A man from Minnesota, Cameron Thomas Crowley, admitted on March 7, 2019, that he hacked state government databases in 2017. Crowley also admitted that he hacked databases belonging to the Minnesota government, a second university, and an unnamed school district. What is the issue – A man from Minnesota, Cameron Thomas Crowley, admitted on March 7, 2019, that he hacked state ...
Read More »Monthly Archives: March 2019
New Forcepoint X-Labs Delivers World’s First Security Lab Dedicated to Behavioral-Intelligence Innovations
World-leading specialists in security research, data science, psychology and counter-intelligence brought together to focus on understanding human behavior and build risk-adaptive cybersecurity solutions Global cybersecurity leader Forcepoint today launched the X-Labs division, the world’s first dedicated research division that combines deep security expertise with behavioral science research. The new X-Labs team will use data insights from the entire Forcepoint product ...
Read More »End of the Line for Windows 7: Open Road for Hackers
Microsoft has been urging customers to upgrade from its Windows 7 operating system, while attempting to ease the transition with several options for extended support. It will stop providing routine fixes and security patches effective January 2020. Regular support for Windows Server 2008 also is scheduled to end at that time. Windows 7 enterprise customers can subscribe to Extended Security ...
Read More »Google reveals Chrome zero-day vulnerability was under active attacks at the time of patch
The vulnerability is a use-after-free vulnerability, a type of memory error that allows an app to access memory after it has been deleted from Chrome’s allocated memory. Google Chrome users are advised to update to Google Chrome version 72.0.3626.121. Google disclosed that the zero-day vulnerability that was patched on March 1, 2019, was under active attacks at the time of ...
Read More »Hackers Revive Microsoft Office Equation Editor Exploit
Hackers used specially-crafted Microsoft Word documents during the last few months to abuse an Integer Overflow bug that helped them bypass sandbox and anti-malware solutions and exploit the Microsoft Office Equation Editor vulnerability patched 15 months ago. According to Microsoft’s security advisory, this memory corruption vulnerability tracked as CVE-2017-11882 impacts unpatched Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, ...
Read More »Security bug in Joomla hands cybercriminals a playground for attack campaigns
Joomla is believed to still contain an old remote code execution (RCE) flaw in its platform. An attacker exploited this flaw and used malicious PHP code to compromise websites as well as bypassed the CMS’ mail service. Popular content management system (CMS) Joomla has been hit with new spam campaigns recently. As per a report by Check Point Research, a ...
Read More »Google revealed yesterday that a patch for Chrome last week was actually a fix for a zero-day that was under active attacks.
The attacks exploited CVE-2019-5786, a security flaw and the only patch included in the Chrome 72.0.3626.121 version, released last Friday, March 1, 2019. According to an update to its original announcement and a tweet from Google Chrome’s security lead, the patched bug was under active attacks at the time of the patch. Google described the security flaw as a memory management error in Google ...
Read More »Police warn of fake anti-virus alert scam
WINCHESTER, Va. (WHSV) — A scam involving fake anti-virus alerts on computers is becoming increasing popular in the Winchester area, prompting the Winchester Police Department to issue a warning to citizens. In one recent case, a woman lost $350 to the scam, while another man lost $250. This is not a new scam by any means, but it remains a dangerous ...
Read More »Adwind RAT resurfaces again, relies on another malware for infection
It now comes as a variant that uses different payloads and spreads mainly through JAR files. In this camapign, the VBS-based infamous worm Houdini is leveraged to infect computer systems. Adwind, a well-known multifunctional malware program which made news in late 2017 has sprung back. A report by McAfee Labs indicated that the remote access tool (RAT) now relies on another malware ...
Read More »Most Firms in India Lack Adequate Cyber Security: Report
The ‘EY Global Information Security Survey 2018-19 – India Edition’ suggested that companies should invest in analytical capabilities as they would enhance threat detection and improve awareness in company board rooms. Cyber security operations at most companies in India are inadequate and do not meet the security needs, a report by Ernst & Young said, here on Thursday. The ‘EY ...
Read More »