Login

Register

Login

Register

Category

software update

Auto Added by WPeMatico

Tracking prevention trips up on its own shoelaces Security researchers have discovered a method of subverting Safari’s tracking protection in a finding that has implications for other browser makers. The flaws found in the Apple-owned browser’s Intelligent Tracking Prevention (ITP), a feature designed to enhance privacy, could have potential consequences leading to the disclosure of...
Read More
Cross-sector report demands changes to outdated cybercrime law A cross-sector lobbying group is calling on the UK to reform its computer crime laws, legislation that its members say has failed to keep up with present demands of increasing connectivity. In a report released today (January 22) by the Criminal Law Reform network (CLRNN), lobbyists said...
Read More
The biggest threat is a consumer mindlessly downloading ANALYSIS Healthcare is increasingly going mobile, as hospitals and medical practitioners look to reduce waiting room times by harnessing the benefits of treatment on the go. But patients are often placing too much trust in these apps, which can often expose them to fresh security and privacy...
Read More
Microsoft advises users to apply workarounds while it works on patches Microsoft warns that an as-yet unpatched scripting engine memory corruption vulnerability in Internet Explorer (IE) is being actively exploited in targeted attacks. The vulnerability (CVE-2020-0674) has the potential to corrupt the browser’s memory in such a way that an attacker could execute arbitrary code...
Read More
Critical Windows 10 flaw brings NSA out of the shadows; Magecart his Australia bushfire donation site; and a phisher gets well and truly phished When the usually secretive US National Security Agency (NSA) publicly discloses a vulnerability – and the vendor sends a patch to government agencies before general release – then something unusual is surely...
Read More
Search engine for leaked passwords shut down Police have seized WeLeakInfo.com, an online service that turned selling access to data exposed by breaches into a business. The site offered subscription-based access to billions of compromised user login credentials, essentially offering a search engine for breached personal data including names, email addresses, phone numbers, IP address,...
Read More
Mozilla takes issue with proposed replacement, which the Firefox-maker says could still be used for fingerprinting Earlier this week, Google announced that it plans to phase out the user-agent string in Chrome that gives websites details about the browsers that are accessing them. Mozilla has offered tentative support for its rival’s decision to scrap the...
Read More
Developer promptly issues fix to vulnerability impacting 320,000 sites A critical vulnerability has been found in two popular WordPress plugins, a web security company has disclosed. Both the Infinite WP Client and WP Time Capsule plugins contain an authentication bypass flaw that could allow an attacker to log in to an administrator account without a...
Read More
Coalition seeks to give users more control over the apps that appear on their devices Privacy International is calling on Google to take action against pre-installed Android software – a move which could spark change across the multi-stakeholder mobile app landscape. In a letter penned last week by the human rights campaign group and a...
Read More
Vendor promises patch by the end of January Proof-of-concept code targeting a previously disclosed Citrix vulnerability was published over the weekend in a further sign that widespread attacks may be imminent. Thin client turned cloud computing vendor Citrix responded by promising patches before the end of the month, setting up a potential race to shore...
Read More
Another nail in the coffin for aging hashing algorithm Computer scientists have refined a more affordable and practical attack against SHA-1, the aging but still widely used hashing algorithm. SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function, first developed in the 1990s, that remains in active use in many applications. Although superseded by...
Read More
CES kicks off as Las Vegas tackles cyber-attack; British electronics retailer slapped with ICO fine; and nominations open for the top 10 web hacking techniques of 2019 CES 2020 opened its doors in Las Vegas this week, with tech enthusiasts from around the world getting a first look at hundreds of thousands of new gadgets...
Read More
A storm is brewing Thousands of enterprises are at heightened risk from a recently discovered vulnerability impacting Citrix products, after it emerged that attackers were actively scouring the web for vulnerable systems. The vulnerability (CVE-2019-19781), which affects Citrix Application Delivery Controller (ADC) and Gateway products, emerged in mid-December. The critical security flaw makes it possible for a...
Read More
Caught on camera Multiple security vulnerabilities have been uncovered in popular video sharing app TikTok. Researchers at Check Point have gone public with flaws that made it possible to hack a TikTok account by sending an SMS message, among other exploits. After a user clicked on a malicious link in a spoofed text message, an...
Read More
SideWinder APT abuses Binder flaw as part of cyber-espionage operation The first active attack exploiting a high-profile Android security vulnerability has been found on the Google Play store. Researchers at Trend Micro recently identified three malicious apps in Google Play that work in conjunction with each other to compromise a victim’s Android device and steal...
Read More
Synopsys’ Tim Mackey on GDPR, IoT security, and cloud-based DevOps Tim Mackey is principal security strategist with the Synopsys Cybersecurity Research Center (CyRC), which researches the identification and mitigation of software vulnerabilities. The Daily Swig sat down with Mackey in the wake of his Black Hat Europe talk on the compliance challenges posed by evolving...
Read More
Payment cards mistakenly swiped on unencrypted systems Payment cards used at dozens of US restaurants have been impacted by malware found on systems intended for entering bar and kitchen orders and swiping rewards cards. In a recent breach notification, restaurant operator Landry’s said that “in rare circumstances, it appears waitstaff may have mistakenly swiped payment...
Read More
Third-party payment platform hit, again Customers of a Colorado water supplier are the latest victims of a series of attacks on the Click2Gov municipality payment software. In a statement issued to press on Monday (December 30), Aurora Water said that the personal information of customers who had used the platform between August 30 and October...
Read More
California brings in new data privacy rules; Microsoft takes down bad guys; and a new cybercrime resolution from Russia Microsoft made an announcement ahead of New Year celebrations this week, explaining that it had seized 50 web domains operated by Thallium, a threat group believed to be from North Korea. A declassified US district court...
Read More
Web and mobile impacted Currency exchange outlet Travelex has taken its website and services offline after computer malware hit its systems on New Year’s Eve. Travelex said the move was a “precautionary measure to protect data and prevent the spread of the virus”, adding that it has deployed both its own IT specialists and external...
Read More
1 2 3 4 5
Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW