255
55 Views
More and more, organizations take the route of outsourcing incident response to Managed Security Service Providers.

This trend is distinct regardless of the organization's cyber maturity level and can be found across a wide range of cyber maturity, from small companies with no dedicated security team to enterprises with a fully equipped SOC.

The hands of the incident response service
248
23 Views
Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people.

According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen data which included taxpayer's personal
241
41 Views
If you are in Kazakhstan and unable to access the Internet service without installing a certificate, you're not alone.

The Kazakhstan government has once again issued an advisory to all major local Internet Service Providers (ISPs) asking them to make it mandatory for all their customers to install government-issued root certificates on their devices in order to regain access to the Internet
239
36 Views
Taiwanese networking equipment manufacturer D-Link has agreed to implement a "comprehensive software security program" in order to settle a Federal Trade Commission (FTC) lawsuit alleging that the company didn't take adequate steps to protect its consumers from hackers.

Your wireless router is the first line of defense against potential threats on the Internet.

However, sadly, most
233
55 Views
A new ransomware family has been found targeting Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' data hostage until a ransom is paid, researchers told The Hacker News.

Ideal for home and small business, NAS devices are dedicated file storage units connected to a network or through the Internet, which allow users to store and share their data and
233
35 Views
Magecart strikes again!

Cybersecurity researchers have identified yet another supply-chain attack carried out by payment card hackers against more than 17,000 web domains, which also include websites in the top 2,000 of Alexa rankings.

Since Magecart is neither a single group nor a specific malware instead an umbrella term given to all those cyber criminal groups and individuals who inject
232
54 Views
In every organization, there is a person who's directly accountable for cybersecurity. The name of the role varies per the organization's size and maturity – CISO, CIO, and Director of IT are just a few common examples – but the responsibility is similar in all places.

They're the person who understands the risk and exposure, knows how prepared the team and most important – what the gaps are
225
56 Views
The chaos and panic that the disclosure of privacy vulnerability in the highly popular and widely-used Zoom video conferencing software created earlier this week is not over yet.

As suspected, it turns out that the core issue—a locally installed web server by the software—was not just allowing any website to turn on your device webcam, but also could allow hackers to take complete control
225
57 Views
One of the most powerful, infamous, and advanced piece of government-grade commercial surveillance spyware dubbed FinSpy—also known as FinFisher—has been discovered in the wild targeting users in Myanmar.

Created by German company Gamma International, FinSpy is spying software that can target various mobile platforms including iOS and Android, we well as desktop operating systems.

Gamma
222
72 Views
Data loss and theft continues to rise, and hardly a day goes by without significant data breaches hit the headlines.

In January 2019 alone, 1.76 billion records were leaked, and according to IBM's Data Breach study, the average cost of each lost or stolen record has reached about $148.

Most of these data leaks are because of malicious attacks, where exploitation of web application
221
31 Views
Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity.

The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure
219
64 Views
Security researchers have discovered a rare piece of Linux spyware that's currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned.

It's a known fact that there are a very few strains of Linux malware exist in the wild as compared to Windows viruses because of its core
211
65 Views
Google has started rolling out this month's security updates for its mobile operating system platform to address a total of 33 new security vulnerabilities affecting Android devices, 9 of which have been rated critical in severity.

The vulnerabilities affect various Android components, including the Android operating system, framework, library, media framework, as well as Qualcomm components,
206
59 Views
Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer.

Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully
204
54 Views
Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors.

IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevented proactively?

That's definitely a 'NO,' which is why there's a reactive approach in place to
200
72 Views
Unified Comms, Jabber among targets for clean-up

Cisco has delivered a bundle of 17 security updates to address 18-CVE-listed vulnerabilities in its networking and communications gear.…

200
32 Views
DNS config snafu bares Jenkins instance contents to world+dog

GE Aviation managed to expose a pile of its private keys on a misconfigured Jenkins instance that was exposed to the public internet, according to a security researcher who found it through Shodan.…

200
60 Views

Security vulnerabilities can affect any IT infrastructure at any time. What counts here is how vigilant a firm remains to



Numerous Vulnerabilities Found In Huawei Web Applications And Servers on Latest Hacking News.

