Hacking News

We report on the latest Hacking News in the UK, US and the world. Follow IT Security Guru for regular news, updates and interviews in hacking from our team of editors. Read our latest articles relating to computer and cyber hacking from a team of IT security experts, including ethical hackers and penetration testing. For any queries relating to Hacking News, please contact our editorial team at editor@itsecurityguru.org

internet-screen-security-protection-60504

What is it? A man-in-the-middle/spoofing vulnerability exists in Windows 10, Windows Server 2016/2019 – when an authenticated attacker is on the target system, they can use a spoofed code-signing certificate to sign malicious executables making the file appear as if it’s from a trusted source. This vulnerability is post-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could conduct man-in-the-middle attacks and decrypt encrypted traffic such as traffic sent over the...

Read more
Black Friday Gifts

Black Friday is here, and deals are popping up all over the internet. Consumers are browsing for the most generous discounts, their inboxes flooded with promotional emails alerting them of cheap flights to exotic locations available for a fraction of the cost. But while the prospect of acquiring a new smartphone at a slashed price may appealing, the cybersecurity community is all but confident that things will run smoothly for customers, who will be targeted...

Read more
Onapsis Threat Report Oracle Payday

Onapsis, the leading provider of business application protection have revealed new threat research into a recently discovered vulnerability on Oracle E-Business Suite – Oracle PAYDAY. The attack scenarios exploit two vulnerabilities with CVSS scores of 9.9 out of 10 in Oracle EBS, Oracle’s ERP software installed at up to 21,000 companies. Onapsis discovered and reported the vulnerabilities to Oracle, which issued patches earlier this year. Onapsis estimates that 50% of Oracle EBS customers have not...

Read more
Doordash Review

Food delivery company, DoorDash, has confirmed it was hit by a data breach which exposed the data of close to 5 million customers, delivery people and partners. The breach took place in May of this year, and it's unclear why it has taken DoorDash so long to reveal the details. According to a spokesperson for DoorDash, the breach took place via a third party provider - who was not named - and affected users who...

Read more
Grade Hacking Services And Fake Diplomas Easily Available Online During Exam Season.

Cybercriminals are taking advantage of summer exam pressures by offering black market grade-hacking services and fake qualifications online, and ensuring these opportunities are easy to find with a quick internet search, Kaspersky researchers have found. Reports of young people breaking into school systems to change grades, improve attendance records or disrupt test processes are not new, and nor is the availability of fake certificates and diplomas. Over the years, a thriving underground industry has grown...

Read more
Multiple Variations Of A Phishing Email Scam Spoofing NAB Hit Inboxes.

The banking industry is increasingly becoming a favourite among cybercriminals. After intercepting multiple variations of an email scam spoofing NAB earlier today, MailGuard has now detected another phishing email scam purporting to be from Westpac. Using a display name "Westpac Bank", the emails are actually sent by what appears to be a compromised account. The message body is in plain-text, advising recipients that some unusual activity was noticed on their account. Their account has been...

Read more
Dark web cybercriminals

Despite more resources and investment being ploughed into data security, cybercriminals are still successfully stealing businesses' data. One group of hackers known as Magecart were found to be the cause of at least 319,000 data breach instances in 2018, according to RiskIQ’s Black Friday e-commerce Blacklist report. These JavaScript-sniffers (JS-sniffers) deploy a type of malware, whereby websites are injected with malicious JavaScript, designed to steal customer PII and have been found lurking on thousands of...

Read more
Hacking hacker computer screen

Cofense™, the global leader in intelligent phishing defense solutions, announced a partnership with NINJIO, a leading creator of cyber security awareness training. NINJIO’S cyber security content will be accessible by customers using the Cofense PhishMe™ platform, an award-winning phishing simulation and training solution. Cofense PhishMe administrators can leverage NINJIO videos, or “episodes” as NINJIO refers to them, as part of their on-going security awareness training and phishing defense programs. NINJIO’S current security awareness library consists...

Read more
Barracuda Boosts Total Email Protection With Forensics And Incident Response.

Barracuda, a trusted partner and leading provider for cloud-enabled security solutions, today announced the introduction of Forensics and Incident Response. Available to Barracuda Total Email Protection customers, the solution automates incident response and provides remediation options, helping organizations address issues faster and more efficiently. Attackers often attempt to bypass traditional email security measures by using social engineering tactics — emails that contain no malicious code, attachments, or links, or accounts — or by trying to...

Read more
You Think Your Business Is Primed To Deal With Any Cyber Threat – But What If It’s An Inside Job?

Seven top tips on how to prevent and cope with an insider threat By Tom Huckle, Lead Cyber Security Consultant, Crucial Academy An inside job brings up images of bank raids and heists but in the modern world companies should be thinking just as seriously about the cyber threat coming from within their own business. The possibility that a breach or a cyber attack could be down to an employee or former employee is growing...

Read more
Page 2 of 3 1 2 3