β Tricky DoS Attack Crashes Mozilla Firefox β
π Read
via "The first stop for security news | Threatpost ".
There are currently no mitigations for the Firefox attack, a researcher told Threatpost.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Tricky DoS Attack Crashes Mozilla Firefox
There are currently no mitigations for the Firefox attack, a researcher told Threatpost.
π Cisco: We've killed another critical hard-coded root password bug, patch urgently π
π Read
via "Security on TechRepublic".
This time a 9.8/10-severity hardcoded password has been found in Cisco's video surveillance software.π Read
via "Security on TechRepublic".
TechRepublic
Cisco: We've killed another critical hard-coded root password bug, patch urgently
This time a 9.8/10-severity hardcoded password has been found in Cisco's video surveillance software.
π΄ Hacking Back: Simply a Bad Idea π΄
π Read
via "Dark Reading: ".
While the concept may sound appealing, it's rife with drawbacks and dangers.π Read
via "Dark Reading: ".
Darkreading
Hacking Back: Simply a Bad Idea
While the concept may sound appealing, it's rife with drawbacks and dangers.
π΄ 'Scan4Yyou' Operator Gets 14-Year Sentence π΄
π Read
via "Dark Reading: ".
A citizen of the former USSR is sentenced to 168 months for running Scan4you, an online counter antivirus service.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Assessing the Human Element in Cyber Risk Analysis β
π Read
via "The first stop for security news | Threatpost ".
The human factor doesn't have to be an intangible when assessing cyber risks within a company.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Assessing the Human Element in Cyber Risk Analysis
The human factor doesnβt have to be an intangible when assessing cyber risks within a company.
β Googleβs Forced Sign-in to Chrome Raises Privacy Red Flags β
π Read
via "The first stop for security news | Threatpost ".
Chrome users are now automatically signed into the browser if they're signed into any other Google service, such as Gmail.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Googleβs Forced Sign-in to Chrome Raises Privacy Red Flags
Chrome users are now automatically signed into the browser if theyβre signed into any other Google service, such as Gmail.
β Adwind RAT Scurries By AV Software With New DDE Variant β
π Read
via "The first stop for security news | Threatpost ".
The spam campaign mostly targets victims in Turkey and Germany.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Adwind RAT Scurries By AV Software With New DDE Variant
The spam campaign mostly targets victims in Turkey and Germany.
π΄ 6 Dark Web Pricing Trends π΄
π Read
via "Dark Reading: ".
For cybercriminals, the Dark Web grows more profitable every day.π Read
via "Dark Reading: ".
Dark Reading
6 Dark Web Pricing Trends
For cybercriminals, the Dark Web grows more profitable every day.
π΄ Microsoft Deletes Passwords for Azure Active Directory Applications π΄
π Read
via "Dark Reading: ".
At Ignite 2018, security took center stage as Microsoft rolled out new security services and promised an end to passwords for online apps.π Read
via "Dark Reading: ".
Darkreading
Microsoft Deletes Passwords for Azure Active Directory Applications
At Ignite 2018, security took center stage as Microsoft rolled out new security services and promised an end to passwords for online apps.
ATENTIONβΌ New - CVE-2015-8298
π Read
via "National Vulnerability Database".
Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm.π Read
via "National Vulnerability Database".
β Cybercriminals Target Kodi Media Player for Malware Distribution β
π Read
via "The first stop for security news | Threatpost ".
A recent cryptomining campaign shows criminal ingenuity.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Cybercriminals Target Kodi Media Player for Malware Distribution
A recent cryptomining campaign shows criminal ingenuity.
π΄ In Quiet Change, Google Now Automatically Logging Users Into Chrome π΄
π Read
via "Dark Reading: ".
The change is a complete departure from Google's previous practice of keeping sign-in for Chrome separate from sign-ins to any Google service.π Read
via "Dark Reading: ".
