News aggregator

Almost Half A Million Delhi Citizens' Personal Data Exposed Online

THN - Thu, 21/02/2019 - 11:18
Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report shared with The Hacker News, Bob Diachenko disclosed that two days ago he found a 4.1 GB-sized

Another Critical Flaw in Drupal Discovered — Update Your Site ASAP!

THN - Thu, 21/02/2019 - 07:18
Developers of Drupal—a popular open-source content management system software that powers millions of websites—have released the latest version of their software to patch a critical vulnerability that could allow remote attackers to hack your site. The update came two days after the Drupal security team released an advance security notification of the upcoming patches, giving websites

Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years

THN - Thu, 21/02/2019 - 02:35
Beware Windows users... a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the

Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years

THN - Tue, 19/02/2019 - 16:45
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean immediately. Cybersecurity researchers at RIPS Technologies GmbH today shared their latest research with The Hacker News, revealing the existence of a critical remote code execution vulnerability that

Learn How XDR Can Take Breach Protection Beyond Endpoint Security

THN - Tue, 19/02/2019 - 10:46
How do you know whether an attacker has infiltrated your network? Can you really rely on an Endpoint Detection and Response (EDR) solution to be your go-to technology for identifying security breaches? Endpoint detection and response (EDR) platform has been an important technology to detect cybersecurity incidents, but it provides only the view of endpoints, just a portion of the big picture.

LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers

THN - Tue, 19/02/2019 - 06:55
Why would someone bother to hack a so-called "ultra-secure encrypted database that is being protected behind 13 feet high and 5 feet thick walls," when one can simply fetch a copy of the same data from other sources. French security researcher Baptiste Robert, who goes by the pseudonym "Elliot Alderson" on Twitter, with the help of an Indian researcher, who wants to remain anonymous,

Kali Linux 2019.1 Released — Operating System For Hackers

THN - Mon, 18/02/2019 - 16:29
Wohooo! Great news for hackers and penetration testers. Offensive Security has just released Kali Linux 2019.1, the first 2019 version of its Swiss army knife for cybersecurity professionals. The latest version of Kali Linux operating system includes kernel up to version 4.19.13 and patches for numerous bugs, along with many updated software, like Metasploit, theHarvester, DBeaver, and more.

Popular Torrent Uploader 'CracksNow' Caught Spreading Ransomware

THN - Mon, 18/02/2019 - 09:25
It's not at all surprising that downloading movies and software from the torrent network could infect your computer with malware, but it's more heartbreaking when a popular, trusted file uploader goes rogue. Popular software cracks/keygens uploader "CracksNow," who had trusted status from many torrent sites, has now been banned from several torrent sites after he was repeatedly found

How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link

THN - Mon, 18/02/2019 - 06:22
It's 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. Well, if you have landed here to learn how you can hack someone's Facebook password, then honestly, you are at the wrong place. Instead, this article is all about a recently patched vulnerability in Facebook and how similar flaws make

Over 92 Million New Accounts Up for Sale from More Unreported Breaches

THN - Mon, 18/02/2019 - 05:03
All these numbers…. "More than 5 billion records from 6,500 data breaches were exposed in 2018" — a report from Risk Based Security says. "More than 59,000 data breaches have been reported across the European since the GDPR came into force in 2018" — a report from DLA Piper says. …came from data breaches that were reported to the public, but in reality, more than half of all data breaches

Apple fighting pirate app developers, will insist on 2FA for coders

Sophos - Naked Security - Fri, 15/02/2019 - 11:28
Are you an Apple developer? Care about security? Using 2FA? You will be soon...

Judge won’t unseal legal docs in fight to break Messenger encryption

Sophos - Naked Security - Fri, 15/02/2019 - 10:51
The Feds tried—and failed—to force Facebook to break its encryption so investigators could listen in on suspected MS-13 gang conversations.

Should we profit from the sale of our personal data?

Sophos - Naked Security - Fri, 15/02/2019 - 10:42
Don't spend that 30 cents all in one place!

WARNING – New Phishing Attack That Even Most Vigilant Users Could Fall For

THN - Fri, 15/02/2019 - 09:34
How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph? By checking if the site is using HTTPS? Or using software or browser extensions that detect phishing domains? Well, if you, like most Internet users, are also relying on above basic security practices to spot if that

Chinese facial recognition database exposes 2.5m people

Sophos - Naked Security - Fri, 15/02/2019 - 08:41
A company operating a facial recognition system in China has exposed millions of residents’ personal information online.

Photography site 500px resets 14.8 million passwords after data breach

Sophos - Naked Security - Fri, 15/02/2019 - 08:24
Photography website 500px has become the latest site to admit suffering a serious data breach.

Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale

THN - Fri, 15/02/2019 - 06:56
A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web. Last week, The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online. <!

Inside a GandCrab targeted ransomware attack on a hospital

Sophos - Naked Security - Thu, 14/02/2019 - 15:03
A recent attack on a US hospital gives us a colourful picture of both how a targeted ransomware attack happens, and how it can be stopped.

What’s behind this 1,000-character phishing URL?

Sophos - Naked Security - Thu, 14/02/2019 - 11:09
Bleeping Computer learned of a strange phishing campaign which uses an unusually long URL - but why?

Apple App Store stuffed with hardcore porn and gambling apps

Sophos - Naked Security - Thu, 14/02/2019 - 10:59
The apps, which violate content policies, got in there via the same Enterprise Certificate program that Facebook and Google exploited.


Subscribe to Shiga Tecnologia aggregator