23 Jan 2019

DHS releases emergency order to prevent DNS hijacking

On Tuesday afternoon, the Department of Homeland Security ordered federal agencies to implement a variety of security measures aimed at preventing DNS hijacking attacks. As part of such attacks, threat actors target the domain name system (DNS) infrastructure that plays an essential role in directing Internet traffic, in order to redirect

Read More
23 Jan 2019

Community Project Crushes 100,000 Malware Sites in 10 Months

As part of a cybersecurity initiative launched in March of last year, 265 security researchers have spent the last 10 months identifying and shutting down a total of almost 100,000 websites that were used to distribute malware. The URLhaus initiative was started by abuse.ch, a Swiss nonprofit aimed at fighting

Read More
23 Jan 2019

Cybercriminals increasingly taking aim at businesses

A new report by Malwarebytes underlines how cybercriminals have shifted their focus in 2018 from campaigns targeting individual users to those focusing exclusively on high-value business targets. Endpoint attacks have also increased. Trojans were the most prevalent type of malware targeting companies, with the sophisticated Emotet and Trickbot Trojans as prime

Read More
23 Jan 2019

How Web Apps Can Turn Browser Extensions Into Backdoors

Browser extensions have a bad reputation when it comes to security, as they frequently contain vulnerabilities that put users at risk. New research highlights these risks by describing how certain privileged extensions for the Chrome, Firefox and Opera browsers are vulnerable to exploitation by web applications. The discovered flaws can

Read More
23 Jan 2019

Outdated Software Exposes PC Users to Security Risks Says Report

A new report by Avast based on data from 163 million PCs shows that 55% of software on Windows computers is not up to date, putting users at risk for cyberattacks exploiting known software vulnerabilities. Outdated versions of Adobe Shockwave, VLC Media Player and Skype can be found on a whopping 94%

Read More
22 Jan 2019

Report: Facebook’s Privacy Lapses May Result in Record Fine

According to three anonymous insiders, the U.S. Federal Trade Commission is considering to impose on Facebook a record fine of over $22.5 million (the previous record from 2012) over the Cambridge Analytica scandal and other privacy-related incidents. Since 2011 the FTC has demanded that Facebook refrains from sharing user data in ways that

Read More
22 Jan 2019

108M online casino customer records exposed in latest case of misconfigured database

The phantom of misconfigured databases has struck again. This time a leaky Elasticsearch server exposed information relating to 108M bets placed by customers of various casino websites including kahunacasino.com, azur-casino.com, easybet.com and viproomcasino.net. Among the leaked info were names and usernames, birth dates, address details, phone numbers, email addresses, IP addresses and

Read More
22 Jan 2019

Industry reactions to Google’s €50 million GDPR violation fine

The French National Data Protection Commission (CNIL) has fined Google €50 million (over $56 million) on Monday for not sufficiently informing users how the company collects data in order to serve personalized ads. Mirko Zorz of Help Net Security has asked multiple industry experts to weigh in on the first GDPR-related fine

Read More
22 Jan 2019

Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution

A security researcher with Embedi has discovered several vulnerabilities affecting the ThreadX firmware for Wi-Fi chipsets in laptops and Internet of Things (IoT) devices. Among the flaws is a block pool overflow that can enable attackers to remotely execute code on certain devices without any user interaction (zero-click). The vulnerability affects

Read More
22 Jan 2019

Over 4 percent of all Monero was mined by malware botnets

As part of a major cybersecurity research project, security researchers have analyzed 4.4 million malware samples that have been detected between 2007 and 2018. About one million of these samples were cryptomining malware. Based on their findings, the researchers estimate that about 4.32% of all Monero cryptocurrency that has been mined so

Read More