New Internet startup to offer more Data Privacy controls

Tim Berners-Lee, the inventor of World Wide Web is all set to unveil a ‘New Internet’ which promises to give users full control on the data they share with other internet services providers like Facebook, Google, and Amazon. Inrupt, an app based web search system will allow users to regulate what personal info they would like to share on the web and how that info is stored by the big service providers. Lee said that Inrupt will allow users to create a personal online data store called POD. And in that, they can store all the info like contacts...

Read More

British Watchdog to slap £1.25 Billion penalty on Facebook for recent Cyber Attack

Last weekend turned into a nightmare for Facebook users as their favorite social media platform officially disclosed that a cyber attack on its database could have leaked sensitive info of over 50 million users to hackers. As the investigation is still going on, the exact number of compromised accounts remains unclear and might be revealed by this weekend by the authorities. Meanwhile, British data Watchdog has taken a review of the situation and is intending to impose a £1.25 billion fine on the world’s top social networking giant for showing...

Read More

Over 50 million account info leaked in Facebook Cyber Attack

Facebook shared a blog post today which says that it’s “View As” feature had the potential to allow hackers to take over Facebook accounts. And the flaw could have compromised information of more than 50 million accounts info to hackers. The social media giant has however declared that the discovered flaw was fixed and its users need not change their account passwords in a rush. Although the investigation is still underway, a technical source from Facebook’s backend team reveals that the “View As” flaw allowed cyber crooks to gain access to tokens...

Read More

Hacker vows to delete Mark Zuckerberg’s Facebook account; reports it for bounty instead

By Waqas Hacker Cancels Plan to Live Stream Deletion of Mark Zuckerberg’s Facebook Account. It was just yesterday when Facebook announced that it was hacked after attackers exploited a vulnerability in its View As feature and gained access to over 50 million accounts. Now, a well-known hacker from Taiwan, Chang Chi-yuan made headlines for a rather intriguing […] This is a post from HackRead.com Read the original post: Hacker vows to delete Mark Zuckerberg’s Facebook account; reports it for bounty instead September 30, 2018 at 02:19...

Read More

YouTuber reveals iPhone XS passcode bypass bug exposing contacts/photos

By Waqas With new iPhone XS out, it is a universally believed fact that Apple is committed to improving, and enhancing user privacy and security in its devices. With the new iOS 12 and iOS 12.1 beta, the Cupertino-based company claims to have taken security to a whole new level. However, this claim is questioned after numerous […] This is a post from HackRead.com Read the original post: YouTuber reveals iPhone XS passcode bypass bug exposing contacts/photos September 29, 2018 at 02:57...

Read More

Facebook hacked: Hackers steal access tokens of 50 million accounts

By Waqas Hackers exploited a vulnerability in the “View As” feature of Facebook. The social media giant Facebook has announced that it has suffered a massive cyber attack, resulting in  50 million users account impacted. In a statement, the vice president of product management at Facebook, Guy Rosen said that hackers exploited a vulnerability in Facebook’s ‘view as’ feature which […] This is a post from HackRead.com Read the original post: Facebook hacked: Hackers steal access tokens of 50 million accounts September 28, 2018...

Read More

Demonoid goes offline with owner missing in action for last two months

By Waqas It has been many days since a popular, semi-private BitTorrent tracker Demonoid has remained offline. The employees working for this website are also clueless about what’s happening and claim that the owner of Demonoid, Deimos, is also missing. None of them have had any contact with him for the past two months. Demonoid has been […] This is a post from HackRead.com Read the original post: Demonoid goes offline with owner missing in action for last two months September 28, 2018 at 09:09...

Read More

Fancy Bear’s VPNfilter malware is back with 7 new modules

By Waqas Cisco’s Talos researchers have identified that Russia’s VPNfilter is way more dangerous than it is believed to be. The malware, which prompted the FBI to urge people to reboot their internet routers, contains seven additional third-stage modules that are infecting countless global networking devices since 2016. The infected devices are mainly located in Ukraine as […] This is a post from HackRead.com Read the original post: Fancy Bear’s VPNfilter malware is back with 7 new modules September 27, 2018 at 11:37...

