The Trump administration is ordering U.S. federal executive branch agencies to remove anti-virus software from Russian-owned Kaspersky Lab from their computers within 90 days. The Department of Homeland Security, in a statement issued Wednesday, says Kaspersky security products pose a risk to federal information systems because they provide broad access […]
Cybersecurity
ADOBE FIXES EIGHT VULNERABILITIES IN FLASH, ROBOHELP, COLDFUSION
Adobe fixed eight vulnerabilities across three products, including two critical memory corruption bugs and a critical XML parsing flaw, with its regularly scheduled update on Tuesday. RoboHelp for Windows, ColdFusion, and as usual, Flash Player, all received updates as part of the company’s Patch Tuesday security bulletins. Versions 26.0.0.151 and […]
VMWARE PATCHES BUG THAT ALLOWS GUEST TO EXECUTE CODE ON HOST
Users who run four different types of VMware products, ESXi, vCenter Server, Fusion and Workstation, are being encouraged to update to address a series of vulnerabilities, one critical. The most serious issue, an out-of-bounds write vulnerability, exists in ESXi, and desktop hypervisors Workstation, and Fusion. An attacker could exploit the […]
ANDROID USERS VULNERABLE TO ‘HIGH-SEVERITY’ OVERLAY ATTACKS
Security researchers warned of a high-severity Android flaw on Thursday that stems from what they call a “toast attack” overlay vulnerability. Researchers say criminals could use the Android’s toast notification, a feature that provides simple feedback about an operation in a small pop up, in an attack scenario to obtain […]
Google Chrome most resilient against attacks, researchers find
Researchers have analyzed Google Chrome, Microsoft Edge, and Internet Explorer, and found Chrome to be the most resilient against attacks. “Modern web browsers such as Chrome or Edge improved security in recent years. Exploitation of vulnerabilities is certainly more complex today and requires a higher skill than in the past. […]
Global DDoS mitigation market trends and developments
Frost & Sullivan found that the DDoS mitigation market generated a revenue of $816 million in 2016 and is expected to register a CAGR of 17.1 percent through 2021. Threat actors’ continuous development of new techniques to overwhelm their target’s defenses and improve effectiveness of their DDoS attacks in terms of scale, […]
POS Malware Abuses Exposed ElasticSearch Nodes for C&C
Two point of sale (POS) malware families have been abusing thousands of publicly accessible ElasticSearch nodes for command and control (C&C) purposes, Kromtech security researchers warn. Malicious files discovered on the ElasticSearch deployments referenced to the AlinaPOS and JackPOS malware families, which are well known for their wide use in credit card data […]
EU to Launch Cybersecurity ‘Safety Labels’
The European Union unveiled plans Tuesday to step up its response to cyber attacks, including a new intelligence-sharing agency, cyber war games and product safety labels. The proposals by the European Commission, the executive arm of the 28-nation bloc, come amid growing concerns over election hacking by foreign states, ransomware […]
How to recognize a targeted malware/phishing attack
I received an email pretending to be from my hoster Strato (known as Cronon AG) telling me that my domain I have for my IT Consulting business has been suspended because of complains they received. This kind of email is called “Spear Phishing”: it targets only certain users that have a proven […]
Ransomware: Prevention is the best solution
Ransomware is malicious software that denies you access to your computer or files until you pay a ransom. There are several types of ransomware that are commonly seen: files/folders encryptors screen ‘lockers‘ MBR ransomware (MBR: master boot record) To read the original article : http://improve-your-security.org/ransomware-prevention-is-the-best-solution/