Eskenzi PR ad banner Eskenzi PR ad banner

Top 10 Stories

A major flaw in eBay’s Magento web commerce platform, used by many well-known online stores has been revealed. If exploited, the vulnerability enables attackers to compromise any online store based on the Magento platform, and access credit card information and other customer financial and personal data. The flaw bypasses all security mechanisms and gives control of the store and its complete database, allowing credit card theft and administrative access into the system. “As online shopping...

Read moreDetails

The IDs and passwords of as many as 5.06 million people who use online shopping and other websites have been found on computer servers seized in relation to alleged unauthorised access through proxy servers by a Chinese group. According to The Japan News, there are traces that show the personal information of about 60,000 people was used to log into online shopping sites, according to the Metropolitan Police Department. The MPD is investigating whether the...

Read moreDetails

A widely reported Russian cyber spying campaign against diplomatic targets has been using two previously unknown flaws in software to penetrate target machines. According to FireEye, the espionage effort took advantage of holes in Microsoft Windows and Adobe Flash. The campaign has been tied by other firms to a serious breach at US State Department computers and FireEye said that the same hackers – APT28 - are also believed to have broken into White House...

Read moreDetails

Despite a patch being released last week, around 70 million websites remain vulnerable to a critical remote code execution vulnerability patched by MS15-034. Security researchers at SANS Internet Storm Center revealed that the MS15-034 affecting the Windows HTTP protocol stack is being actively exploited in the wild. The MS15-034 flaw affects Windows 7, 8, and 8.1, Windows Server 2008 R2, 2012, and 2012 R2 leaving over 70 million websites vulnerable to cyber attacks. Exploitation of...

Read moreDetails

A new Dark Web market called "TheRealDeal” has opened up, which focuses on selling zero-day exploits. Launching last month, TheRealDeal makes use of Tor anonymity software and the digital currency Bitcoin in an attempt to hide the identities of its buyers, sellers and its own administrators. "Welcome…We originally opened this market in order to be a 'code market' — where rare information and code can be obtained," a message from the website's anonymous administrator reads....

Read moreDetails

More than 65 cyber security professionals and academics have come out against a trio of bills moving through Congress that are meant to enable information sharing about digital threats between businesses and the Government. In a letter sent today to ranking members from both parties of the House and Senate Intelligence Committees and the chair of the House Homeland Security Committee, the group of 65 urge Congress to reject the Cybersecurity Information Sharing Act and...

Read moreDetails

EMC Corportation has acquired CloudLink to add software-based data security solutions for hybrid clouds. “Our induction into the EMC Select partner program two years ago was both a privilege and an excellent opportunity for us to develop solutions that truly address customer needs,”a statement said. “We are eager to contribute to the customer value EMC delivers through its industry-leading innovation, service and support.”   EMC’s president, Chad Sakac, said: “As more and more customers were...

Read moreDetails

Huawei has been named as a founding member of the Global Forum on Cyber Expertise (GFCE).   Bringing together a range of private companies, inter-governmental organisations and Governments for the first time to work towards ensuring a “free, open and secure cyber space”, the GFCE aims to become a pragmatic, action-oriented and flexible forum to meet the challenges of cyber-integrity.   “Huawei supports the GFCE’s mission of collaboration to ensure that as societies become increasingly...

Read moreDetails

The Payment Card Industry Security Standards Council (PCI SSC) has moved to fix the security vulnerabilities in the Secure Sockets Layer (SSL) and early versions of the Transport Layer Security (TLS) protocols, exposed by both Heartbleed and Poodle, with an out-of-band updated release of PCI DSS v3.1.   This latest iteration of the PCI Data Security Standard, however, has split the IT security profession as it is less clear cut on how the 14 month...

Read moreDetails

Hackers are a huge help when it comes to fixing problems, a cyber security expert says.   “There are actually a lot of good hackers out there that are revealing vulnerabilities and bugs in technology that we all rely on,” Keren Elazari told CBC's Mainstreet. Elazari, who studies cyber-conflict and politics at Tel Aviv University, was the opening keynote speaker at the Atlantic Security Conference in Halifax on Thursday.   There are examples in many...

Read moreDetails
Page 415 of 630 1 414 415 416 630