Dark Reading
In Quiet Change, Google Now Automatically Logging Users Into Chrome
The change is a complete departure from Google's previous practice of keeping sign-in for Chrome separate from sign-ins to any Google service.
π΄ Fault-Tolerant Method Use for Security Purposes in New Framework π΄
π Read
via "Dark Reading: ".
A young company has a new patent for using fault tolerance techniques to protect against malware infection in applications.π Read
via "Dark Reading: ".
Dark Reading
Fault-Tolerant Method Use for Security Purposes in New Framework
A young company has a new patent for using fault tolerance techniques to protect against malware infection in applications.
π PCI compliance slipping for first time in 6 years, but IT remains on top π
π Read
via "Security on TechRepublic".
According to Verizon data, only 52.5% of companies maintained full compliance with payment card industry standards in 2017.π Read
via "Security on TechRepublic".
TechRepublic
PCI compliance slipping for first time in 6 years, but IT remains on top
According to Verizon data, only 52.5% of companies maintained full compliance with payment card industry standards in 2017.
β Have You Received A Call To Replace Your Stripe-Only Card With EMV Chip Card Yet? β
π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Estimated reading time: 2 minutesIn case you have received a reminder from your bank asking you to replace your stripe-only card with an EMV chip card and you have no idea why this change is being implemented, then you are at the right place. As per recent instructions received from the Reserve Bank of India (RBI), it has become mandatory for banks to replace the existing stripe-only debit and credit cards with the EMV (Europay, Mastercard, Visa) chip cards latest by 31 December 2018. This holds true for all domestic and international cards even if their validity extends beyond 31 Dec 2018. In case you are worried about the extra charges for replacing your existing cards, then be rest assured that the banks are replacing the cards absolutely FREE of cost!! So, then why replace your stripe-only cards with the EMV chip cards? Enhanced Security Level The EMV cards or the Chip & PIN cards as they are usually called, use a higher level of storage technology and high standards of data encryption as compared to the magnetic stripe-only cards. For those of you who frequently use their stripe-only debit/credit cards for making transactions at stores, restaurants, etc., would relate to the fact that these cards require a simple swipe at the point of sale (PoS) device in order to complete a transaction. A chip-based debit/credit card on the other hand, requires you to enter the PIN in order to complete the transaction. This provides your card with an extra level of security for safeguarding your digital transaction. These chip-based cards are also effective for mitigating fraudulent PoS transactions, by mandating a second level of authentication in the form of PIN before completing any PoS transaction. While the EMV chip cards also have a magnetic stripe, what makes them secure is the fact that sensitive customer data is encrypted on the chip. This gives fraudsters a hard time to access critical customer information. Prevent Card Cloning Given the increased incidences of card cloning on a global level, the initiative to shift to only chip-based cards is the need of the hour. Card Cloning usually stems from magnetic stripe-only cards that contain static information which can easily be accessed, once the card is used at some ATM that already has a cloning device installed. An EMV chip-based card on the other hand contains dynamic information, which makes it difficult to clone information. The big question though remains to be, βWill this eliminate the risk of card skimming and cloning completely?β Well, the frank answer to this question is that while the scenario of physical card cloning can be eliminated to a great extent with the EMV Chip & PIN cards, the same cannot be held true when it comes to online transactions, as the risk of fraud will continue to exist. So, here are few simple tips to help you protect your cards from cloning or skimming when you swipe at the PoS: As far as possible, try using the EMV chip-based cards instead of magnetic stripe cards for making transactions at PoS since, the EMV cards are safer to use. Take care that the PoS machine is not connected to a cloning or skimming device or any other device that may seem suspicious to you. If possible, try to feel underneath the pin pad for an additional slot to insert a card or chip, especially if you are swiping at a new store. Keep a check on your account balance for fraudulent charges. In case of any suspicious activity, immediately report to your bank requesting them to block your card. The post Have You Received A Call To Replace Your Stripe-Only Card With EMV Chip Card Yet? appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Quick Heal Blog | Latest computer security news, tips, and advice
Have You Received A Call To Replace Your Stripe-Only Card With EMV Chip Card Yet?
