EC Council and BGD e-GOV CIRT have recently signed a MoU, with a joint vision to provide ANSI Certified C|CISO certification to Bangladesh Government’s top security professionals across ministries, that are eligible for the course. The attendees of the course will range from business, police, military, paramilitary forces, telecom and other top government officials at leadership positions. Under the scope of the MoU, the courseware...
Read More
White hat hacker discovered some Windows 10 versions come with a pre-installed version of Keeper Password Manager that exposes systems to passwords stealing. Some Windows 10 versions come with a pre-installed 3rd-party password manager app that could allow hackers to steal users credentials remotely. Starting from Windows 10 Anniversary Update (Version 1607), Microsoft included in its OS a new feature called Content Delivery Manager that silently installs new...
Read More
Apple just can’t seem to get away from the theme of security flaws right now. Last month it was the macOS 10.13 root password issue, hot on the heels of the news that the iPhone’s X’s much-vaunted Face ID authentication could be bypassed using a prosthetic mask. And it only seems fair to mention the small matter of the ‘show your password hint in encrypted APFS volumes’ issue...
Read More
Ransomware is a growth industry – and it’s growing because it works. Attacks that lock up data unless a ransom is paid shot up an unbelievable 6000% worldwide in 2016 over the previous year. According to the FBI, hackers “earned” over a billion dollars in ransomware attacks in 2016, some five times over the amount they netted in 2015. Despite the big numbers, it’s small users who may be...
Read More
Microsoft released Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 Critical browser issues. Microsoft has released its Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 critical flaws affecting the Internet Explorer and Edge web browsers. Microsoft addressed several memory corruption flaws that can be exploited for remote code execution. Most of the vulnerabilities reside in...
Read More
Three security researchers have discovered a variation to an old cryptographic attack that can be exploited to obtain the private encryption key necessary to decrypt sensitive HTTPS traffic under certain conditions. Named ROBOT, which stands for Return Of Bleichenbacher’s Oracle Threat, this new attack is a variation of the Bleichenbacher attack on the RSA algorithm discovered almost two decades ago. The original Bleichenbacher attack Back...
Read More
The author of the BrickerBot malware has announced his retirement in an email to Bleeping Computer, also claiming to have bricked over 10 million devices since he started the “Internet Chemotherapy” project in November 2016. Known as The Doctor (self-given name) and The Janit0r (HackForums nickname), this individual (or group) is the author of BrickerBot, a malware strain that was purposely created to brick IoT devices....
Read More
While USB drives are ubiquitous for employees across all industries, security policies for these devices are often severely outdated or grossly inadequate for protecting critical enterprise data, according to Apricorn. By failing to effectively monitor USB usage, organizations are leaving themselves vulnerable to data breaches, as well as putting their clients’ and employees’ personal information at risk. While nine out of 10 employees rely on USB...
Read More
RiskIQ analyzed 120 mobile app stores and more than 2 billion daily scanned resources. In listing and analyzing the app stores hosting the most malicious mobile apps and the most prolific developers of malicious apps, their Q3 mobile threat landscape report documents an increase in blacklisted apps over Q2, as well as the continued issues of imitation and trojan apps in official app stores and...
Read More
Hackers compromised computer systems at an Australian Airport and stole sensitive security details and building plans. The man was identified and arrested. Hackers compromised computer systems at the Australian Perth Airport and stole sensitive security details and building plans. The culprit has a name, he is the Vietnamese citizen Le Duc Hoang Hai (31) who accessed the systems in March last year using credentials of a third-party contractor. “A skilled hacker in...
Read More