Read More

Firefox Monitor will Notify you When Your Account is Hacked- Mozilla

By Waqas Firefox has joined hands with Have I Been Pwned for this project. Mozilla introduced a new service earlier this year called Firefox Monitor, and now the company is adding a new feature to this service. The newly added feature will take scrutiny to a whole new level by allowing users to sign up for getting […] This is a post from HackRead.com Read the original post: Firefox Monitor will Notify you When Your Account is Hacked- Mozilla September 27, 2018 at 07:46...

Read More

11 million personal unprotected MongoDB records leaked online

By Uzair Amir Another day, another trove of sensitive data exposed online. This time, a MongoDB database containing a whopping 43.5GB of the dataset used in marketing campaigns has been left exposed for public access. The data was discovered by Bob Diachenko, an independent security researcher who noted that the database was available on an unprotected MongoDB hosted on Grupo-SMS hosting and […] This is a post from HackRead.com Read the original post: 11 million personal unprotected MongoDB records leaked online September...

Read More

Exploring the Way Technology Has Changed Entertainment

By Carolina There is little doubt that technology has influenced people’s lives in many ways. Not only are you more likely to have a mobile phone in your pocket, but you are also likely to use the internet many times per day. While technology has brought a lot of great ideas to business and the way people […] This is a post from HackRead.com Read the original post: Exploring the Way Technology Has Changed Entertainment September 27, 2018 at 04:09...

Read More

SingHealth server did not receive security updates for fourteen months

SingHealth, the largest healthcare group of Singapore disclosed to the world on July 19th this year that it became a victim of a cyber attack where hackers succeeded in accessing personal data of more than 1.5 million people and medicine dispense details of about 160,000 people. Furthermore, reports emerged that the hack also gave access to critical info related to the health of Lee Hsien Loong, the Prime Minister of Singapore. Now, after two months of detailed inquiry, it has been revealed that the servers of the Singhealth haven’t received security...

Read More

How to Protect Data in a BYOD World

This post was originally published here by Mike Schuricht. Every day, more and more corporate information is moving to employees’ personal devices. This rise of BYOD (bring your own device) provides increased flexibility and productivity to employees and, consequently, the organizations for which they work. However, it also creates new cybersecurity concerns. Traditional tools built for corporate-owned, managed devices are not ideal for this new BYOD landscape. Learn more by watching the below Glass Class.  For more information...

Read More

Hackers are extensively using Python language in their cyber attack tools

Imperva, a Cybersecurity software and services provider came to a recent conclusion that the world’s most popularly used programming language ‘Python’ is being widely used by hackers in their cyber attack tools, The Redwood City-based company came to the above-said conclusion after finding more than 20% of GitHub Repositories filled with tools to launch cyber attacks and proof of concept exploits- all written in Python. In virtually every security-related topic in GitHub, the majority of the repositories are being written in Python, including tools...

Read More

Ransomware hits servers at Port of San Diego

A sophisticated cyber attack involving Ransomware is said to have disrupted one or more computer servers at the IT facility of the Port of San Diego. It’s said that the port officials identified the attack at first on Tuesday and then investigated it further to identify that the servers related to Harbor Police and the port employees were hit by a malware variant known as Ransomware. After getting a confirmation of the issue, Randa Coniglio, CEO, Port of San Diego released a press statement yesterday saying that the servers of the company were...

Read More

One Day, NCSAM will be a Fond Memory

October is National Cyber Security Awareness Month (NCSAM), and I thought it would be a neat idea to offer some ideas about best practices for good passwords.  Since I have written about this before, I figured it would be the easiest thing ever, especially with all the advances in password management technology, and the new NIST Guidelines.  I could talk about the...