In case you have received a reminder from your bank asking you to replace your stripe-only card with an EMV chip card and you have no idea why this change is being implemented, then you are at the right place. As per recent instructions received from theβ¦
β Wendyβs faces class action over collecting staff fingerprints β
π Read
via "Naked Security".
Two former Wendyβs employees want to know what the company does with employee fingerprints collected by biometric clocks.π Read
via "Naked Security".
Naked Security
Wendyβs faces class action over collecting staff fingerprints
Two former Wendyβs employees want to know what the company does with employee fingerprints collected by biometric clocks.
β Woman hijacked CCTV cameras days before Trump inauguration β
π Read
via "Naked Security".
The ransomware attack on DC's outdoor surveillance cameras came just a few days before the 2017 inauguration of President Trump.π Read
via "Naked Security".
Naked Security
Woman hijacked CCTV cameras days before Trump inauguration
The ransomware attack on DCβs outdoor surveillance cameras came just a few days before the 2017 inauguration of President Trump.
β E-commerce transactions: Tips to stay safe when shopping online β
π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Estimated reading time: 2 minutesTodayβs new-generation customer has all the luxuries. At the click of a button (or a touch, on a mobile phone), they can buy literally anything they want. The arrival of online marketplaces like Flipkart, Amazon and thousands of other similar websites means that the basic premise of going out of the house to buy something has become so old-fashioned. From fridges to laptops to basic household items, these e-commerce websites can deliver the entire world to you, often as early as within a day. Of course, though, nothing comes for free. E-commerce websites certainly provide convenience but they bring their own dangers. If you are a customer, you should certainly not panic and completely stop shopping online. But it would be a good idea to practice some caution and keep the below tips in mind: Check the credibility of the website Many people have tried to take advantage of the craze of e-commerce. But not all these websites might be the most credible. Sometimes, hackers might set up an e-commerce website in the plan of getting the personal, financial information from tricked users. You should always check the website you are buying from. Before you place an order, check the websiteβs βAbout Meβ page, search for it on the web or on social media. Its credibility should be ascertained before placing an order. Beware of obvious fakes We are all aware of the leaders of e-commerce, whether it is Amazon or Alibaba or Ebay or from an Indian perspective, platforms like Flipkart, Snapdeal, Jabong, etc. What unscrupulous hackers do is set up obvious fakes, which is also a form of phishing. These websites may be designed exactly like the original website with very minute changes (say, Amazin instead of Amazon). Unless a customer isnβt looking carefully, they may be tricked into believing it is the original website and inadvertently give crucial personal information. Take care of your financial information E-commerce websites require you to part with crucial financial information like your debit & credit card numbers along with personal details like home address and telephone numbers. Be very careful when providing these. It is a good practice to not allow these websites to store your personal data as in the advent of a hacking attack, criminals might get their hands on these details. Be wary of public WiFi It is a good idea not to indulge in shopping when you using a public WiFi network, say in a coffee shop or an airport. Public WiFis are notoriously unsafe and may not have inbuilt security guards. That means any personal information, including your credit card number, is vulnerable to be accessed by hackers who may have hacked into the network. Always do your due diligence Ultimately, it is the responsibility of the shopper to ensure that they are conducting their transactions in a safe environment. While websites also have some responsibility, it is your hard-earned money and hence it is important that you give some thought about that order you are making to ensure you are not tricked. Check the URL and see if it is βhttpsβ and not βhttpsβ as that means an insecure connection. Keep a track of your orders and ensure that youβve received what youβve ordered. Donβt be afraid to get in touch with a vendor, if required for any query. The post E-commerce transactions: Tips to stay safe when shopping online appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Quick Heal Blog
E-commerce transactions: Tips to stay safe when shopping online
Todayβs new-generation customer has all the luxuries. At the click of a button (or a touch, on a...
