Vodafone updates that it knew Huawei 5G espionage secrets 10 years ago

As Huawei is trying hard to convince the world that its 5G equipment is safe from espionage threats, Britain based Telecom company Vodafone has released an update against the Chinese vendor which will surely leave the former in a bit of disappointment. Vodafone says that it has discovered several flaws between 2009 and 2012 in the equipment supplied to an Italian firm by Huawei. This includes internet routers which were alleged to have hidden back doors transmitting data to remote servers located in China. However, a story published in Bloomberg...

Read More

Oracle Weblogic Servers are vulnerable to ransomware attacks

Cisco Talos security researchers have made a recent discovery that a zero-day vulnerability in Oracle Weblogic Servers is making them susceptible to ransomware attacks. Hackers are reported to be using the vulnerability to install a new strain of ransomware called Sodinokibi along with some versions of GandCrab ransomware. What’s astonishing in the recent discovery is that web servers of Oracle often sit between frontend and backend applications leaving limited or no scope for interceptions. These servers do a job rerouting web traffic from backend...

Read More

PRODUCT REVIEW: TrueSight Cloud Security by BMC Software

Today, we are reviewing TrueSight Cloud Security from BMC Software. TrueSight Cloud Security is a SaaS based cloud security and compliance solution with automated scanning and remediation which manages cloud resource configurations consistently, securely, and with an audit trail. The platform also secures containers and container orchestration at the cluster, host, daemon,...

Read More

New Electrum DDoS botnet steals $4.6M after infecting 152,000 hosts

By Ryan De Souza The majority of the bots are located in Brazil and Peru but the number of victims is constantly increasing across diverse regions. Threat actors who previously targeted cryptocurrency wallets through Distributed Denial of Service (DDoS) attacks have now launched another malware loader to facilitate their botnet Trojan. This time, they have used the Smoke Loader […] This is a post from HackRead.com Read the original post: New Electrum DDoS botnet steals $4.6M after infecting 152,000 hosts May 01, 2019 at 12:43...

Read More

The Bitglass Blog

When words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, and other outside entities pose a risk to enterprise security, they are not the only threats that need to be remediated.  Insider threats, which involve either malicious or careless insiders, are another significant threat to corporate data that must be addressed. Fortunately, Bitglass has the latest information on this topic. Read on to learn more. The post The Bitglass Blog appeared first...

Read More

(ISC)² Secure Summit EMEA in Review

On April 16, at the World Forum in The Hague, The Netherlands, (ISC)2 COO Wesley Simpson provided closing remarks to summarize some of the key sessions from the two-day Secure Summit EMEA event as it was wrapping up. To give you a window into the kinds of topics addressed during the Summit, what follows is an excerpt from his address. [Edited for length] Now, to close out...

Read More

Ransomware attacks which will grab your attention in 2019

Ransomware attack has stood as a top malware threat in 2018 and is predicted to dominate as same in 2019. According to a study made by security researchers over 1,100 different ransomware infections are found to be preying on innocent web users in the current cyber landscape.   So, Cybersecurity Insiders brings to you a list of the most popular ransomware attacks of last year which might probably target most of the online users in this year as well. Bad Rabbit– It’s one of the most popular ransomware attacks which have infected enterprises...

Read More

Sensitive data of 80 million US households exposed online

By Uzair Amir The 24 GB database was hosted on a Microsoft cloud server. Another day, another data breach; this time researchers have discovered an unprotected cloud repository containing personal and financial information of more than 80 million US households. This incident reminds us of two similar breaches in which highly sensitive data of 200 million and 82 […] This is a post from HackRead.com Read the original post: Sensitive data of 80 million US households exposed online April 30, 2019 at 08:30...

Read More

Norsk Hydro ransomware attack costs $52 million

Norway based aluminum manufacturer Norsk Hydro has released a press statement today which says that the company could have incurred $52 million or 450 million Norwegian crowns in the 1st quarter. Sources say that the malware attack has made the Oslo based firm to postpone its Q1 earnings update to June 5th this year as several of its restore systems pertaining to reporting, billing and invoicing have to be brought back to normalcy. Norsk Hydro which is the producer and supplier of lightweight metals has mentioned in its media update that it has...

