The post WhatsApp will not deactivate accounts for not accepting new privacy terms appeared first on Security Affairs.
Read More WhatsApp will not deactivate accounts for not accepting new privacy terms
Four Eastern European nationals face 20 years in prison for Racketeer Influenced Corrupt Organization (RICO) charges after pleading guilty to providing bulletproof hosting services between 2008 and 2015, which were used by cybercriminals to distribute …
Read More Four Plead Guilty to Aiding Cyber Criminals with Bulletproof Hosting
Digital transformation has been around for a while, but last year it accelerated its pace significantly. As organizations suddenly shifted to an almost exclusively digital world, the need to protect digital assets grew even more. One way to tackle thes…
Read More How do I select a managed cybersecurity solution for my business?
One of the most effective ways you can protect your computers and devices at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.
Read More Patch and Update
Enterprises and end-users are constantly reminded of the dangers associated with clicking on unknown links and documents. Images rarely top the list as would-be vulnerabilities, but it’s important to be cautious of these potentially risky files as well…
Read More A picture is worth a thousand words, but to hackers, it’s worth much more
“Simple” can often be harder than “complex.” When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as the part causing the trouble. However, URL forwarding is one method that is oft…
Read More Exploiting common URL redirection methods to create effective phishing attacks
In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in people working remotely during the pandemic. With enterprises resorting to making RDP s…
Read More Defending against Windows RDP attacks
A computer science engineer at Michigan State University has a word of advice for the millions of bitcoin owners who use smartphone apps to manage their cryptocurrency: don’t. Or at least, be careful. Researchers are developing a mobile app to ac…
Read More Bitcoin Security Rectifier app aims to make Bitcoin more secure
For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries. That’s because the Domain Name System (DNS) protocol does a good job of seamlessly rout…
Read More NAME:WRECK DNS Bugs: What You Need to Know
Netskope revealed a research showing a significant breakdown in collaboration between two of the central components of the IT team: networking and security. While 49% of security teams and 44% of networking teams report to the same manager, 37% of glob…
Read More DX projects hindered by lack of collaboration between security and networking teams
Amidst the pandemic overwhelming the capacity of many hospital systems, malicious hackers have been quick to target healthcare providers and medical agencies. These cyber-attacks have hit both the United States and Europe in recent months, serving as a…
Read More Cybersecurity and Compliance for Healthcare Organizations
We know that good “hygiene” is conducive to good health and cleanliness. And, if you’re reading this blog it’s safe to say that you’re familiar with the term “cyber” as it relates to computers and information technology (IT). Combine the two, throw in …
Read More Getting a grip on basic cyber hygiene
Wwhat can security leaders do to make sure they’re prepared and hone their skills ahead of the next inevitable threat? Now, they can test themselves and their knowledge at a new website, The CISO Challenge. Launched by XDR provider Cynet, it aims to le…
Read More New competition allows cybersecurity leaders to test their knowledge and skills
Solar Security has unveiled a new release of its code analyzer – Solar appScreener 3.9, which now also supports Dart and thus retains leadership in the number of programming languages covered. Handling code scan details has become easier as users can e…
Read More Code analyzer Solar appScreener 3.9 now supports Dart and CSV format
SANS Institute blog post on using password managers to simplify passwords and securely store them in a single location.
Read More Cut Through the Noise: Are Password Managers Still Safe and Secure?
Maximize your efforts to identify critical assets during on-site ICS visits.
Read More SANS ICS Site Visit Plan
The Windows 10 Notepad will soon include a built-in notification that alerts users when a new version is available. […]
Read More Windows 10 Notepad will warn when you’re running an old version
This podcast features a discussion about employees taking short-cuts and multifactor authentication
The post Cyber Security Today, Week In Review for May 7, 2021 first appeared on IT World Canada.
Read More Cyber Security Today, Week In Review for May 7, 2021
U.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant. At the end of April, researchers […]
The post CISA MAR report provides technical details of FiveHands Ransomware appeared first on Security Affairs.
Read More CISA MAR report provides technical details of FiveHands Ransomware
In the latest move to improve the privacy of the Chrome browser, Google is adding support for a new HTML tag that prevents user tracking by isolating embedded content from the page embedding it. […]
Read More Google Chrome’s new privacy feature restricts online user tracking
Sometimes legitimate programs or programs created by your organization may have false-positive detections in Windows Defender. Fortunately, Microsoft also offers an way to exclude files and processes from Defender scans. […]
Read More How to exclude files and folders from Windows Defender scans
‘Spam protection, AntiSpam, FireWall by CleanTalk’ anti-spam WordPress plugin could expose user sensitive data to an unauthenticated attacker. A Time-Based Blind SQL Injection in ‘Spam protection, AntiSpam, FireWall by CleanTalk’ WordPress plugin, tracked as CVE-2021-24295, could be exploited by an unauthenticated attacker to access user data. The flaw could be exploited by an attack to […]
The post SQL injection issue in Anti-Spam WordPress Plugin exposes User Data appeared first on Security Affairs.
Read More SQL injection issue in Anti-Spam WordPress Plugin exposes User Data
Read More WhatsApp to restrict features if you refuse Facebook data sharing
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Cloud hosting provider Swiss Cloud suffered a ransomware attack Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle WeSteal, a shameless commodity cryptocurrency […]
The post Security Affairs newsletter Round 313 appeared first on Security Affairs.
Read More Security Affairs newsletter Round 313
Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyber attacks.
Read More Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down
“On May 7, the Colonial Pipe…
Here’s an overview of some of last week’s most interesting news, articles and interviews: 21 vulnerabilities found in Exim, update your instances ASAP! A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerab…
Read More Week in review: Patch Tuesday forecast, how to select a DLP solution, is it OK to publish PoC exploits?
A flaw in some DNS resolvers, tracked as TsuNAME, can allow attackers to launch DDoS attacks against authoritative DNS servers. Researchers at SIDN Labs (the R&D team of the registry for .nl domains), InternetNZ (the registry for .nz domains), and the Information Science Institute at the University of Southern California has discovered a vulnerability, named […]
The post TsuNAME flaw exposes DNS servers to DDoS attacks appeared first on Security Affairs.
Read More TsuNAME flaw exposes DNS servers to DDoS attacks