β Home network security: Do you really need it? β
π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Estimated reading time: 3 minutesWe may not realize it but itβs not just our phones that are smart. In an age of Internet of Things (IoT), there is a lot of hype and hoopla about the connected homes β a concept of houses which will be completely smart and connected. But what we often seem to forget that we already live in smart homes to a large extent. Think about it. Most homes nowadays have devices that are connected to each other and the Internet. Your phones, laptops, desktops are all connected to a WiFi router and maybe, even your smart TV too. All of these devices are interacting with each other to the extent that you can cast things from your phone to the TV if they are on the same network. The risks of a home network While all of this sounds exciting, it is also important to realize that it brings its own risks. Enterprises arenβt the only ones who have to worry about cybersecurity, with the rise of such home networks, itβs extremely important that even homeowners care as much about securing their networks as they do about its physical security. Itβs important to be aware of the risks home networks can possess. Because individuals spent a majority of their time at home, they use the home networks to do a staggering amount of things online. E-commerce, paying bills, entertainment, social networking β you name it and itβs done on the network. That means there is a treasure trove of data out there which makes it a very appealing proposition for a cyber criminal. If anyone gets access to the network, they will able to use this data for a variety of crimes. They can use it to conduct identity theft, use your financial credentials to steal your money or just cause havoc by bringing down your home network. In fact, they can even learn your personal habits and use them against you, say to plan a theft at your house when you are away. Ensure that your home network security is much more secure by following a few simple tips: Wi-Fi passwords should be stronger β This is a no-brainer but again the most important. Most people changer their home WiFi passwords from the default one but keep it something simple which they can easily remember. Worse, they write it down somewhere to remember which can be disastrous if it falls in the wrong hands. Keep strong passwords for your WiFi and ensure you donβt share them with anyone. Router passwords should also be strong β This is not a no-brainer because this is something a lot of people donβt remember to do. Sure, keeping a strong WiFi password is good but even routers have their own login and password. Most of the times, people keep it as default as βadminβ and βpasswordβ, something akin to inviting a cybercriminal with open hands to your door. Take the extra effort and put in a strong password for your router. Keep all devices on the network secure β The router may be secure but what about the devices that are using it to access the Internet. This includes your smartphones and laptops. Malicious software can easily affect one of these devices and then affect the entire network. Keep all your devices secure and updated. Use a firewall for your network β A firewall is an important step in keeping your network secure. Use one and keep it on the highest setting so that you are updated at any attempts at infiltration. Have a cybersecurity solution on all your devices β This goes without saying but in this age of cyberattacks, all your devices need to have a strong cybersecurity solution. Seqrite offers a range of solutions for laptops and mobiles for this very purpose. The post Home network security: Do you really need it? appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Quick Heal Blog | Latest computer security news, tips, and advice
Home network security: Do you really need it?
We may not realize it but itβs not just our phones that are smart. In an age of Internet of Things (IoT), there is a lot of hype and hoopla about the connected homes β a concept of houses which will be completely smart and connected. But what we often...
β AdGuard adblocker resets passwords after credential-stuffing attack β
π Read
via "Naked Security".
AdGuard has taken the decision to reset all user accounts after suffering a credential-stuffing and brute-force password attack.π Read
via "Naked Security".
Naked Security
AdGuard adblocker resets passwords after credential-stuffing attack
AdGuard has taken the decision to reset all user accounts after suffering a credential-stuffing and brute-force password attack.
β Users fret over Chrome auto-login change β
π Read
via "Naked Security".
Users were complaining this week after discovering they'd been logged in to Googleβs Chrome browser automatically, after logging into a Google website.π Read
via "Naked Security".
Naked Security
Users fret over Chrome auto-login change
Users were complaining this week after discovering theyβd been logged in to Googleβs Chrome browser automatically, after logging into a Google website.