Information Security

Intel warns of widespread vulnerability in PC, server, device firmware | Ars Technica

Millions of computers could be remotely hijacked through bug in firmware code.<p>Intel has issued a security alert that management firmware on a number …

Security

Millions of Pornhub users infected by malware - what to do if you're affected

Hackers have hijacked advertising on adult site Pornhub to infect "millions" of users with malware, cyber security experts claim.<p>New research by …

Security

How to Protect Private Info From Massive New Online Security Flaw

Have you ever started shopping online, filled up a virtual shopping cart, and then, for whatever reason, decided not to buy the items? Chances are, …

Security

U.S. government warns businesses about cyber bug in Intel chips

The Department of Homeland Security gave the guidance a day after Intel said it had identified security vulnerabilities in remote-management software …

Security

Millions of Computers Affected By Intel Firmware Flaws

Numerous Manufacturers Must Prep and Distribute Customized Patches Jeremy Kirk (jeremy_kirk) • November 21, 2017<p>Security experts are awaiting more …

Security

How to Hide Your Address from Clever Hackers

Locked in a pitched battle with cyber-attackers, organizations are nonetheless forging ahead with aggressive cloud and “Internet of Things” …

Encryption

6 Real Black Friday Phishing Lures

As the mega-shopping day approaches, here's a look at six examples of phishing attacks - and ways to avoid taking the bait.<p>1 of 7<p><i>Image Source:</i> …

Kaspersky Lab

GitHub starts scanning millions of projects for insecure components

Popular cloud service GitHub is a public code repository for millions of open source projects.<p>For example, you can get Microsoft’s JavaScript engine, …

Ruby

Let's Take a Page from the Credit Card Industry's Playbook

Internal security departments would do well to follow the processes of major credit cards.<p>The fallout from the Equifax breach will most likely …

Cybersecurity

Malicious Bankbot malware found hiding in flashlight and Solitaire apps to steal your bank details

This isn't the first time the notorious banking Trojan has made its way into Google Play Store.<p>Security researchers have discovered that the …

Security

Scammed via Western Union? Claim your share of a $586M refund now!

Western Union, of course, is not made up of scammers. It’s simply a company that provides the service through which scammers receive their ill-gotten …

Security

Multiple Intel firmware vulnerabilities in Management Engine

New research has uncovered five Intel firmware vulnerabilities related to the controversial Management Engine, leading one expert to question why the …

Security

Microsoft Warns of Late-Year Spike in Office Threats

Office exploits are hardly new, but there has been a noticeable uptick in attacks in the fall of 2017 that target the popular business productivity …

Security

Vigilante or bug hunter?

“False alarm,” declares CityPost as it takes its website down.<p>| November 21, 201710:16 am | Filed under: Vulnerability 0<p>From Irish news website <i>The</i> …

Security

Microsoft warns: Bogus Apple, Windows tech support sites open your phone app

Tech-support scam sites now contain click-to-call to "help" victims more easily contact their sham hotlines.<p>Tech-support scammers are testing new …

Identity Theft

Vulnerability Note VU#681983

Overview<p>Install Norton Security for Mac, prior to version 7.6, does not validate SSL certificates.<p>Description<p><b>CWE-295</b><b>: Improper Certificate Validation</b> …

Security

Open Source Security for Containers in a DevOps World

• Register<br>• What You'll Learn<br>• Speakers<br>• Sponsors<p>Managing container infrastructure in a production environment is challenged by problems of scale. One of the …

Technology

A Call for Greater Regulation of Digital Currencies

A new report calls for international collaboration to create more transparency with virtual currencies and track money used for …

Bitcoin

Cloud Security: Don’t Go Blind While Playing in the Cloud

• Overcome cloud monitoring and security shortcomings.<br>• Compensate for loss of networking infrastructure ownership and control.<br>• Wean your Security …

Technology

TP-Link Offers Outdated or No Firmware at All on 30% of Its European Sites

TP-Link's European sites are falling behind when it comes to providing firmware updates, said Daniel Aleksandersen, a Norwegian technology expert, on …

Wi-Fi

How a Wi-Fi Pineapple Can Steal Your Data (And How to Protect Yourself From It)

The Wi-Fi Pineapple enables anyone to steal data on public Wi-Fi networks. Here’s how it facilitates two sophisticated network attacks and how to protect yourself against them.<p><i>This article is part of</i> How Hacking Works<i>, Motherboard's guide to demystifying information security.</i><p>In popular media, …

Wi-Fi

Intel Chip Flaws Leave Millions of Devices Exposed

Security researchers have raised the alarm for years about the Intel remote administration feature known as the Management Engine. The platform has a …

Technology

Your every keystroke is recorded by over 480 of the most popular websites in the world

Over 480 globally popular websites found tracking users' every keystroke and sending data to third-party servers.<p>Researchers at Princeton University …

Security

Four Years Later, We Have a New OWASP Top 10

The Open Web Application Security Project (OWASP) has published a new version of its infamous Top 10 vulnerability ranking, four years after its last …

Security

RDPY - RDP Security Tool For Hacking Remote Desktop Protocol

Last updated: November 21, 2017 | 1 views 0<p>RDPY is an RDP Security Tool in Twisted Python with RDP Man in the Middle proxy support which can record …

Security

Key Windows 10 defense is 'worthless' and bug dates back to Windows 8

Microsoft's anti-exploitation technology has a flaw that makes it "worthless" in some cases.<p>Microsoft has been telling users to upgrade to Windows 10 …

Microsoft

Researcher informs drone maker DJI about bugs, gets called a 'hacker' and threatened

Bug bounty programs are a great way for tech companies to crowdsource help in securing their products – and for skilled tech experts to make some money on the side. Sadly, that’s not how things went for researcher Kevin Finisterre when he pointed out issues in DJI’s publicly shared code.<p>Instead of …

Security

Security researcher gives up $30,000 bug bounty after DJI allegedly threatened legal action

DJI in August launched a bug bounty program to reward security researchers for reporting vulnerabilities. Depending on the severity of the problems …

Security

77% of 433,000 Sites Use Vulnerable JavaScript Libraries

Last week, we released our first annual State of Open Source Security report. One of the discoveries the report mentions is that an analysis of …

JavaScript

Galaxy Note 8 November 2017 security patch rolling out

Samsung started rolling out the November 2017 security patch to its handsets last week. The Galaxy A5 and Galaxy A7 (2017) were the first handsets to …

Samsung