March 20, 2019
Via: Threat PostGhidra, a free, open-source software reverse-engineering tool that was released by the National Security Agency at RSA, has been found to be a potential conduit to remote code-execution. Ghidra is a disassembler written in Java; software that breaks down executable […]
March 20, 2019
Via: Help Net SecurityWith major outages impacting Gmail, YouTube, Facebook and Instagram recently, consumers are right to be concerned over the security of their private data. While details of these outages haven’t yet been published – a situation I sincerely hope Alphabet and […]
Network security, Vulnerabilities
March 19, 2019
Via: Security IntelligenceIt’s safe to say that the internet of things (IoT) is mature enough that it’s on everyone’s radar by now. The IoT as we know it has been around for more than a decade, but it wasn’t until about five […]
March 18, 2019
Via: Security AffairsGoogle revealed that it took down 2.3 billion bad ads in 2018, including 58.8 million phishing ads for violation of its policies. Google introduced 31 new ads policies in 2018, aiming at protecting users from scams and other fraudulent activities […]
March 14, 2019
Via: Security AffairsSecurity researcher Simon Scannell from RIPS Technologies has discovered a new CSRF vulnerability in WordPress, that could potentially lead to remote code execution attacks. The flaw is a cross-site request forgery (CSRF) that resides in the comment section of WordPress […]
March 13, 2019
Via: Hot for SecurityMaffi Clinics, a chain of plastic surgery clinics in the United States, is notifying patients about a ransomware incident that briefly affected its systems. Unlike most cases involving ransomware, though, this one didn’t leave a scar, illustrating the power of […]
March 12, 2019
Via: Help Net SecurityCompanies that use Box for sharing files and folders inside and outside the company are inadvertently leaving sensitive corporate and customer data exposed, cybersecurity firm Adversis warns. Their own research discovered much non-sensitive data but also database dumps of customer […]
March 12, 2019
Via: InfoWorldCloudops (cloud operations) and secops (security operations) are quickly evolving practices. While I’m seeing some errors, what’s more common is that ops teams are leaving important things out. If these missing aspects are not addressed, secops will become problematic quickly. […]
Application security, Hacker, Threats & Malware, Virus & Malware
March 11, 2019
Via: CSO OnlineA group of hackers is using a previously undocumented backdoor program designed to interact with attackers over Slack. While abusing legitimate services for malware command-and-control purposes is not a new development, this is the first time researchers have seen Slack, […]
March 6, 2019
Via: Help Net SecurityThe Cloud Security Alliance (CSA) announced STAR Continuous Self Assessment, the first release of an evolving continuous-compliance assessment program for cloud services that gives cloud service providers (CSPs) the opportunity to align their security validation capabilities with cloud security compliance […]
March 20, 2019
March 20, 2019
March 19, 2019
February 22, 2019
February 25, 2019
March 13, 2019
March 11, 2019
Copyright © 2019. All rights reserved
