WAF (Web Application Firewall) has been the first line of defence when it comes to application security for a while now. Many organizations have adopted WAF in one form or the other and most cases, compliance has been the driver for adoption.But unfortunately, when it comes to the efficacy of WAF in thwarting attacks, it has not lived up to the expectations. In most … [Read more...] about Let Experts Do Their Job – Managed WAF by Indusface
cybersecurity
Canon DSLR Cameras Can Be Hacked With Ransomware Remotely
The threat of ransomware is becoming more prevalent and severe as attackers' focus has now moved beyond computers to smartphones and other Internet-connected smart devices.In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and … [Read more...] about Canon DSLR Cameras Can Be Hacked With Ransomware Remotely
Apple will now pay hackers up to $1 million for reporting vulnerabilities
Apple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday.One of the most attractive updates is…Apple has enormously increased the maximum reward for its bug bounty program from $200,000 to $1 million—that's by far the biggest bug bounty offered by any major tech company … [Read more...] about Apple will now pay hackers up to $1 million for reporting vulnerabilities
Facebook Sues Two Android App Developers for Click Injection Fraud
Facebook has filed a lawsuit against two shady Android app developers accused of making illegal money by hijacking users' smartphones to fraudulently click on Facebook ads.According to Facebook, Hong Kong-based 'LionMobi' and Singapore-based 'JediMobi' app developers were distributing malicious Android apps via the official Google Play Store that exploit a technique known as … [Read more...] about Facebook Sues Two Android App Developers for Click Injection Fraud
KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files
If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any ".desktop" or ".directory" file for a while.A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run arbitrary code … [Read more...] about KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files
Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V
Remember the Reverse RDP Attack?Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft's Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely.(You can find details and a video demonstration for this security vulnerability, along with dozens of critical flaws in other … [Read more...] about Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V
SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned.Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored … [Read more...] about SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking
A series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction.Discovered by security researchers from Tencent's Blade team, the vulnerabilities, collectively known as QualPwn, reside in the WLAN and modem firmware of Qualcomm … [Read more...] about New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking
Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords
The same team of cybersecurity researchers who discovered several severe vulnerabilities, collectively dubbed as Dragonblood, in the newly launched WPA3 WiFi security standard few months ago has now uncovered two more flaws that could allow attackers to hack WiFi passwords.WPA, or WiFi Protected Access, is a WiFi security standard that has been designed to authenticate wireless … [Read more...] about Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords
Cisco ‘Knowingly’ Sold Hackable Video Surveillance System to U.S. Government
Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies.It's believed to be the first payout on a 'False Claims Act' case over failure to meet cybersecurity standards.The lawsuit began eight years ago, in … [Read more...] about Cisco ‘Knowingly’ Sold Hackable Video Surveillance System to U.S. Government