RSA survey reveals consumers falsifying data online to avoid sharing personal information with companies, while 78% say company reputation relating to data and privacy impacts their buying decisions. According to a global online survey commissioned by RSA, a global cyber security solutions business, 41% of consumers admit to intentionally falsifying […]
CVE-2018-4878: An Analysis of the Flash Player Hack
Before diving into the analysis of CVE-2018-4878, a quick reminder that this is the continuation of our previous post, which provided background on CVE-2018-4878, including a video of how Morphisec prevents any attacks leveraging this Flash vulnerability. Morphisec prevents the attack at all phases and components in the attack chain – […]
Malicious Trends: Cryptojacking Could Surpass Ransomware as Primary Money Maker
Cryptocurrencies are hot. According to https://coinmarketcap.com, there are now over 1300 cryptocurrencies with new initial coin offerings (ICOs) accelerating all the time. Even Kodak is getting into the act with KODAKcoin. And currently, the price trajectory of Bitcoin is higher than a North Korean rocket, with Blockchain saving the world […]
Swisscom data breach exposes 800,000 customers
Swiss telecoms giant Swisscom has admitted that it suffered a serious security breach in the autumn of 2017 that saw the theft of contact details of approximately 800,000 customers – most of whom were mobile subscribers. Data exposed during the breach included: Customers’ first and last names Customers’ home addresses […]
Facteur humain, le plus gros danger en cybersécurité ?
Annonçons le dès à présent : en 2018, tout comme ce fut le cas en 2017, les attaques exploitant le « facteur humain » vont rester une tendance majeure. En effet, comme nous le verrons dans cet article, il est avéré que les cybercriminels se reposent aujourd’hui de plus en plus […]
Multiples vulnérabilités dans le noyau Linux de SUSE
RÉSUMÉ De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d’entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un déni de service. SOLUTION Se référer au bulletin de sécurité de l’éditeur pour l’obtention des […]
9 Tips to Prevent WordPress Hacks in this Dangerous Digital World
WordPress hacks are increasingly common. Whether it’s for malicious reasons, to harm a site or to just insert backlinks, WordPress can be very vulnerable if not cared for and updated regularly. How to Prevent hacks? So, how do you prevent these security blips – this post aims to show how. […]
For the second time CISCO issues security patch to fix a critical vulnerability in CISCO ASA
Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. At the end of January, the company released security updates the same flaw in Cisco ASA software. The vulnerability could be exploited by a remote and unauthenticated attacker to […]
Uber: ‘No Justification’ for Breach Cover-Up
Uber, the controversial ride-sharing company, arguably set the lowest bar after it waited a year before disclosing that hackers accessed 57 million accounts of its riders and drivers around October 2016. The breach was first disclosed in November 2017 (see Uber Concealed Breach of 57 Million Accounts for a Year). […]
Apple’s iBoot Source Code for iPhone Leaked on Github
Apple source code for a core component of iPhone’s operating system has purportedly been leaked on GitHub, that could allow hackers and researchers to discover currently unknown zero-day vulnerabilities to develop persistent malware and iPhone jailbreaks. The source code appears to be for iBoot—the critical part of the iOS operating […]