State Bank of India (SBI), the country’s biggest lender, has issued a warning that account holders are being tricked into offering up personal banking details. According to a report in BGR, SBI said messages from WhatsApp and other social media platforms are tricking customers into sharing details of their accounts. The hackers are tricking the users by first sending a message in an effort ...
Read More »Blog
Stolen email credentials being used to pry into cloud accounts
Malicious actors are using the massive supply of previously stolen login credentials to help brute force their way into high-profile cloud-based business systems that cannot easily use two-factor authentication for security. Proofpoint researchers found the availability of these tools has powered a massive increase in the number of cloud attacks taking place which in turn enable the attackers to possibly ...
Read More »RSAC 2019: For Domestic Abuse, IoT Devices Pose New Threat
When it comes to domestic abuse, smart products around the house are turning into new threats, a panel of experts said at RSA. SAN FRANCISCO – The influx of connected products in the home – from smart thermometers to connected locks – presents a disturbing new threat surface for victims of domestic abuse. That’s what Lisa Green, senior director of ...
Read More »Software maker Citrix hacked, business documents removed
Acting on a tip from the FBI, Citrix has investigated and confirmed that its network has been penetrated and data had been exfiltrated by an outside force. Neither the extent of nor the specifics of what has been removed has been determined, but in a statement Citrix said business documents have been accessed and downloaded by malicious actors. The FBI contacted Citrix ...
Read More »Another Windows zero-day vulnerability revealed by Google
The security vulnerability is said to affect Windows 7 systems particularly those with the 32-bit version. This flaw leads to a privilege escalation in the Windows kernel driver allowing malicious components to evade security sandbox. Right after a Chrome security flaw was fixed by Google, another vulnerability existing in Microsoft’s Windows was disclosed by the tech giant. According to Google’s ...
Read More »Minnesota man admits to hacking government databases
A man from Minnesota, Cameron Thomas Crowley, admitted on March 7, 2019, that he hacked state government databases in 2017. Crowley also admitted that he hacked databases belonging to the Minnesota government, a second university, and an unnamed school district. What is the issue – A man from Minnesota, Cameron Thomas Crowley, admitted on March 7, 2019, that he hacked state ...
Read More »New Forcepoint X-Labs Delivers World’s First Security Lab Dedicated to Behavioral-Intelligence Innovations
World-leading specialists in security research, data science, psychology and counter-intelligence brought together to focus on understanding human behavior and build risk-adaptive cybersecurity solutions Global cybersecurity leader Forcepoint today launched the X-Labs division, the world’s first dedicated research division that combines deep security expertise with behavioral science research. The new X-Labs team will use data insights from the entire Forcepoint product ...
Read More »End of the Line for Windows 7: Open Road for Hackers
Microsoft has been urging customers to upgrade from its Windows 7 operating system, while attempting to ease the transition with several options for extended support. It will stop providing routine fixes and security patches effective January 2020. Regular support for Windows Server 2008 also is scheduled to end at that time. Windows 7 enterprise customers can subscribe to Extended Security ...
Read More »Google reveals Chrome zero-day vulnerability was under active attacks at the time of patch
The vulnerability is a use-after-free vulnerability, a type of memory error that allows an app to access memory after it has been deleted from Chrome’s allocated memory. Google Chrome users are advised to update to Google Chrome version 72.0.3626.121. Google disclosed that the zero-day vulnerability that was patched on March 1, 2019, was under active attacks at the time of ...
Read More »Hackers Revive Microsoft Office Equation Editor Exploit
Hackers used specially-crafted Microsoft Word documents during the last few months to abuse an Integer Overflow bug that helped them bypass sandbox and anti-malware solutions and exploit the Microsoft Office Equation Editor vulnerability patched 15 months ago. According to Microsoft’s security advisory, this memory corruption vulnerability tracked as CVE-2017-11882 impacts unpatched Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, ...
Read More »