Archive for the ‘cyber security’ Category

New ZombieLoad v2 Attack Affects Intel’s Latest Cascade Lake CPUs

November 13th, 2019
Zombieload is back. This time a new variant (v2) of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants (RIDL and Fallout). Initially discovered in May this year, ZombieLoad is one of the three novel types of microarchitectural data

Posted in cyber security, hacking news, intel chipset, intel processor, intel vulnerability, MDS attacks, side channel vulnerability, Skylake Processor, speculative execution, Vulnerability, Zombieload Attack | Comments (0)

The Comprehensive Compliance Guide (Get Assessment Templates)

November 13th, 2019
Complying with cyber regulations forms a significant portion of the CISO's responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products. But regulations come in multiple different colors and shapes – some are tailored to a specific vertical, while others are industry-agnostic. Some bare explicit consequences for failing to comply

Posted in cyber security, Cyber Security Certifications, Enterprise Security, HIPAA, IT Compliance, PCI DSS | Comments (0)

Researchers Discover TPM-Fail Vulnerabilities Affecting Billions of Devices

November 13th, 2019
A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs. Trusted Platform Module (TPM) is a specialized hardware or firmware-based security solution that has been designed to store and protect

Posted in cryptography, cyber security, encryption keys, hardware security, Intel CPU, intel processor, Intel Server Chipsets, TPM Chip, Trusted Platform Module | Comments (0)

Hackers Breach ZoneAlarm’s Forum Site — Outdated vBulletin to Blame

November 11th, 2019
ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum users, the company confirmed The Hacker News. With nearly 100 million downloads, ZoneAlarm offers antivirus software, firewall, and additional virus protection solutions to home PC users, small businesses, and mobile

Posted in antivirus, Check Point, cyber security, cyber security software, data breach, forum software, hacking forum, hacking news, vbulletin, ZoneAlarm | Comments (0)

Explained: How New ‘Delegated Credentials’ Boosts TLS Protocol Security

November 6th, 2019
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections. In short, the new TLS protocol extension aims

Posted in browser security, cyber security, Delegated Credentials, Delegated Credentials for TLS, server security, ssl security, SSL TLS security, TLS encryption, website encryption, website security | Comments (0)

PPT Template: Build Your 2020 Security Plan

November 5th, 2019
The end of the year is coming, and it's time for security decision-makers to make plans for 2020 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive2020 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an

Posted in cyber security, cyber security compliance, Enterprise Security, security | Comments (0)

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

November 3rd, 2019
If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you. A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow

Posted in cyber security, Network Device Management, network security, networking, php security, rConfig, remote code execution, Zero-Day Vulnerability | Comments (0)

New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!

November 1st, 2019
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are

Posted in cyber security, Google Chrome, hacking news, Use-After-Free Vulnerabilities, website security, windows security, zero-day attack, Zero-Day Vulnerability | Comments (0)

Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages

October 31st, 2019
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center

Posted in Chinese Hackers, cyber security, hack smartphone, hacking sms, how to hack, intercept sms, SMS security, Telecom company | Comments (0)