Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products. This month’s security updates address security vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server. Out of 49 flaws patched this month, 12 are ...
Read More »Cyber Security News
Just Answering A Video Call Could Compromise Your WhatsApp Account
What if just receiving a video call on WhatsApp could hack your smartphone? This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app. The vulnerability is a memory heap overflow issue which ...
Read More »Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users’ Data
Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+’s People APIs allowed third-party developers to access data for more than 500,000 users, ...
Read More »Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash
The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and has previously launched attacks ...
Read More »16-Year-Old Boy Who Hacked Apple’s Private Systems Gets No Jail Time
An Australian teenager who pleaded guilty to break into Apple’s private systems multiple times over several months and download some 90GB of secure files has avoided conviction and will not serve time in prison. An Australian Children’s Court has given the now 19-year-old adult defendant, who was 16 at the time of committing the crime, a probation order of eight months, though ...
Read More »VPNFilter Router Malware Adds 7 New Network Exploitation Modules
Security researchers have discovered even more dangerous capabilities in VPNFilter—the highly sophisticated multi-stage malware that infected 500,000 routers worldwide in May this year, making it much more widespread and sophisticated than earlier. Attributed to Russia’s APT 28, also known as ‘Fancy Bear,’ VPNFilter is a malware platform designed to infect routers and network-attached storage devices from 75 brands including Linksys, MikroTik, Netgear, TP-Link, ...
Read More »App protection amid evolving app landscape, automated attacks
The typical modern organization, according to a joint F5-Ponemon global study, uses 765 web applications, of which, 34% are considered mission critical. Impact-wise, when apps are attacked, 81% of respondents to the F5 Labs 2018 Application Protection Report, rated loss of availability or denial of service as “the most painful”, followed by breach of confidential or sensitive information (77%); tampering with an ...
Read More »Western Digital’s My Cloud NAS Devices Turn Out to Be Easily Hacked
Security researchers have discovered an authentication bypass vulnerability in Western Digital’s My Cloud NAS devices that potentially allows an unauthenticated attacker to gain admin-level control to the affected devices. Western Digital’s My Cloud (WD My Cloud) is one of the most popular network-attached storage (NAS) devices which is being used by businesses and individuals to host their files, as well ...
Read More »Ransomware Attack Takes Down Bristol Airport’s Flight Display Screens
Bristol Airport has blamed a ransomware attack for causing a blackout of flight information screens for two days over the weekend. The airport said that the attack started Friday morning, taking out several computers over the airport network, including its in-house display screens which provide details about the arrival and departure information of flights. The attack forced the airport officials ...
Read More »New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs
Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers steal information that briefly remains in the memory (RAM) after the computer is shut ...
Read More »