Read More

Phishing attack on the mobile version of Google Chrome users

All those using the mobile version of Google Chrome are hereby requested to make a note of a phishing scam which is taking place in the current cyber landscape. According to a recent media update given by developer Jim Fisher, hackers are seen using a mix of coding and screenshot techniques to trick chrome users into giving up their private info such as passwords and credit card info. Fisher said that the scam has been dubbed as ‘inception bar’ which targets Android mobile users for chrome by using fake address bars that not only use legitimate...

Read More

Change your password: Docker suffers breach; 190k users affected

By Uzair Amir Microsoft says its official Microsoft images hosted in Docker Hub have not been compromised. The company behind Docker, a computer program developed to manage operating-system-level virtualization has announced that it has suffered a data breach and as a result, one of Docker Hub databases have been accessed by unknown hackers. The attack was detected on […] This is a post from HackRead.com Read the original post: Change your password: Docker suffers breach; 190k users affected April 30, 2019 at 04:42...

Read More

5 Cybersecurity Best Practices You Should Be Following Right Now

By Owais Sultan If you have a business and you don’t have an online presence, you’re handicapping yourself. That’s just how it is today. Without harnessing the power of the internet and social media, you’re losing out on a substantial number of customers. But putting yourself and your business out in the digital world exposes you to threats. You […] This is a post from HackRead.com Read the original post: 5 Cybersecurity Best Practices You Should Be Following Right Now April 29, 2019 at 08:09...

Read More

Apple Card and the future of payments

On March 25th 2019, Apple unveiled plans to release a new branded payment offer called “Apple Card” as part of its plans to boost its services business. Apple is increasing its portfolio of services with multiple new announcements in addition to the Apple Card, such as Apple News+, Apple Arcade and Apple TV+. Apple Card, which is set to launch in the US this summer, comes...

Read More

Hackers targeting embassies with trojanized version of TeamViewer

By Ryan De Souza Researchers believe the trojanized version of TeamViewer is being spread by a Russian speaking hacker. The latest report from Check Point reveals that multiple embassies in Europe were targeted with a trojanized version of TeamViewer. The embassies affected in the latest wave of attacks include Nepal, Lebanon, Italy, Kenya, Liberia, Guyana, and Bermuda. See: Hackers […] This is a post from HackRead.com Read the original post: Hackers targeting embassies with trojanized version of TeamViewer April 29, 2019 at 09:11...

Read More

Biometric cards make UK debut in NatWest trial

The UK has officially begun a new era for payments with the introduction of its first biometric debit card. Available for use during a three-month trial period, 200 lucky NatWest and RBS customers will be able to verify their card purchases using their fingerprint instead of a PIN code, even on contactless transactions over £30. The cards, based on Gemalto’s biometric payment...

Read More

Heavy Industrial Companies Grapple with Cybersecurity Problems

Companies in heavy industrial industries such as mining, oil and gas, electricity and chemicals have become a major target for cybercrime. But securing these companies is complicated as they must not only protect their IT infrastructure but also their OT (operational technology) assets. Cybersecurity solutions and tools that work in IT environments do not transfer well to...

Read More

Ransomware attack disrupts Sunday Newspaper edition of The Watertown Daily Times

A ransomware attack which took place on The Watertown Daily Times is said to have encrypted the database of the media company on a partial note. Highly placed sources say that the malware attack led to the disruption of the Sunday and Monday edition of printing and distribution of the daily edition, but did not compromise any info related to personal subscribers or advertisers data. Cybersecurity Insiders learned that the hackers managed to intercept the database of the Johnson Newspaper Corp, impacting the servers used for the content sharing...

Read More

Ransomware attack on Cleveland Hopkins International Airport

A ransomware attack on Cleveland Hopkins International Airport is reported to have disrupted operations pertaining to baggage and flight booking since last Monday. But fortunately, no personal info was accessed by hackers and critical operations at the airport remained unaffected. Frank Jackson, the Mayor of Cleveland has confirmed the impact of the malware on the database of the airport terminal and added that the incident has now been contained and the suspects behind the incident are being tracked down. FBI is reported to have been investigating...

Read More

Google bans apps developed by Chinese company Baidu

Google has made it official that it will be blocking over 100 apps developed by Chinese company ‘Do Global’ which is partly owned by internet service provider Baidu. The Alphabet subsidiary came to this decision after its security engineers reported that the applications developed by ‘Do Global’ and having over 600 million installs on their app store were found circulating malware and acting as access points to launch cyber attacks. So far, over 46 apps were already removed from the play store as the internet juggernaut intends to cancel the app...

