Top

Tag: Security


Cloud security

The Cloud Security Risks Hidden in Plain Sight

September 22, 2017

Via: Security Intelligence

There are two popular attitudes about cloud security, and both of them are wrong. One belief is that putting data in the cloud amounts to putting it on the public internet for anyone to access. Therefore, the only way to […]


Network security

Building Digital Trust, One Blockchain at a Time

September 22, 2017

Via: Security Intelligence

ince it first appeared in 2009, the bitcoin network has grown significantly. The digital currency’s recent surge in value has sparked discussions within the security space about the benefits of blockchain, a technology that promotes the type of trust that […]


Vulnerabilities

Joomla Login Page Flaw Exposes Admin Credentials

September 21, 2017

Via: Security Week

Joomla 3.8 brings more than 300 improvements to the popular content management system (CMS) and patches two vulnerabilities, including one that can be exploited to obtain administrator credentials. Researchers at RIPS Technologies discovered that Joomla versions between 1.5 and 3.7.5 […]


Phishing

Equifax Sent Breach Victims to Fake Website

September 21, 2017

Via: Security Week

Equifax has made another blunder following the massive data breach suffered by the company – it advised some customers on Twitter to access a fake support website set up by a security researcher. Equifax staff advised breach victims on Twitter […]


Network security

What is a fileless attack? How hackers invade systems without installing software

September 21, 2017

Via: CSO Online

“We see it every day,” says Steven Lentz, CSO at Samsung Research America. “Something coming through, some exploit type, unknown ransomware. We’ve stopped several things with our defenses, either network-wise or at the end point.” The attacks that Lentz is […]


Cloud security

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

September 21, 2017

Via: Security Intelligence

As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making breaches, it’s becoming clear […]


Hacker, Malware

Iranian Hackers Target Aerospace, Energy Companies

September 20, 2017

Via: Security Week

A cyber espionage group linked by security researchers to the Iranian government has been observed targeting aerospace and energy organizations in the United States, Saudi Arabia and South Korea. The threat actor, tracked by FireEye as APT33, is believed to […]


Data loss, Phishing

News in brief: Linux advice for Equifax; fired over phish; Security.txt standard proposed

September 19, 2017

Via: Naked Security

Writing on the Double Pulsar site, infosec practitioner Kevin Beaumont suggests Security Enhanced Linux (SELinux) would have saved Equifax from the disastrous breach it disclosed earlier this month. If you’re going to have Apache Struts facing the internet, SELinux is the way […]


Data loss, Phishing

Vevo hacked, 3.12 TB of data leaked

September 18, 2017

Via: Naked Security

There’s a good chance that you’ve watched a popular music video from Vevo, either via YouTube,  Vevo’s website or its mobile app. Most popular music artists release their videos through Vevo these days. The company – a joint venture between […]


Malware, Mobile security

Premium SMS Malware ‘ExpensiveWall’ Infects Millions of Android Devices

September 15, 2017

Via: Threat Post

Google has ejected 50 apps from its Google Play store that were harboring mobile malware dubbed ExpensiveWall. The malware, which was downloaded between 1 million to 4.2 million times, sends fraudulent premium SMS messages for fake fee-based services without the […]