News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

0 Comments
Mozilla’s security-focused Firefox Monitor tool is expanding to be more proactive at notifying users about past data breaches, but one expert worries about the consequences. Mozilla began testing the initial integration between Firefox Monitor and Have I Been Pwned (HIBP) — a website that enables users to find out if their email addresses were in
0 Comments
Even in the best-case scenario, with effective network security infrastructure in place and an expert staff at the ready, network security can be a thorny task. Then, consider most organizations contend with serious resource limitations, and the picture becomes darker. As network security threats continue to evolve, here are some of the top network security
0 Comments
European online contact lens supplier Vision Direct has revealed a data breach which compromised full credit card details for a number of its customers, as well as personal information. Compromised data includes full name, billing address, email address, password, telephone number and payment card information, including card number, expiry date and CVV. It’s not yet
0 Comments
At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the devices that successfully got hacked
0 Comments
Traditional network security vulnerabilities are bad enough without adding SDN security issues to the mix. But, as organizations deploy SDN, they risk exposing their networks to new types of threats and attacks, especially if they don’t have proper plans in place. A prevalent concern with SDN security focuses on the SDN controller. The controller contains
0 Comments
Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United States prosecutors have accidentally revealed the existence of criminal charges against Wikileaks founder Julian Assange in a recently unsealed court filing in an unrelated ongoing sex crime case in the Eastern District of Virginia. Assistant
0 Comments
Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information. Since then, several more variants of speculative execution attacks have been discovered, including Spectre-NG, SpectreRSB, Spectre 1.1, Spectre1.2, TLBleed, Lazy
0 Comments
Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world’s most popular social network at risk. Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results
0 Comments
Our partner Springboard, which provides online courses to help you advance your cybersecurity career with personalized mentorship from industry experts, recently researched current cybersecurity salaries and future earning potential in order to trace a path to how much money you can make. Here’s what they found were the most important factors for making sure you
0 Comments
A newly discovered spam botnet targeted over 100,000 home routers through a UPnP vulnerability. According to Netlab 360 researchers Hui Wang and RootKiter, the botnet, which they’re calling “BCMUPnP_Hunter,” infected 116 different types of devices. They estimated over 100,000 IP addresses belonging to home routers with Broadcom UPnP enabled have been infected. The botnet was
0 Comments
In light of Anthem Inc. recently agreeing to pay the largest HIPAA settlement on record for the Anthem data breach that affected nearly 79 million plan members, providers must get better at controlling who has access to patient data and internal systems. That advice comes from David Harlow, a Boston healthcare lawyer and consultant. “Anthem
0 Comments
Cybersecurity researchers at Check Point today revealed details of a potential dangerous vulnerability in DJI Drone web app that could have allowed attackers access user accounts and synced sensitive information within it, including flight records, location, live video camera feed, and photos taken during a flight. Thought the vulnerability was discovered and responsibly reported by
0 Comments
A 23-year-old hacker from Utah pleaded guilty this week to launching a series of denial-of-service (DoS) attacks against multiple online services, websites, and online gaming companies between 2013 and 2014. According to a Justice Department (DoJ) press release, Austin Thompson, a.k.a. “DerpTroll,” took down servers of several major gaming platforms including Electronic Arts’ Origin service,
0 Comments
Unclassified malware samples from U.S. Cyber Command will be shared with VirusTotal by the Cyber National Mission Force. VirusTotal aggregates malware and malicious URL data from antivirus products and allows anyone to submit samples for inclusion in the database. The CNMF — the action arm of Cyber Command responsible for planning and directing cyberoperations —
0 Comments
Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft Store apps with extensive file system permission to access all files on users’ computers without their consent. With Windows 10, Microsoft introduced a common platform, called Universal Windows Platform (UWP), that allows apps to
0 Comments
Security researchers disclosed two vulnerabilities in Bluetooth chips that put wireless access points, medical devices and more at risk of attack. Researchers at Armis, an enterprise IoT security company based in Palo Alto, Calif., discovered two vulnerabilities in Bluetooth Low Energy (BLE) chips manufactured by Texas Instruments and have branded the flaws as Bleedingbit. Armis