Cyber Bites

DHS urges Govt departments to lock down their domain name settings.

A serious Apple iOS bug has been discovered that allows FaceTime users to access the microphone and front facing camera of who they are calling even if the person does not answer the call. To use this bug, a caller would FaceTime another person who has an iOS device and before the recipient answers, add themselves as an additional contact to Group FaceTime. This will cause the microphone of the person you are calling to turn on and...

Read more
DHS urges Govt departments to lock down their domain name settings.

A study by researchers at Barracuda Networks gas illustrated the growing threat posed by IoT credential compromise. Vulnerabilities can be exploited to steal user credentials and compromise devices. The Barracuda research team identified multiple vulnerabilities in camera’s web and mobile applications. The research team recommended that IoT products are scored based on their security level. They argued that this enables businesses and consumers to make informed devices when choosing IoT products. Source: ComputerWeekly

Read more
DHS urges Govt departments to lock down their domain name settings.

The Massachusetts data breach notification law has been amended. The amendments include providing victims who fall victim to a data breach a free credit freeze and 18 months of free credit monitoring. Furthermore, companies can no longer delay notifying authorities and victims of a breach on the basis that they do not know the number of individuals affected. Source: The Daily Swig

Read more
DHS urges Govt departments to lock down their domain name settings.

Google is set to appeal the €50m GDPR fine given to them by the French Data Protection agency. Google have stated that they have created a transparent and straightforward GDPR consent process. The company expressed concern on the impact the ruling would have on publishers, tech companies and original content creators. Source: The Register

Read more
DHS urges Govt departments to lock down their domain name settings.

WordPress is introducing WSOD (White-screen-of-death) Protection, the equivalent of a WordPress Safe Mode. The feature will allow WordPress to recognise when a fatal PHP error occurs and can identify what and where the error originated from. The feature has raised concern among researchers who warn that the new feature could be used to disable security plugins and put WordPress sites and blogs at risk. Source: ZD Net

Read more
DHS urges Govt departments to lock down their domain name settings.

191, 970 bad ads and an estimated 1 million users have been impacted by a Malware in Ad-based images, researchers have discovered. A massive adware campaign that hides malware in image files using steganography techniques has impacted up to a million Mac users. When a user clicks on an infected image, the malicious ad infects the Mac user with the Shlayer trojan. Source: Threatpost

Read more
DHS urges Govt departments to lock down their domain name settings.

Named hAnt, this ransomware strain was first identified in August 2018, but new infections have been reported this month. The ransomware targets Bitcoin mining rigs with most infections located in China. hAnt infects a mining rig, locking up the device and requesting that 10 Bitcoin ($36,000) ransom is paid or the victim must infect at least 1000 other devices to remove the ransomware. Source: ZD Net

Read more
DHS urges Govt departments to lock down their domain name settings.

Anatova ransomware emerged on 1st January 2019 and was discovered by security researchers at McAfee. The software is infecting users around the world by posing as an application or game. Users are tricked into downloading and launching these malicious files onto their computer. The largest number of victims are in the US but the ransomware has also been spotted in Belgium, Germany, France and UK. Source: ZD Net

Read more
DHS urges Govt departments to lock down their domain name settings.

24 million financial and banking documents have been found on an unprotected server, running an Elasticsearch database. The server had decade’s worth of data, including highly sensitive financial data, social security numbers, names, loan and mortgage agreements, and repayment schedules. The leak was traced to Ascension, a data analytics company, that converts paper documents into computer files. Source: Techcrunch

Read more
DHS urges Govt departments to lock down their domain name settings.

Threat Researchers at Securonix have reported a rise in attacks that target vulnerabilities in Hadoop components, such as Hadoop YARN, Redis and ActiveMQ. The researchers warned of an increase in the number of multi-vector and multi-platform automated attacks against cloud infrastructure over the past few months. These attacks frequently include crypto mining, ransomware and botnet malware. Source: The Register

Read more
Page 38 of 39 1 37 38 39