Read More

How to Respond to a Cyber Attack on Your Business

By Ryan De Souza Cyber security affects businesses of all sizes, and in every industry. Today it is a board-level agenda item, which has been placed at number three on the Lloyds Risk Register (2013). When it comes to dealing with a cyber attack, every single person involved with the business should be concerned. It affects every team and […] This is a post from HackRead.com Read the original post: How to Respond to a Cyber Attack on Your Business April 28, 2019 at 02:50...

Read More

Watch as hackers send explicit messages to hacked e-scooter riders

By Uzair Amir Lime believes that hackers somehow managed to swap the audio files on eight of the e-scooters. Lime, a Brisbane-based scooter manufacturer, has been testing its E-Scooters on the streets of Brisbane but sadly, the gadgets are in the news for all the wrong reasons. Reportedly, eight e-scooters manufactured by Lime have been taken off the […] This is a post from HackRead.com Read the original post: Watch as hackers send explicit messages to hacked e-scooter riders April 28, 2019 at 03:32...

Read More

7 Times Apple Watch Saved Lives

By Uzair Amir Technology is advancing day by day to make human life better and safe. This advancement in the technological fields are beneficial if used positively and can be extremely harmful when used in a negative way. It’s in the user’s hand whether to use it for beneficial purpose or for harm to his and other’s life. […] This is a post from HackRead.com Read the original post: 7 Times Apple Watch Saved Lives April 28, 2019 at 12:46...

Read More

Best VPN for Torrenting

Is torrenting illegal? Can the government take legal actions against you if you begin torrenting? These are questions people ask every day. The conclusion is basically you cannot be arrested for simply using the service. However, legal action could be taken against you by a copyright holder. This is usually the case and copyright holders can be relentless. Is it worth the risk? Is an illegally downloaded movie worth dealing with legal action? The legal actions can range from a hefty fine to imprisonment. Torrenting is different from downloading...

Read More

CloudPassage named in Top 8 Cloud Security Solution Providers by Datamation

CloudPassage was named one of the Top 8 Cloud Security Solution Providers by Datamation, a property of eWeek. This is another in a series of awards and recognition for the Halo platform, along with a recent 5-star rating by SC Magazine. Halo is an automated public cloud infrastructure security solution that delivers comprehensive visibility, protection, and continuous compliance monitoring for compute, storage, database, networking, and identity services to reduce cyber risk. In Datamation’s side-by-side product comparison, Halo was the only cloud...

Read More

Thousands of firms hit by Beapy malware using NSA hacking tools

By Ryan De Souza EternalBlue and DoublePulsar hacking tools are back in action. Symantec security researchers have identified that cybercriminals are still utilizing the classified exploits/hacking tools of the National Security Agency (NSA), which were stolen about two years back. The new malware has been dubbed Beapy by researchers. Beapy is a new malware that makes use of leaked […] This is a post from HackRead.com Read the original post: Thousands of firms hit by Beapy malware using NSA hacking tools April 26, 2019 at 09:44...

Read More

Browser-based cyber attacks are surging up like Ransomware attacks

A recent survey conducted by RiskIQ says that browser-based cyber attacks are on rising and getting on par with ransomware and phishing with regards to seriousness. Researchers say that such attacks are appearing in different forms such as Magecart, Cryptocurrency mining, FingerPrinters, Waterholing and such were injecting malicious scripts is seen as a common feature in such attacks. RiskIQ feels that many organizations are either unaware of such attacks or do not know about their severity. Technically speaking there is a lot of info which can...

Read More

Best practices for securing your Azure SQL

This post was originally published here by gregg rodriguez. Azure SQL enables you to maintain the security, integrity and consistency of your data, which is critical when customer information is at stake, but it requires using a new approach to security. In Azure, you can have your SQL Server workloads running in a hosted infrastructure (IaaS) or running as a hosted service (PaaS). Within PaaS, you have multiple deployment options and service tiers within each deployment option. The decision between PaaS or IaaS comes down to deciding...

Read More

THE TIME IS NOW TO BUILD ON WOMEN’S CYBERSECURITY GAINS

This post was originally published here by  (ISC)² Management. There’s never been a better time to be a woman in cybersecurity than now. Granted, there are many gains to be made still, but recent research about progress already made by women in the field is very encouraging. Although the industry is dominated by men, so many computing pioneers, such as the people who...

