Month: March 2017

Malware & Threats

Issued by: CIO Security

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos. The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after…

Vulnerabilities

Issued by: Security Week

Microsoft Patches Many Exploited, Disclosed Flaws

Microsoft has released a total of 18 security bulletins to address tens of vulnerabilities, including more than a dozen that have already been publicly disclosed or exploited in attacks. The March 2017 updates also include the patches that should have been released last month. Microsoft postponed most of the February security updates – except the…

Network Security

Issued by: Dark Reading

Debunking 5 Myths About DNS

From the boardroom to IT and the end user, the Domain Name System is often misunderstood, which can leave organizations vulnerable to attacks. The Domain Name System (DNS) is the common denominator for all communication on the Internet. It touches everyone. Every online transaction – good or bad – begins with a DNS lookup. Despite…

Network Security

Issued by: Help Net Security

Cyber espionage topping the list of largest security concerns

20 percent of global organizations rank cyber espionage as the most serious threat to their business, with 26 percent struggling to keep up with the rapidly evolving threat landscape. In addition, one in five U.S. organizations have suffered a cyber espionage-related attack in the last year. The Trend Micro research, which surveyed 2,402 enterprise IT…

Malware & Threats

Issued by: Security Week

Cybercriminals Hijack Magento Extension to Steal Card Data

Cybercriminals have been abusing a payment module to steal credit card data from online shops powered by the Magento ecommerce platform, web security firm Sucuri reported on Friday. The targeted module is the Realex Payments Magento extension (SF9), which integrates with the Realex Realauth Remote payment gateway. The Realex Payments extension allows Magento store owners…

Network Security

Issued by: Help Net Security

A new age of digital signatures is upon us

The increased adoption of digital signatures should not come as a surprise: many businesses are trying to digitalise their everyday processes, and digital signatures are both reliable and secure due to several features, and are increasingly easy to use. The term “digital signature” is often used interchangeably with that of “electronic signature”, but they are…

Mobile Security

Issued by: Security Intelligence

The Enterprise Mobility Conundrum: How to Control the Data?

What’s not to like about a good bring-your-own-device (BYOD) policy? For most companies, BYOD is a great deal. Employees buy and maintain the devices, and the company gets the benefit of their off-hours availability and productivity while traveling. Nearly three-quarters of organizations with enterprise mobility initiatives have adopted a plan to establish a BYOD policy….

Vulnerabilities

Issued by: Security Week

Actively Exploited Struts Flaw Affects Cisco Products

Cisco informed customers on Friday that at least some of its products are affected by an Apache Struts2 command execution vulnerability that has been exploited in the wild over the past days. The flaw has been confirmed to affect the Cisco Identity Services Engine (ISE), the Prime Service Catalog Virtual Appliance, and the Unified SIP…

Malware & Threats

Issued by: Blog Malwarebytes

Explained: Spora ransomware

Nowadays, ransomware has become the most popular type of malware. Most of the new families are prepared by amateurs (script-kiddies) and they are distributed on a small scale. There are only a few major players on this market that are prepared by professionals. Recently, Spora ransomware joined this set. As we will see, some of the…