Read More

CISSP Spotlight: Shinji Abe

Name: Shinji Abe Title: Director Employer: NTT Security (Japan) KK Degree: Bachelor of Science, Master of Science in Quantum Physics Years in IT: 11 Years in cybersecurity: 7 Cybersecurity certifications: CISSP   How did you decide upon a career in cybersecurity? I started my career as a system engineer. I became involved in information security after some systems managed...

Read More

CloudPassage a Cybersecurity Distinguished Vendor

This post was originally published here by jeff baumgarten. This has been the year of cybersecurity, or one of data breaches. Depending on where you stand. In any case, it’s been a busy year for the cybersecurity industry and for companies trying to lock down their cloud security strategies. With digital transformation in the air, more and more enterprises and organizations of all sizes are moving to the cloud and in turn expanding their overall security attack surface as well as their potential for exposure. 66% of IT professionals say security...

Read More

Why CMOs Should Care About Cybersecurity

This post was originally published here by jeff baumgarten. Everyone from Deloitte to Ad Age to Forbes and many more are talking about why CMOs should care about cybersecurity and become more involved in the overall strategy. That makes sense as security moves beyond the purview of IT and becomes more of a board-level issue.   Having...

Read More

WhatsApp founder data privacy war with Facebook turns Murky

WhatsApp Co-Founder Brian Acton data privacy war with Facebook has turned out murky when Facebook Executive David Marcus gave a fitting reply to the latter’s claim on Forbes. In an interview to Forbes a few days ago, Acton said that after acquiring his company for $19 billion, Mark Zuckerberg and his team were planning to monetize the app by putting the data privacy of users at risk. Marcus gave a befitting reply to Acton yesterday by accusing him of slowing down the progress of the messaging app. He added in his statement that Facebook has a practice...

Read More

Fujitsu and UTC team up for setting up Cybersecurity College

Fujitsu in association with University Technical Colleges (UTC) located across England has decided to set up an information security college to address the national and global shortage of professionals in the field of Cyber Security. The newly established technical college will aim to prepare students aged in between 14-19 for the job market of the cyber world and is in a strong hope that it will succeed in bridging the gap between security resources and skills by 2021. As per a study conducted by UTC, there could be a shortage of 1.8 million information...

Read More

CISSP-ISSAP Spotlight: Patrick Liu

Name: Patrick Wai Keun Liu Title: Deputy Chief Information Security Officer Employer: DBS Bank (Hong Kong) Limited Degree: Computer Engineering Years in IT: 20 Years in cybersecurity: 15+ Cybersecurity certifications: CISSP-ISSAP, CRISC, CGEIT, CIA, CISA, ABCP   How did you decide upon a career in cybersecurity? I started my cybersecurity career as a customized professional...

Read More

Why CMOs Should Care About Cybersecurity

Everyone from Deloitte to Ad Age to Forbes and many more are talking about why CMOs should care about cybersecurity and become more involved in the overall strategy. That makes sense as security moves beyond the purview of IT and becomes more of a board-level issue.   Having seen cybersecurity  from publicly-traded company and venture-backed perspectives, I wanted...

Read More

Take Ownership of the Keys to Your Data with Gemalto at GovWare 2018!

According to Gemalto’s 2017 Breach Level Index Report, publicly reported data breaches compromised more than 2.5 billion data records as a result of 1,765 security incidents throughout the year. North America made up the bulk of these incidents at 1,514 security events, or 86 percent of the total. The Asia/Pacific region had just 113 incidents. Although the findings from the...

Read More

Facing the Facts about Digital Identity Interfaces

...

Read More

One in 100 emails are Malicious

FireEye, a Milpitas based publicly listed Cyber Security company has discovered in its latest study that one in 100 emails are malicious. That means they are being crafted to trick people to surrender their personal details or download malware on to the recipient computers. And the results were declared only after analyzing half a billion emails sent in the first half of this year. Researchers from the Californian security firm suggest that less than a 3rd of emails sent are considered clean i.e they pass through the spam filters to be delivered...

