file attachments in their campaigns to distribute malicious content.  During our routine threat landscape monitoring in the last three months, we observed some interesting patterns about the attachment types that are being used in various campaigns. In February and March, we saw huge spam campaigns using ZIP […]

Posted on 8 May 2019 | 7:41 am

Oracle Security Alert for CVE-2019-2725 - 26 Apr 2019

Posted on 26 April 2019 | 12:00 pm

Oracle Critical Patch Update Advisory - April 2019

Posted on 16 April 2019 | 2:30 pm

Discovering Hidden Twitter Amplification

As part of the Horizon 2020 SHERPA project, I’ve been studying adversarial attacks against smart information systems (systems that utilize a combination of big data and machine learning). Social networks fall into this category – they’re powered by recommendation algorithms (often based on machine learning techniques) that process large amounts of data in order to […]

Posted on 3 April 2019 | 10:39 am

Mira Ransomware Decryptor

We investigated some recent Ransomware called Mira (Trojan:W32/Ransomware.AN) in order to check if it’s feasible to decrypt the encrypted files. Most often, decryption can be very challenging because of missing keys that are needed for decryption. However, in the case of Mira ransomware, it appends all information required to decrypt an encrypted file into the […]

Posted on 1 April 2019 | 9:19 am

A Hammer Lurking In The Shadows

And then there was ShadowHammer, the supply chain attack on the ASUS Live Update Utility between June and November 2018, which was discovered by Kaspersky earlier this year, and made public a few days ago. In short, this is how the trojanized Setup.exe works: An executable embedded in the Resources section has been overwritten by […]

Posted on 29 March 2019 | 9:12 am

Analysis of LockerGoga Ransomware

We recently observed a new ransomware variant (which our products detect as Trojan.TR/LockerGoga.qnfzd) circulating in the wild. In this post, we’ll provide some technical details of the new variant’s functionalities, as well as some Indicators of Compromise (IOCs). Overview Compared to other ransomware variants that use Window’s CRT library functions, this new variant relies heavily […]

Posted on 27 March 2019 | 12:19 pm

Analysis Of Brexit-Centric Twitter Activity

This is a rather long blog post, so we’ve created a PDF for you to download, if you’d like to read it offline. You can download that from here. Executive Summary This report explores Brexit-related Twitter activity occurring between December 4, 2018 and February 13, 2019. Using the standard Twitter API, researchers collected approximately 24 […]

Posted on 12 March 2019 | 2:56 am

WordPress 5.1.1 Security and Maintenance Release

WordPress 5.1.1 is now available! This security and maintenance release introduces 14 fixes and enhancements, including changes designed to help hosts prepare users for the minimum PHP version bump coming in 5.2. This release also includes a pair of security fixes that handle how comments are filtered and then stored in the database. With a maliciously […]

Posted on 11 March 2019 | 10:34 pm

Why Social Network Analysis Is Important

I got into social network analysis purely for nerdy reasons – I wanted to write some code in my free time, and python modules that wrap Twitter’s API (such as tweepy) allowed me to do simple things with just a few lines of code. I started off with toy tasks, (like mapping the time of […]

Posted on 21 February 2019 | 7:20 am

Oracle Critical Patch Update Advisory - January 2019

Posted on 15 January 2019 | 1:30 pm

NRSMiner updates to newer version

More than a year after the world first saw the Eternal Blue exploit in action during the May 2017 WannaCry outbreak, we are still seeing unpatched machines in Asia being infected by malware that uses the exploit to spread. Starting in mid-November 2018, our telemetry reports indicate that the newest version of the NRSMiner cryptominer, […]

Posted on 2 January 2019 | 11:04 pm

WordPress 5.0.1 Security Release

WordPress 5.0.1 is now available. This is a security release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. Plugin authors are encouraged to read the 5.0.1 developer notes for information on backwards-compatibility. WordPress versions 5.0 and earlier are affected by the following bugs, which are fixed in version […]

Posted on 12 December 2018 | 9:13 pm

Phishing Campaign targeting French Industry

We have recently observed an ongoing phishing campaign targeting the French industry. Among these targets are organizations involved in chemical manufacturing, aviation, automotive, banking, industry software providers, and IT service providers. Beginning October 2018, we have seen multiple phishing emails which follow a similar pattern, similar indicators, and obfuscation with quick evolution over the course […]

Posted on 26 November 2018 | 7:16 am

Ethics In Artificial Intelligence: Introducing The SHERPA Consortium

In May of this year, Horizon 2020 SHERPA project activities kicked off with a meeting in Brussels. F-Secure is a partner in the SHERPA consortium – a group consisting of 11 members from six European countries – whose mission is to understand how the combination of artificial intelligence and big data analytics will impact ethics […]

