Gain the Trust of Your Business Customers With SOC 2 Compliance - In today's business environment, data is what matters most. It matters to organizations that monetize it into operational insights and optimisations, and it matters the threat actors that relentlessly seek to achieve similar monetisation by compromising it.
In the very common scenario in which orga http://feedproxy.google.com/~r/TheHackersNews/~3/3SVESj96bhY/soc-2-compliance-audit.html
New Critical Oracle WebLogic Flaw Under Active Attack — Patch Now - Oracle has released an out-of-band emergency software update to patch a newly discovered critical vulnerability in the WebLogic Server.
According to Oracle, the vulnerability—which can be identified as CVE-2019-2729 and has a CVSS score of 9.8 out of 10—is already being exploited in the wild by an http://feedproxy.google.com/~r/TheHackersNews/~3/hGxo0WD_WI4/oracle-weblogic-vulnerability.html
Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks - If you use the Firefox web browser, you need to update it right now.
Mozilla earlier today released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical zero-day vulnerability in the browsing software that hackers have been found exploiting in the wild.
Discovered and reported by Sam http://feedproxy.google.com/~r/TheHackersNews/~3/8C2GH3sW7o0/mozilla-firefox-patch-update.html
5 Keys to Improve Your Cybersecurity - Cybersecurity isn't easy. If there was a product or service you could buy that would just magically solve all of your cybersecurity problems, everyone would buy that thing, and we could all rest easy.
However, that is not the way it works. Technology continues to evolve. Cyber attackers adapt and d http://feedproxy.google.com/~r/TheHackersNews/~3/Ls5CIQBolzw/improve-your-cybersecurity.html
GandCrab Ransomware Decryption Tool [All Versions] — Recover Files for Free - Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals.
GandCrab is one of the most prolific families of ransomware to date t http://feedproxy.google.com/~r/TheHackersNews/~3/SpYpzQo5j6A/gandcrab-ransomware-decryption-tool.html
Critical Flaw Reported in Popular Evernote Extension for Chrome Users - Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed.
Evernote is a popular service that helps people taking notes and organize their to-do tas http://feedproxy.google.com/~r/TheHackersNews/~3/i4hPrmGSfPc/evernote-extension-hacking.html
Telegram Suffers 'Powerful DDoS Attack' From China During Hong Kong Protests - Telegram, one of the most popular encrypted messaging app, briefly went offline yesterday for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers.
Telegram founder Pavel Durov later revealed that the attack was mainly coming from the http://feedproxy.google.com/~r/TheHackersNews/~3/OOgib_yXGeQ/telegram-ddos-attack.html
Cynet Free Visibility Experience – Unmatched Insight into IT Assets and Activities - Real-time visibility into IT assets and activities introduces speed and efficiency to many critical productivity and security tasks organizations are struggling with—from conventional asset inventory reporting to proactive elimination of exposed attack surfaces.
However, gaining such visibility is http://feedproxy.google.com/~r/TheHackersNews/~3/6zdn2mNkFY8/cynet-free-visibility-tool.html
Android's Built-in Security Key Now Works With iOS Devices For Secure Login - In April this year, a software update from Google overnight turned all Android phones, running Android 7.0 Nougat and up, into a FIDO-certified hardware security key as part of a push to encourage two-step verification.
The feature made it possible for users to confirm their identity when logging i http://feedproxy.google.com/~r/TheHackersNews/~3/t6IZHBzD25k/android-security-key-ios.html
When Time is of the Essence – Testing Controls Against the Latest Threats Faster - A new threat has hit head the headlines (Robinhood anyone?), and you need to know if you're protected right now. What do you do?
Traditionally, you would have to go with one of the options below.
Option 1 – Manually check that IoCs have been updated across your security controls.
RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory - A team of cybersecurity researchers yesterday revealed details of a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes running on the same hardware.
Dubbed RAMBleed and id http://feedproxy.google.com/~r/TheHackersNews/~3/pX4Oena3W04/rambleed-dram-attack.html
Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities - After Adobe, the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products.
This month's security updates include patches for a total of 88 vulnera http://feedproxy.google.com/~r/TheHackersNews/~3/kn4CsLIzFLI/windows-june-updates.html
Adobe Issues Critical Patches for ColdFusion, Flash Player, Campaign Software - It's Patch Tuesday week!
Adobe has just released the latest June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign.
Out of these, three vulnerabilities affect Adobe ColdFusion, a commercial rap http://feedproxy.google.com/~r/TheHackersNews/~3/bkahzckFP7M/adobe-patch-june.html
New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions - Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions.
The vulnerability, identified as CVE-2019-12498, resid http://feedproxy.google.com/~r/TheHackersNews/~3/Y8Olsb1YClg/wordpress-live-chat-plugin.html
Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor - Linux users, beware!
If you haven't recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim.
Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution http://feedproxy.google.com/~r/TheHackersNews/~3/-kLUXaXKpeY/linux-vim-vulnerability.html
Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw - An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system.
SandboxEscaper is known for publicly dropping zero-day e http://feedproxy.google.com/~r/TheHackersNews/~3/fWKRSwPNfko/windows-eop-exploit.html
New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide - Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet.
Dubbed GoldBrute, the botnet scheme has been designed in a way to escalate gradually by adding every new crack http://feedproxy.google.com/~r/TheHackersNews/~3/JnNQaHJknfI/windows-rdp-brute-force.html
Credential Stealing Backdoor Found in Agama Cryptocurrency Wallet Apps - Are you using Komodo's Agama Wallet to store your KMD and BTC cryptocurrencies?
Were your funds also unauthorisedly transferred overnight to a new address?
If yes, don't worry, it's probably safe, and if you are lucky, you will get your funds back.
Here's what exactly happened…
Critical Flaws Found in Widely Used IPTV Software for Online Streaming Services - Security researchers have discovered multiple critical vulnerabilities in a popular IPTV middleware platform that is currently being used by more than a thousand regional and international online media streaming services to manage their millions of subscribers.
Discovered by security researchers at http://feedproxy.google.com/~r/TheHackersNews/~3/YSlnundP2iU/iptv-software-hacking.html
Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions - A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP).
Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions.
Lokale Instanz der MHC SoftWare GmbH