Read More

Free GDPR Course for Members

(ISC)² is committed to enriching our professional development course offerings to members. That’s why we’re excited to announce a free course is now available – GDPR for Security Professionals: A Framework for Success. The course is online and self-paced to work with your busy schedule. We know the GDPR deadline has come and gone, but that doesn’t mean that the work is over....

Read More

Banking trojan found in call recorder app on Play Store – stole over €10,000

By Waqas Android is one of the most vulnerable mobile operating systems with hackers developing new Android malware and banking trojan every 17 seconds. Then, there is Google and questionable security measures to protect users from sophisticated and persistent malware attacks. Recently, Lukas Stefanko, an IT security researcher at ESET has discovered a nasty piece of banking trojan targeting […] This is a post from HackRead.com Read the original post: Banking trojan found in call recorder app on Play Store – stole over €10,000 September...

Read More

empow Adds Native UEBA Functionality to Become First SIEM to Automatically Detect and Respond to Threats Across the Entire Cyber Kill Chain

empow’s native artificial intelligence, natural language processing and cause-and-effect analytics now ingest user and account activity logs to correlate all data source types covering all stages of the attack lifecycle. empow, creators of a new kind of security information and event management (SIEM) system that detects and responds to cyber-attacks in real time and without rules, announced it has added native User/Entity Behavior Analytics (UEBA) functionality to its SIEM. With this capability, the empow SIEM now provides automated detection...

Read More

Cyber Attack automation turning lethal

Alert Logic, a Houston based security company has issued an alert that cyber attack automation will prove lethal to companies in coming months regardless of size and their operations. The security firm came to a conclusion after analyzing the data from more than 1.2 billion anomalies, 7.2 million security events and 250,000 verified security incidents across its customer base over a fourteen month period between 2017 and 2018. As cyber attacks are now being launched through software automation the threats are having the potential to subvert traditional...

Read More

US Merger and Acquisition market reaches $60 billion mark in September

United States Merger and Acquisition market have witnessed a flurry of activity in September this year with the deals reaching the mark of $60 billion. Experts suggest that out of all only 4 major deals have captured the interest of the industry to date. And Comcast winning the bid of UK Company Sky stands tall among them. Next is the deal of Randgold Resources buying Barrick Fold and Michael Kors acquiring Versace. Pandora was purchased by Sirius XM. If we discuss the biggest takeover in European market History, Fox buying Sky was much speculated...

Read More

Will Microsoft try to monopolize its security services after Google

We all know that in coming years usage of Google services will all depend upon the patriotism of the users towards the web search giant. That’s because most of the mobile computing devices we use by then will be operating on OSes released by the subsidiary of the Alphabet, Inc and will only entertain the online services offered by the company. Security experts suggest that the world’s top technology companies like Microsoft, Amazon, Facebook, and Google will try to monopolize the market in next 5 years. What they mean is that most of the said companies...

Read More

Extortion, the Cloud, and the Geopolitical Landscape – Black Hat 2018 Survey Results

At Black Hat 2018, we surveyed attendees on diverse topics ranging from how to react to extortion, what impact the geopolitical landscape is having on the industry, and whether the shiny veneer of the cloud is beginning to fade. Our Security Advocate, Javvad Malik, has put together an excellent report on the survey. The report is based on our survey at the AlienVault...

Read More

MadoMiner Part 1 – Install

2018 seems to be a time for highly profitable cryptominers that spread over SMB file-shares.  Following my analysis on ZombieBoy in July, I found a new malware sample that I’m calling MadoMiner.  With the help of Chris Doman, I was able to analyze it to discover that it uses techniques similar to ZombieBoy, because it hijacks Zombieboy’s CPUINFO.exe.  However,...

Read More