If you are in Kazakhstan and unable to access the Internet service without installing a certificate, you’re not alone. The Kazakhstan government has once again issued an advisory to all major local Internet Service Providers (ISPs) asking them to make it mandatory for all their customers to install government-issued root certificates on their devices in

In the wake of GandCrab shutting down and master decryption keys being released, a new ransomware threat is emerging. The GandCrab ransomware had been one of the more dangerous threats since its first appearance in early 2018, but the group behind the ransomware as a service (RaaS) announced its retirement last month. On Monday, the

If you use Slack, a popular cloud-based team collaboration server, and recently received an email from the company about a security incident, don’t panic and read this article before taking any action. Slack has been sending a “password reset” notification email to all those users who had not yet changed passwords for their Slack accounts

Getting started can be the most tedious part of any task, especially when the task is as daunting and perplexing as network security. But the task is manageable, as long as one understands the topic’s basics. To ensure a network security strategy operates optimally and efficiently, IT pros should start with the basics, such as

Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people. According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen

The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, also

Zoom faced privacy concerns after the disclosure of a vulnerability that could allow threat actors to use the video conferencing software to spy on users. The Zoom vulnerability, originally reported to only affect the Mac version of the software, has been found to partially affect Windows and Linux as well. Jonathan Leitschuh, software engineer at

Security researchers have illustrated a new app-in-the-middle attack that could allow a malicious app installed on your iOS device to steal sensitive information from other apps by exploiting certain implementations of Custom URL Scheme. By default on Apple’s iOS operating system, every app runs inside a sandbox of its own, which prevent all apps installed

The CryptoLocker virus turns your virtual servers — the life of your data center — into encrypted blocks of data waiting for an unlock code. Although no fix is ever completely effective, there are methods to more easily and safely recover your virtual data. CryptoLocker viruses are a form of malware that encrypts your data

After months of negotiations, the United States Federal Trade Commission (FTC) has approved a record $5 billion settlement with Facebook over its privacy investigation into the Cambridge Analytica scandal. The settlement will put an end to a wide-ranging probe that began more than a year ago and centers around the violation of a 2011 agreement

The chaos and panic that the disclosure of privacy vulnerability in the highly popular and widely-used Zoom video conferencing software created earlier this week is not over yet. As suspected, it turns out that the core issue—a locally installed web server by the software—was not just allowing any website to turn on your device webcam,

It’s been called a tech pipeline: a recruitment path for graduates of computer science or national security, both traditionally male-dominated disciplines, into the cybersecurity workforce. This pipeline is one reason why the cybersecurity industry is so homogenous in terms of diverse backgrounds. When hiring managers choose from a pool of candidates who share similar backgrounds,

Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors. IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevented proactively? That’s definitely a ‘NO,’ which is

Three U.S. presidents have issued directives over the past 21 years on critical infrastructure protection of the natural and man-made resources the U.S. depends on to function, as well as the systems needed for their delivery and protection. Because all critical assets are not controlled by the federal government, President Bill Clinton in 1998 first laid

Are you sure the WhatsApp app you are using on your Android device is legitimate, even if it’s working perfectly as intended? …Or the JioTV, AppLock, HotStar, Flipkart, Opera Mini or Truecaller app—if you have installed any of these? I’m asking this because cybersecurity researchers just yesterday revealed eye-opening details about a widespread Android malware

In early May, hackers infiltrated the Baltimore, Md., computer network. The ransomware attack ended normal business operations, interrupted critical city services, cost the city millions and inconvenienced hundreds of thousands of residents. Baltimore joined the list of other cities that have fallen victim to serious ransomware threats that affect business and commerce. While ransomware attacks

A new ransomware family has been found targeting Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users’ data hostage until a ransom is paid, researchers told The Hacker News. Ideal for home and small business, NAS devices are dedicated file storage units connected to a network or through the Internet, which

Cyber threat intelligence has become a critical tool for organizations trying to defend their networks. A 2019 survey from the cybersecurity-focused SANS Institute found that 72% of survey respondents are either consuming or producing cyber threat intelligence (CTI). Only 8% say they don’t use it and have no plans to start. Yet how well organizations

Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity. The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including

Although there is some debate over the value of certain security certification programs, most of them can deliver… more significant benefits to professionals than the traditional self-study options. A certification, for instance, covers topics that are broader than purely the interest of the student, which requires the student to learn more than just the minimum

Britain’s Information Commissioner’s Office (ICO) today hit British Airways with a record fine of £183 million for failing to protect the personal information of around half a million of its customers during last year’s security breach. British Airways, who describes itself as “The World’s Favorite Airline,” disclosed a breach last year that exposed personal details

An unknown hacker yesterday successfully managed to hack into the official GitHub account of Canonical, the company behind the Ubuntu Linux project and created 11 new empty repositories. It appears that the cyberattack was, fortunately, just a “loud” defacement attempt rather than a “silent” sophisticated supply-chain attack that could have been abused to distribute modified

While security is an essential factor in any organization’s network operations, it can also be a complicated and confusing topic. To get started, begin with network security terms and phrases. The following glossary includes some common network security terms — including firewall and VPN — as well as newer terms and technologies, such as software-defined

Chinese authorities are secretly installing surveillance apps on smartphones of foreigners at border crossings in the Xinjiang region who are entering from neighboring Kyrgyzstan, an international investigation revealed. Xinjiang (XUAR) is an autonomous territory and home to many Muslim ethnic minority groups where China is known to be conducting massive surveillance operations, especially on the

Although the terms security threat, security event and security incident are related, in the world of cybersecurity these information security threats have different meanings. A security threat is a malicious act that aims to corrupt or steal data or disrupt an organization’s systems or the entire organization. A security event refers to an occurrence during

Taiwanese networking equipment manufacturer D-Link has agreed to implement a “comprehensive software security program” in order to settle a Federal Trade Commission (FTC) lawsuit alleging that the company didn’t take adequate steps to protect its consumers from hackers. Your wireless router is the first line of defense against potential threats on the Internet. However, sadly,

A 23-year-old hacker from Utah who launched a series of DDoS attacks against multiple online services, websites, and online gaming companies between December 2013 and January 2014 has been sentenced to 27 months in prison. Austin Thompson, a.k.a. “DerpTroll,” pledged guilty back in November 2018 after he admitted to being a part of DerpTrolling, a

President Donald Trump has announced plans to loosen the terms of the trade ban between U.S. companies and Huawei, but the details are unclear as to how national security concerns will be addressed. At the recent G20 Summit in Osaka, Japan, President Trump said he and Chinese President Xi Jinping planned to restart trade talks

Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim’s computer. Barak Tawily, an application security researcher, shared his findings with The Hacker

Organizations are struggling to keep up with the growing number of cybersecurity threats and the inherent complexities involved with maintaining a proper security posture. In many cases, enterprise security teams offload those duties to a trusted third-party service provider that can plan and handle security incident responses. According to a recent MarketsandMarkets report, many organizations