Posted on 22 November 2018 | 2:25 am

Spam campaign targets Exodus Mac Users

We’ve seen a small spam campaign that attempts to target Mac users that use Exodus, a multi-cryptocurrency wallet. The theme of the email focuses mainly on Exodus. The attachment was “Exodus-MacOS-1.64.1-update.zip” and the sender domain was “update-exodus[.]io”, suggesting that it wanted to associate itself to the organization. It was trying to deliver a fake Exodus […]

Posted on 2 November 2018 | 12:56 pm

Oracle Critical Patch Update Advisory - October 2018

Posted on 16 October 2018 | 2:30 pm

Oracle Security Alert for CVE-2018-11776 - 31 August 2018

Posted on 31 August 2018 | 7:00 pm

Value-Driven Cybersecurity

Constructing an Alliance for Value-driven Cybersecurity (CANVAS) launched ~two years ago with F-Secure as a member. The goal of the EU project is “to unify technology developers with legal and ethical scholars and social scientists to approach the challenge of how cybersecurity can be aligned with European values and fundamental rights.” (That’s a mouthful, right?) […]

Posted on 31 August 2018 | 8:20 am

Taking Pwnie Out On The Town

Black Hat 2018 is now over, and the winners of the Pwnie Awards have been published. The Best Client-Side Bug was awarded to Georgi Geshev and Rob Miller for their work called “The 12 Logic Bug Gifts of Christmas.” Georgi and Rob work for MWR Infosecurity, which (as some of you might remember) was acquired by F-Secure […]

Posted on 14 August 2018 | 6:58 am

Oracle Security Alert for CVE-2018-3110 - 10 August 2018

Posted on 10 August 2018 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2018

Posted on 17 July 2018 | 2:30 pm

WordPress 4.9.7 Security and Maintenance Release

WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads […]

Posted on 5 July 2018 | 12:00 pm

Oracle Critical Patch Update Advisory - April 2018

Posted on 17 April 2018 | 2:30 pm

WordPress 4.9.5 Security and Maintenance Release

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented […]

Posted on 3 April 2018 | 2:56 pm

WordPress 4.9.2 Security and Maintenance Release

WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for […]

Posted on 16 January 2018 | 5:00 pm

Oracle Critical Patch Update Advisory - January 2018

Posted on 16 January 2018 | 1:30 pm

WordPress 4.9.1 Security and Maintenance Release

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's […]

Posted on 29 November 2017 | 2:33 pm

Oracle Security Alert for CVE-2017-10269 - 13 November 2017

Posted on 13 November 2017 | 1:30 pm

Oracle Security Alert for CVE-2017-10151 - 27 October 2017

Posted on 27 October 2017 | 2:30 pm

Oracle Critical Patch Update Advisory - October 2017

Posted on 17 October 2017 | 2:30 pm

Oracle Security Alert for CVE-2017-9805 - 22 September 2017

Posted on 22 September 2017 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2017

Posted on 18 July 2017 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2019

Posted on 16 July 2017 | 2:30 pm

Oracle Security Alert for CVE-2017-3629

Posted on 19 June 2017 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2017

Posted on 18 April 2017 | 2:30 pm

Oracle Critical Patch Update Advisory - January 2017

Posted on 17 January 2017 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2016

Posted on 18 October 2016 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2016

Posted on 19 July 2016 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2016

Posted on 19 April 2016 | 2:30 pm

Oracle Security Alert for CVE-2016-0636 - 23 Mar 2016

Posted on 23 March 2016 | 2:30 pm

Oracle Critical Patch Update Advisory - January 2016

Posted on 19 January 2016 | 1:30 pm

Oracle Security Alert for CVE-2015-4852 - 10 November 2015

Posted on 10 November 2015 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2015

Posted on 20 October 2015 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2015

Posted on 14 July 2015 | 2:30 pm

Oracle Security Alert for CVE-2015-3456 - 15 May 2015

Posted on 15 May 2015 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2015

Posted on 14 April 2015 | 2:30 pm

Oracle Security Alert for CVE-2016-0603 - 5 February 2016

Posted on 5 February 2015 | 1:30 pm

Oracle Critical Patch Update Advisory - January 2015

Posted on 20 January 2015 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2014

Posted on 14 October 2014 | 2:30 pm

Oracle Security Alert for CVE-2014-7169 - 26 September 2014

Posted on 26 September 2014 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2014

Posted on 15 July 2014 | 2:30 pm

Oracle Security Alert for CVE-2014-0160 - 18 April 2014

Posted on 18 April 2014 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2014

Posted on 15 April 2014 | 2:30 pm

Oracle Critical Patch Update Advisory - January 2014

Posted on 14 January 2014 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2013

