Archive for the ‘cyber security’ Category
Zombieload is back.
This time a new variant (v2) of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants (RIDL and Fallout).
Initially discovered in May this year, ZombieLoad is one of the three novel types of microarchitectural data
Posted in cyber security, hacking news, intel chipset, intel processor, intel vulnerability, MDS attacks, side channel vulnerability, Skylake Processor, speculative execution, Vulnerability, Zombieload Attack | Comments (0)
Complying with cyber regulations forms a significant portion of the CISO's responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products.
But regulations come in multiple different colors and shapes – some are tailored to a specific vertical, while others are industry-agnostic. Some bare explicit consequences for failing to comply
Posted in cyber security, Cyber Security Certifications, Enterprise Security, HIPAA, IT Compliance, PCI DSS | Comments (0)
A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs.
Trusted Platform Module (TPM) is a specialized hardware or firmware-based security solution that has been designed to store and protect
Posted in cryptography, cyber security, encryption keys, hardware security, Intel CPU, intel processor, Intel Server Chipsets, TPM Chip, Trusted Platform Module | Comments (0)
ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum users, the company confirmed The Hacker News.
With nearly 100 million downloads, ZoneAlarm offers antivirus software, firewall, and additional virus protection solutions to home PC users, small businesses, and mobile
Posted in antivirus, Check Point, cyber security, cyber security software, data breach, forum software, hacking forum, hacking news, vbulletin, ZoneAlarm | Comments (0)
Two former employees of Twitter have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government, likely with the purpose of unmasking the identity of dissidents.
According to an indictment filed on November 5 and unsealed just yesterday, one of the charged Twitter employees, American citizen Ahmad Abouammo, left the company in May 2015 and the
Posted in cyber security, hacking twitter account, how to hack Twitter, Twitter, twitter security | Comments (0)
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS."
Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections.
In short, the new TLS protocol extension aims
Posted in browser security, cyber security, Delegated Credentials, Delegated Credentials for TLS, server security, ssl security, SSL TLS security, TLS encryption, website encryption, website security | Comments (0)
The end of the year is coming, and it's time for security decision-makers to make plans for 2020 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced.
The Definitive2020 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an
Posted in cyber security, cyber security compliance, Enterprise Security, security | Comments (0)
If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you.
A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow
Posted in cyber security, Network Device Management, network security, networking, php security, rConfig, remote code execution, Zero-Day Vulnerability | Comments (0)
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.
With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are
Posted in cyber security, Google Chrome, hacking news, Use-After-Free Vulnerabilities, website security, windows security, zero-day attack, Zero-Day Vulnerability | Comments (0)
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals.
Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center
Posted in Chinese Hackers, cyber security, hack smartphone, hacking sms, how to hack, intercept sms, SMS security, Telecom company | Comments (0)