Visiting a website certified with an SSL certificate doesn’t mean that the website is not bogus. Secure Sockets Layer (SSL) protect the web users in two ways, it uses public key encryption to encrypt sensitive information between a user’s computer and a website, such as usernames, passwords, or credit card numbers and also verify the identity of websites. Today hackers ...
Read More »Cyber Security News
Chinese Man Jailed For Selling VPNs that Bypass Great Firewall
In an effort to continue its crackdown on VPNs, Chinese authorities have arrested a 26-year-old man for selling VPN software on the Internet. China’s Supreme Court has sentenced Deng Jiewei from Dongguan in Guangdong province, close to Hong Kong, to nine months in prison for selling virtual private network (VPN) software through his own small independent website.VPN encrypts users’ Internet traffic and ...
Read More »Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers
Security researchers have discovered a critical remote code execution vulnerability in the popular Apache Struts web application framework, allowing a remote attacker to run malicious code on the affected servers. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for developing web applications in the Java programming language, which supports REST, AJAX, and JSON. The vulnerability (CVE-2017-9805) is a programming blunder that ...
Read More »Game of Thrones and HBO — Twitter, Facebook Accounts Hacked
The Game of Thrones hacking saga continues, but this time it’s the HBO’s and GOT’s official Twitter and Facebook accounts got compromised, rather than upcoming episodes. As if the leak of episodes by hackers and the accidental airing of an upcoming episode of Game of Thrones by HBO itself were not enough, a notorious group of hackers took over the official Twitter ...
Read More »Cyberspies Are Using Leaked NSA Hacking Tools to Spy On Hotels Guests
An infamous Russian-linked cyber-espionage group has been found re-using the same leaked NSA hacking tool that was deployed in the WannaCry and NotPetya outbreaks—this time to target Wi-Fi networks to spy on hotel guests in several European countries. Security researchers at FireEye have uncovered an ongoing campaign that remotely steals credentials from high-value guests using Wi-Fi networks at European hotels and attributed it to the Fancy ...
Read More »Hackers Hijacked Chrome Extension for Web Developers With Over 1 Million Users
From past few years, spammers and cyber criminals were buying web extensions from their developers and then updating them without informing their users to inject bulk advertisements into every website user visits in order to generate large revenue. But now they have shifted their business model—instead of investing, spammers have started a new wave of phishing attacks aimed at hijacking ...
Read More »Security Vulnerability management enhances cyber security defense for businesses
Over the last several years, the number and magnitude of cyber security breaches has steadily increased. To date, numerous institutions, big and small, both private and public, have disclosed that databases containing customer identities and other private information have been exposed and compromised. Yet, there is hope for organizations and their employees alike, in the form of sophisticated cyber defense tools ...
Read More »Source Code For SLocker Android Ransomware That Mimics WannaCry Leaked Online
Bad news for Android users — Source code of for one of the oldest mobile and popular Android ransomware families has been leaked online, making it available for cyber criminals who can use it to develop more customised and advanced variants of Android ransomware. Source code for the SLocker ransomware, which saw a six-fold increase in the number of new versions over ...
Read More »What is the hype around Firewall as a Service?
Admit it. Who would not want their firewall maintenance grunt work to go away? For more than 20 years, companies either managed their edge firewall appliances or had service providers rack-and-stack appliances in their data centers and did it for them. This was called a managed firewall — an appliance wrapped with a managed service, often from a carrier or managed security ...
Read More »Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response
A critical vulnerability has been discovered in Systemd, the popular init system and service manager for Linux operating systems, that could allow remote attackers to potentially trigger a buffer overflow to execute malicious code on the targeted machines via a DNS response.The vulnerability, designated as CVE-2017-9445, actually resides in the ‘dns_packet_new’ function of ‘systemd-resolved,’ a DNS response handler component that ...
Read More »