If you use the Firefox web browser, you need to update it right now.Mozilla earlier today released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical zero-day vulnerability in the browsing software that hackers have been found exploiting in the wild.Discovered and reported by Samuel Groß, a cybersecurity researcher at Google Project Zero, the vulnerability could … [Read more...] about Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks
web applications
When Time is of the Essence – Testing Controls Against the Latest Threats Faster
A new threat has hit head the headlines (Robinhood anyone?), and you need to know if you're protected right now. What do you do? Traditionally, you would have to go with one of the options below.Option 1 – Manually check that IoCs have been updated across your security controls. This would require checking that security controls such as your email gateway, web gateway, and … [Read more...] about When Time is of the Essence – Testing Controls Against the Latest Threats Faster
Critical Flaw Reported in Popular Evernote Extension for Chrome Users
Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed.Evernote is a popular service that helps people taking notes and organize their to-do task lists, and over 4,610,000 users have been using its Evernote Web Clipper … [Read more...] about Critical Flaw Reported in Popular Evernote Extension for Chrome Users
Telegram Suffers ‘Powerful DDoS Attack’ From China During Hong Kong Protests
Telegram, one of the most popular encrypted messaging app, briefly went offline yesterday for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers.Telegram founder Pavel Durov later revealed that the attack was mainly coming from the IP addresses located in China, suggesting the Chinese government could be behind … [Read more...] about Telegram Suffers ‘Powerful DDoS Attack’ From China During Hong Kong Protests
Cynet Free Visibility Experience – Unmatched Insight into IT Assets and Activities
Real-time visibility into IT assets and activities introduces speed and efficiency to many critical productivity and security tasks organizations are struggling with—from conventional asset inventory reporting to proactive elimination of exposed attack surfaces.However, gaining such visibility is often highly resource consuming and entails manual integration of various … [Read more...] about Cynet Free Visibility Experience – Unmatched Insight into IT Assets and Activities
Android’s Built-in Security Key Now Works With iOS Devices For Secure Login
In April this year, a software update from Google overnight turned all Android phones, running Android 7.0 Nougat and up, into a FIDO-certified hardware security key as part of a push to encourage two-step verification.The feature made it possible for users to confirm their identity when logging into a Google account more effortless and secure, without separately managing and … [Read more...] about Android’s Built-in Security Key Now Works With iOS Devices For Secure Login
RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory
A team of cybersecurity researchers yesterday revealed details of a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes running on the same hardware.Dubbed RAMBleed and identified as CVE-2019-0174, the new attack is based on a well-known class of DRAM … [Read more...] about RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory
Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities
After Adobe, the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products.This month's security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in … [Read more...] about Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities
Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor
Linux users, beware!If you haven't recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim.Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim—two most popular and powerful … [Read more...] about Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor
Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw
An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system.SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has … [Read more...] about Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw