With so many data breaches happening almost every week, it has become difficult for users to know if their credentials are already in possession of hackers or being circulated freely across the Internet.Thankfully, Google has a solution.Today, February 5, on Safer Internet Day, Google launches a new service that has been designed to alert users when they use an exact combination of ...
Read More »Yearly Archives: 2019
3 ways state actors target businesses in cyber warfare, and how to protect yourself
The year 2019 is likely to see an increase of state actors taking aim at the private sector in foreign companies, continuing an ongoing trend over the past several years, according to the 2019 Cyber Threat Outlook published by defense industry firm Booz Allen Hamilton on Monday.The report cites economically-motivated attacks, that aim to “steal information, such as intellectual property and corporate ...
Read More »Attackers Use CoAP for DDoS Amplification
Attackers recently started abusing the Constrained Application Protocol (CoAP) for the reflection/amplification of distributed denial of service (DDoS) attacks, NETSCOUT warns. CoAP is a simple UDP protocol designed for low-power computers on unreliable networks that appears similar to HTTP, but which operates over UDP (User Datagram Protocol) port 5683. The protocol is mainly used by mobile phones in China, but is also present ...
Read More »Over 3000 Magneto shops have been hacked via insecure extensions in the last 3 months
Attackers use an extension bug to download other extensions and later search for zero-day security issues.Failing to keep the extensions up-to-date is one of the main cause for the rise in such attacks.In the latest research, it has been found that Magneto shops can be targeted by leveraging vulnerable third-party extensions or modules. The attackers can abuse these weak third-party ...
Read More »Top WordPress attacks: Insight into major attacks that involved compromise of WordPress sites
WordPress is the most popular content management system which is based on PHP and MySQL. A recent study revealed that WordPress-associated vulnerabilities have seen a 30% increase in 2018 when compared to the previous year. The number of vulnerabilities related to WordPress recorded in 2018 was 542.Moreover, most of these vulnerabilities, almost 98% were related to WordPress plugins and only 2% of ...
Read More »Google works on spotting dodgy ‘evil domains’
Google is working on a way for Chrome to do a better job of spotting fake websites that seek to trick people into handing over personal information.It is concentrating on websites that use letters and numbers to approximate a recognised brand.The work will mean Chrome will warn people they are about to visit sites it believes are fake.Security firm Wandera ...
Read More »Cookieminer: New malware targets Macs to steal from cryptocurrency wallets
Malware can bypass multi-factor authentication to gain access to cryptocurrency wallets – and also drops mining malware on infected machines.Mac users are being targeted with newly discovered Mac malware that aims to steal the contents of cryptocurrency wallets.Dubbed CookieMiner by researchers because of its capability for stealing browser cookies associated with cryptocurrency exchanges and wallet service websites visited by the ...
Read More »Updated version of Remexi malware leveraged to spy on foreign diplomats in Iran
The malware boasts a variety of capabilities such as recording keystrokes, taking screenshots of Windows and stealing credentials, logins, and the browser history.Once installed, the malware first connects with the C2 server of hackers in order to receive malicious commands.An updated version of Remexi malware was used in a cyber-espionage campaign that targeted Iranian IP addresses late last year. The ...
Read More »25 Saudi children trained in cybersecurity
JEDDAH: The pilot phase of a program to introduce Saudi children to the basics of programming concluded on Thursday.The Saudi Federation for Cyber Security, Programming and Drones (SAFCSP) organized the “Programming for Young Saudis” event at its headquarters in Riyadh in cooperation with technology company Oracle.The program introduced 25 Saudi children aged between 8 and 14 to the basics of ...
Read More »Chrome fixes many flaws: Patch Tuesday – Week 4, January 2019
This week we saw the release of major web browser updates coming Google Chrome and Mozilla FIrefox. On the other hand, Linux distributions like Ubuntu and Debian also patched their software to fix multiple security vulnerabilities.AVEVAAveva is a British IT firm that specializes in engineering and industrial software. The firm has released an update to its product Wonderware that contained ...
Read More »