SecurityWeek

Latest IT Security News and Expert Insights Via RSS Feed
  1. A researcher says he has discovered yet another critical cross-site scripting (XSS) vulnerability in Yahoo Mail. The recently patched flaw could have been exploited to steal the targeted user’s emails and attach malicious code to their outgoing messages.

    read more

  2. Mexico’s privacy watchdog said Wednesday that the federal Attorney General’s Office stonewalled it for more than a year as it tried to investigate the government’s use of powerful Israeli spyware against journalists, lawyers and activists.

    read more

  3. Google said Wednesday it forgot to mention that it included a microphone in its Nest Secure home alarm system, the latest privacy flub by one of the tech industry’s leading collectors of personal information.

    read more

  4. Cisco this week released patches for more than a dozen vulnerabilities across its product portfolio, including high severity flaws in HyperFlex, Prime Infrastructure, and Prime Collaboration Assurance. 

    read more

  5. Adobe on Thursday released a second fix for the Reader vulnerability tracked as CVE 2019-7089 after the researcher who discovered the flaw managed to bypass the first patch.

    The security hole, identified by Alex Inführ from Cure53, allows a specially crafted PDF document to send SMB requests to the attacker’s server when the file is opened.

    read more

  6. Microsoft informed users on Wednesday that Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks that rely on malicious HTTP/2 requests.

    read more

  7. Latest Developments in Mueller and Russian Electoral Meddling

    read more

  8. WinRAR, the popular data compression tool utilized by over 500 million users worldwide, is affected by a serious vulnerability that can allow arbitrary code execution through specially crafted ACE archives.

    read more

  9. Security updates released on Wednesday for the Drupal content management system (CMS) patch a “highly critical” vulnerability that can be exploited for remote code execution.

    read more

  10. Canada's electronic eavesdropping agency said Wednesday it is working with Canberra to try to determine the scale of computer hacking on Australia's parliament and political parties just months from an election.

    read more

  11. A piece of malware targeting automated teller machines (ATMs) has an interface that looks like a slot machine, Kaspersky Lab reports. 

    Dubbed WinPot, the malware was initially detected in March last year, targeting the ATMs of a popular vendor to make the devices automatically dispense all cash from their most valuable cassettes.

    read more

  12. Companies are increasingly moving sensitive data to the cloud, but cybersecurity, including the human factor and technology, is still a problem for many, according to a new report published on Wednesday by Oracle and KPMG.

    read more

  13. The cat-and-mouse game between BitDefender and the GandCrab ransomware developers continues. On Tuesday (Feb. 19) BitDefender released a new version of its GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5 up to the latest version 5.1. The decryptor is available from BitDefender and from the NoMoreRansom project.

    read more

  14. Blockchain security company CipherTrace has fully emerged on Tuesday with $15 million in venture capital financing from Silicon Valley and New York venture capital firms. 

    read more

  15. Online shoppers are at a growing risk from a scam which allows hackers to skim their payment details, cyber security firm Symantec warned on Wednesday.

    read more

  16. Britain can handle the security risks involved with using mobile networks made by China's Huawei, the cybersecurity chief said Wednesday, adding to a growing debate among countries on whether the company should be banned, as the U.S. wants.

    read more

  17. Kaspersky Lab this week announced Kaspersky CyberTrace, a free threat intelligence fusion and analysis tool to make it easier for security teams to access threat intelligence. 

    read more

  18. Armorblox emerged from stealth mode on Wednesday with a platform that uses natural language understanding (NLU) to detect cyber threats hidden in emails and documents. The company also announced a $16.5 million Series A funding round.

    read more

  19. Microsoft says it has observed a group widely associated with the Russian government launching numerous cyberattacks on democratic institutions in Europe between September and December 2018. 

    read more

  20. 2018 saw the convergence of three separate threat trends -- two that have evolved over the last few years, and one that came to the fore during 2018. These are the merging of IoT botnets, destructive malware and cryptojacking.

    read more

Website Copyright 1998-2019 by PCBest. All Rights Reserved.
we accept credit cards