199
21 Views

Fake Office 365 Site That is Distributing the TrickBot password-stealing Trojan, Oakland California Bans Use of Facial Recognition, Collierville Tennessee



Latest Hacking News Podcast #329 on Latest Hacking News.

199
77 Views
Enterprises should expect to see more cyber attacks launched against them. The data that they now gather and store have made their infrastructures key targets for hackers.

Customer data and intellectual property can be sold in the black market for profit, and sensitive information can also be used by hackers to extort them.

Enterprises are now aggressively shifting their workloads to the cloud
199
26 Views
Accused bloke cuffed after plod swoop on home

A 20-year-old man from the Netherlands accused of building and selling Office macro malware was arrested Wednesday.…

198
32 Views
Lodash, a popular npm library used by more than 4 million projects on GitHub alone, is affected by a high severity security vulnerability that could allow attackers to compromise the security of affected services using the library and their respective user base.

Lodash is a JavaScript library that contains tools to simplify programming with strings, numbers, arrays, functions, and objects,
198
66 Views
'A legitimate solution to a poor user experience'

Zoom Video Communications, whose web conferencing service is used by millions, is under fire for installing a hidden web server on Macs in order to bypass user consent when joining a meeting.…

198
74 Views

Some malware campaigns seemingly never stop, rather they keep coming back again and again to prey on users. One such



Fake JQuery Campaign On the Rise For Ad Fraud And Malvertising on Latest Hacking News.

198
85 Views
Britain's Information Commissioner's Office (ICO) today hit British Airways with a record fine of £183 million for failing to protect the personal information of around half a million of its customers during last year's security breach.

British Airways, who describes itself as "The World's Favorite Airline," disclosed a breach last year that exposed personal details and credit-card numbers of
198
24 Views
It is but WAF-er thin... – report

Network overlord Cisco is reportedly planning to purchase Signal Sciences, a frequent cybersecurity collaborator and member of the Cisco Security Technical Alliance.…

197
48 Views
And now he's a convicted criminal – but still in uniform

A serving Metropolitan police officer who illegally accessed a police database to monitor a criminal investigation into his own conduct has pleaded guilty to crimes under the Computer Misuse Act.…

197
69 Views
Maker of Firefox fires fox from hen house guard duty

Mozilla on Tuesday added digital certificates belonging to security biz DarkMatter and its subsidiaries to Firefox's OneCRL blocklist, based on concerns that the UAE-based company will misuse its power as a certificate authority (CA) to intercept online communications.…

197
30 Views
After months of negotiations, the United States Federal Trade Commission (FTC) has approved a record $5 billion settlement with Facebook over its privacy investigation into the Cambridge Analytica scandal.

The settlement will put an end to a wide-ranging probe that began more than a year ago and centers around the violation of a 2011 agreement Facebook made with the FTC that required Facebook
197
30 Views
What you need to know from infosec land lately

Roundup  Here is a brief look at some of the other security stories floating around right now.…

196
74 Views
Evil hypervisors can work out what apps are running, extract data from encrypted guests

Five boffins from four US universities have explored AMD's Secure Encrypted Virtualization (SEV) technology – and found its defenses can be, in certain circumstances, bypassed with a bit of effort.…

194
65 Views

PGP Poisoned Certificates Compromising SKS Keyserver Network,  New Malware Spotted in the Wild – Golang, Sodin REvil Zero Day Running



Latest Hacking News Podcast #319 on Latest Hacking News.

Newsletter
Sign up for our newsletter


Unsubscribe at Anytime | Privacy Policy
Welcome, DisDroidians

Sign up and post your links!

sponsored
Most Viewed Stories
Latest Comments
Statistics
Disdroid.co.uk - ranking and value