News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

0 Comments
Active Directory has a number of different components to keep track of user and resource information in an organization…. If one piece starts to fail and a recovery effort falters, it could mean it’s time for a rebuilding process. The system volume (SYSVOL) is a shared folder found on domain controllers in an Active Directory
0 Comments
A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto’s Citizen Lab, the hacking group behind this campaign sent tailored malicious web links to its targets
0 Comments
Data is at the heart of AI, fueling machine learning models to help companies obtain more accurate predictions, gain better insights and increase sales. Recently, the way companies are acquiring and using the data that powers those models is being evaluated. For many years, companies have been complacent toward how their third parties obtain critical
0 Comments
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software. One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn’t require
0 Comments
Advanced Persistent Threats groups were once considered a problem that concerns Fortune 100 companies only. However, the threat landscape of the recent years tells otherwise—in fact, every organization, regardless of vertical and size is at risk, whether as a direct target, supply chain or collateral damage. The vast majority of security decision-makers acknowledge they need
0 Comments
Among its other capabilities, the 5G network supports slicing, a technique that divides a single physical network infrastructure into multiple virtual networks. Compared to existing 4G and LTE (Long Term Evolution) networks, 5G promises significant improvements in bandwidth and latency, making virtual network slices a possibility. Each virtual network instance created by 5G network slicing
0 Comments
A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases. phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that’s widely used to manage the database for websites created with WordPress, Joomla, and many
0 Comments
Encrypting web content is nothing new: It’s been nearly 20 years since the publication of the specification for encrypting web content by running HTTP over the Transport Layer Security protocol. However, running a secure encrypted web server has gone from an option to a virtual necessity in recent years. Attackers continue to seek — and
0 Comments
Whether organizations truly need a cybersecurity framework is one of the biggest questions that’s never really asked in information security. This is because some vendors focus on selling spot security products, an approach that doesn’t lend itself to encouraging enterprises to step back and look at security in the overall context of what they are
0 Comments
Google has released an urgent software update for its Chrome web browser and is urging Windows, Mac, and Linux users to upgrade the application to the latest available version immediately. Started rolling out to users worldwide this Wednesday, the Chrome 77.0.3865.90 version contains security patches for 1 critical and 3 high-risk security vulnerabilities, the most
0 Comments
It’s relatively easy to manage device encryption when there are only iOS devices in a mobile fleet. Apple provides a single encryption standard across all of the iOS devices it manufactures.  Android device encryption, however, depends on the version of Android the devices run, the OEM and device model, the hardware architecture and other factors.
0 Comments
Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam—they mine cryptocurrencies as well. Smominru, an infamous cryptocurrency-mining and credential-stealing botnet, has become one of the rapidly spreading computer
0 Comments
After nine years running, DerbyCon held its ninth and final show, and attendees and a co-founder looked back on the conference and discussed plans to continue the community with smaller groups around the world. DerbyCon was one of the more popular small-scale hacker conferences held in the U.S., but organizers surprised the infosec community in
0 Comments
The massive data breach at Capital One – America’s seventh-largest bank, according to revenue – has challenged many common assumptions about cloud computing for the first time. Ironically, the incident, which exposed some 106 million Capital One customers’ accounts, has only reinforced the belief that the cloud remains the safest way to store sensitive data.
0 Comments
Estonian based web security startup WebARX, the company who is also behind open-source plugin vulnerability scanner WPBullet and soon-to-be-released bug bounty platform plugbounty.com, has a big vision for a safer web. It built a defensive core for websites which is embedded deep inside the company’s DNA as even ARX in their name refers to the
0 Comments
The United States Treasury Department on Friday announced sanctions against three state-sponsored North Korean hacking groups for conducting several destructive cyberattacks on US critical infrastructure. Besides this, the hacking groups have also been accused of stealing possibly hundreds of millions of dollars from financial institutions around the world to ultimately fund the North Korean government’s
0 Comments
Network bridges and switches are distinctly different, serving separate functions. A bridge is a point-to-point… connection joining two LANs using the same protocol, such as Ethernet. A switch is a multiport bridge that connects multiple clients and chooses the packet path on the network. Every switch is a bridge, but bridges are not truly switches.
0 Comments
It’s time for two important disciplines — business continuity and its related initiatives and cybersecurity — to collaborate better. Typically, cybersecurity and business continuity operate in different silos, but I’m keen to move them closer together, as they are both important elements of an organization’s resilience. For example, a cybersecurity event, which is initially addressed
0 Comments
CISOs and CIOs need to know better than anyone the security pulse of their organizations. On the other hand, they cannot be flooded with every changing detail. Finding the right balance that enables them to clearly grasp the big picture required in making sound decisions is a task many security executives find challenging. Threat actors
0 Comments
Keeping a unified communications environment secure is no small task as the different communications tools that comprise a UC system have their own security needs. And organizations can’t push all the security responsibilities onto their UC vendor. Organizations must take steps to lock down their networks to support unified communications security. Learn how to build