Posted on 15 October 2013 | 2:30 pm

Oracle Critical Patch Update Advisory - July 2013

Posted on 16 July 2013 | 2:30 pm

Oracle Java SE Critical Patch Update Advisory - June 2013

Posted on 18 June 2013 | 2:30 pm

Oracle Java SE Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 2:30 pm

Oracle Critical Patch Update Advisory - April 2013

Posted on 16 April 2013 | 2:30 pm

Oracle Security Alert for CVE-2013-1493 - 04 Mar 2013

Posted on 4 March 2013 | 1:30 pm

Updated Release of the Oracle Java SE Critical Patch Update - February 2013

Posted on 19 February 2013 | 1:30 pm

Oracle Java SE Critical Patch Update Advisory - February 2013

Posted on 1 February 2013 | 1:30 pm

Oracle Critical Patch Update Advisory - January 2013

Posted on 15 January 2013 | 1:30 pm

Oracle Security Alert for CVE-2013-0422 - 13 Jan 2013

Posted on 13 January 2013 | 1:30 pm

Oracle Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 2:26 pm

Oracle Java SE Critical Patch Update Advisory - October 2012

Posted on 16 October 2012 | 2:26 pm

Oracle Security Alert for CVE-2012-4681 - 30 Aug 2012

Posted on 30 August 2012 | 2:26 pm

Oracle Security Alert for CVE-2012-3132 - 10 Aug 2012

Posted on 10 August 2012 | 2:14 pm

Oracle Critical Patch Update (CPU) Advisory - July 2012

Posted on 19 July 2012 | 5:15 pm

Oracle Java SE Critical Patch Update Advisory - June 2012

Posted on 12 June 2012 | 3:00 pm

Oracle Security Alert for CVE-2012-1675

Posted on 30 April 2012 | 3:01 pm

Oracle Critical Patch Update (CPU) Advisory - April 2012

Posted on 18 April 2012 | 10:40 am

Oracle Java SE Critical Patch Update Advisory - February 2012

Posted on 14 February 2012 | 2:00 pm

Oracle Security Alert for CVE-2011-5035

Posted on 31 January 2012 | 3:20 pm

Oracle Critical Patch Update (CPU) Advisory - January 2012

Posted on 17 January 2012 | 2:44 pm

Oracle Critical Patch Update (CPU) Advisory - October 2011

Posted on 24 October 2011 | 1:33 pm

Oracle Security Alert for CVE-2011-3192

Posted on 15 September 2011 | 4:22 pm

Oracle Critical Patch Update (CPU) Advisory - July 2011

Posted on 19 July 2011 | 5:45 pm

Oracle Java SE Critical Patch Update Advisory - June 2011

Posted on 7 June 2011 | 5:18 pm

Oracle Critical Patch Update (CPU) - April 2011

Posted on 19 April 2011 | 3:00 pm

Oracle Java SE and Java for Business Critical Patch Update Advisory - February 2011

Posted on 15 February 2011 | 4:00 pm

Oracle Critical Patch Update (CPU) - January 2011

Posted on 18 January 2011 | 1:40 pm

Oracle Critical Patch Update (CPU) - October 2010

Posted on 12 October 2010 | 11:07 am

Oracle Critical Patch Update (CPU) - July 2010

Posted on 14 July 2010 | 2:35 pm

Oracle Critical Patch Update (CPU) - April 2010

Posted on 13 April 2010 | 4:01 pm

Oracle Security Alert for CVE-2010-0073 - February 2010

Oracle Security Alert for CVE-2010-0073

Posted on 4 February 2010 | 2:00 pm

Critical Patch Update - January 2010

Posted on 13 January 2010 | 12:05 pm

Critical Patch Update - October 2009

Posted on 20 October 2009 | 10:39 am

Critical Patch Update - July 2009

Posted on 15 July 2009 | 8:00 pm

Critical Patch Update - April 2009

Posted on 14 April 2009 | 5:40 pm

Critical Patch Update - January 2009

Posted on 14 April 2009 | 5:40 pm

Critical Patch Update - October 2008

Posted on 15 October 2008 | 1:53 pm

Critical Patch Update - July 2008

Posted on 15 July 2008 | 3:01 pm

Critical Patch Update - April 2008

Posted on 15 April 2008 | 5:13 pm

Critical Patch Update - January 2008

Posted on 15 January 2008 | 4:55 pm

Critical Patch Update - October 2007

Posted on 16 October 2007 | 3:47 pm

Critical Patch Update - July 2007

Posted on 17 July 2007 | 3:21 pm

Critical Patch Update - April 2007

Posted on 18 April 2007 | 10:57 am

Critical Patch Update - January 2007

Posted on 16 January 2007 | 5:35 pm

Critical Patch Update - October 2006

Posted on 17 October 2006 | 1:37 pm

Critical Patch Update - April 2006

Posted on 18 April 2006 | 3:42 pm

Critical Patch Update - January 2006

Posted on 17 January 2006 | 6:20 pm

Critical Patch Update - January 2005

Posted on 18 October 2005 | 5:28 pm

Critical Patch Update - April 2005

Posted on 18 October 2005 | 5:28 pm

Critical Patch Update - October 2005

Posted on 18 October 2005 | 5:25 pm

Critical Patch Update - July 2005

Posted on 12 July 2005 | 2:46 pm