Read More

Canada might ban Facebook in the region for breaching data privacy laws

The Canadian Data Watchdog has made it public that it might impose a ban on the operations carried over by Facebook (FB) in this region. The office of the Privacy Commissioner claims that the social media giant failed to keep up its public promise to mend its ways on handling its user data and addressing privacy concerns. Daniel Therrien, the Privacy Commissioner of Canada said that the law doesn’t allow the governing agency to levy a financial penalty on the Mark Zuckerberg led company due to various concerns. But the Watchdog does have the right...

Read More

Ride-hailing app leaks personal data of millions of Iranians

By Ryan De Souza The ride-hailing app database was hosted on an insecure MongoDB server. Another day, another data breach – This time, security researchers have identified a ride-hailing app exposing personal data of 1 to 2 million Iranian drivers, thanks to an insecure MongoDB database. The database (labeled named ‘doroshke-invoice-production) was discovered by Security Discovery’s researcher Bob Diachenko […] This is a post from HackRead.com Read the original post: Ride-hailing app leaks personal data of millions of Iranians April 26, 2019 at...

Read More

Avengers: End Game leaked online soon after releasing in China

By Uzair Amir Avengers: End Game has been leaked online because why not?  Marvel’s latest and perhaps the most anticipated flick ever to be released Avengers: End Game has become an object of controversy lately as hackers and cybercriminals are trying their best to benefit from the movie’s widespread, intense hype. See: Top The Pirate Bay Alternatives – […] This is a post from HackRead.com Read the original post: Avengers: End Game leaked online soon after releasing in China April 25, 2019 at 09:11...

Read More

The Time Is Now to Build on Women’s Cybersecurity Gains

By Deshini Newman, Managing Director, EMEA, (ISC)² There’s never been a better time to be a woman in cybersecurity than now. Granted, there are many gains to be made still, but recent research about progress already made by women in the field is very encouraging. Although the industry is dominated by men, so many computing pioneers, such as the people who programmed the first...

Read More

Hong Kong’s Amnesty International hit by China’s APT Groups Cyber Attack

London based Amnesty International’s Hong Kong is reported to be reigning under the cyber attack from years and Chinese APT Group is suspected to be behind the campaign. The attack was discovered amidst growing concerns over Chinese global dominance in telecommunication networks- especially after the ban on Huawei’s 5G network equipment supply to different countries. Highly placed sources say that the attack was detected when the human rights group chose to migrate its IT assets to a more secure international network. And as a part of the scheduled...

Read More

DNSpionage group’s Karkoff malware selectively pick victims

By Ryan De Souza Karkoff creates a timeline of the command execution which can be “extremely” useful when responding to this type of threat. The IT security researchers at Cisco’s Talos threat research team have discovered a new malware that has been developed by the threat actors behind the infamous DNSpionage campaign – The researchers are calling it Karkoff, […] This is a post from HackRead.com Read the original post: DNSpionage group’s Karkoff malware selectively pick victims April 25, 2019 at 04:45...

Read More

Follow these 3 mobile security measures to protect your Enterprise Networks

Following in-depth mobile security, the strategy can help protect your enterprise network from security, privacy, and compliance related cyber threats which often emerge from vulnerable mobile apps. It’s like strengthening the defense line against major threats which have the greatest potential impact and this simple move will help mitigate 80% of security risks. But here arises the big question and that is on how to devise an in-depth security strategy….? To make things easy for the corporate CTOs and CIOs; Cybersecurity Insiders brings to you...

Read More

Cyber Threat alert for those using Internet Explorer

A security researcher named John Page has discovered a flaw in Microsoft’s Internet Explorer (IE) browser which is reported to allow hackers to sneak into the victim files even if they are not using it. John said that the said browser of Microsoft is vulnerable to XML External Entity Attack if in case a user opens a specially crafted.MHT file locally. The security research claims that when a victim opens such files, it will allow remote hackers to exfiltrate into the local files and conduct remote scouting on the program version info which is locally...

Read More

2019 Insider Threat Solutions Guide

Shortcuts: Solution Evaluation Criteria | Insider Threat Solution Vendors Attacks launched by hackers, malware authors, cyber criminals, and other bad actors account for a lot of the cyber security-related headlines we see today. And when most people think of cyber incidents, they imagine them coming from external sources. That doesn’t mean all significant security incidents come from outside the organization, however. Plenty of intrusions and incidents are the responsibility of disgruntled employees who have both the motive and the opportunity...

Read More