News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

0 Comments
Editor’s note Once considered an afterthought in software design, application security is increasingly top of mind for developers. The way applications are used these days — accessed over networks — invites a variety of potential threats. Frequent testing and adherence to application security best practices can limit the possibility of unauthorized code being used to
0 Comments
Europol announced the shut down of two prolific dark web marketplaces—Wall Street Market and Silkkitie (also known as Valhalla)—in simultaneous global operations against underground websites for trading drugs, stolen credit card numbers, malicious software, and other illegal goods. Police in western Germany has also arrested three men who were allegedly running Wall Street Market, the
0 Comments
If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers. Dell SupportAssist, formerly known as Dell System Detect, checks the health of your
0 Comments
A new operational directive from the Department of Homeland Security placed deadlines on how long federal agencies have to patch vulnerabilities. The Binding Operational Directive (BOD) 19-02 sets new DHS patching rules stating that federal agencies have 15 days to patch critical vulnerabilities and 30 days for flaws that are rated high. The directive only
0 Comments
WikiLeaks founder Julian Assange has been sentenced to 50 weeks—for almost a year—in prison by a London court for breaching his bail conditions in 2012 and taking refuge in the Ecuadorian embassy for nearly 7 years. The 47-year-old Assange was arrested last month by London’s Metropolitan Police Service after the Ecuadorian government suddenly withdrew his
0 Comments
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that has been made public and could allow attackers to compromise your online store. A WordPress security company—called “Plugin Vulnerabilities“—that recently gone rogue in order to protest against moderators of the WordPress’s official support
0 Comments
A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild. Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services on
0 Comments
Security researchers have discovered the full source code of the Carbanak malware—yes, this time it’s for real. Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants. In July last year, there was
0 Comments
Drupal, the popular open-source content management system, has released security updates to address multiple “moderately critical” vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites. According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in third-party
0 Comments
BOSTON — Forcepoint believes it’s time for a more human-centric cybersecurity approach, and the company made a major investment to accelerate that vision. Forcepoint this week opened its new Cyber Experience Center, a 53,000-square-foot facility in Boston’s Seaport district. The center is designed educate enterprises about their current security challenges as well as promote a
0 Comments
An unprotected database belonging to JustDial, India’s largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy “88888 88888” customer care number, The Hacker News has learned and independently verified. Founded over two decades
0 Comments
Microsoft warned users of its web email services that accounts may have been compromised, and some sensitive data may have been accessed. Beginning late Friday, Microsoft sent email messages to users of Outlook, Hotmail and MSN Mail, alerting them that an unauthorized third party gained partial access to Microsoft-managed accounts between Jan. 1 and March
0 Comments
Even after Google’s security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store. Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers’ existing accounts, is enough for ‘bad-faith’ developers to trick the Play