News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

0 Comments
New variants of the Mirai and Gafgyt botnets are targeting unpatched enterprise devices, according to new research. Palo Alto Networks’ Unit 42 found the variants affect vulnerabilities in Apache Struts and in SonicWall’s Global Management System (GSM). The Mirai variant exploits the same vulnerability in Apache Struts that was behind the 2018 Equifax data breach,
0 Comments
What just happened would definitely gonna surprise you. Linus Torvalds—father of the Linux open-source operating system—finally admitted his behavior towards other developers in the Linux community was hurting people and Linux. In a surprising move this weekend, Torvalds apologized for insulting and abusing other developers for almost three decades and took a break from the
0 Comments
It’s 2008 all over again as researchers have found a way to leverage cold boot attacks against modern computers to steal sensitive data from lost or stolen devices. Olle Segerdahl and Pasi Saarinen, security consultants for F-Secure, developed the new cold boot attack method and claim it “will work against nearly all modern computers,” including
0 Comments
Did you ever wonder if your Twitter account has been hacked and who had managed to gain access and when it happened? Twitter now lets you know this. After Google and Facebook, Twitter now lets you see all the devices—laptop, phone, tablet, and otherwise—logged into your Twitter account. Twitter has recently rolled out a new
0 Comments
The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court. Peter Yuryevich Levashov, 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to computer crime, wire fraud, conspiracy and identity theft charges. Levashov, also known by many online
0 Comments
Thank you for joining! Access your Pro+ Content below. March 2016 How to buy the best antimalware tools to protect endpoints Share this item with your network: Malware writers are becoming more sophisticated, increasing the threats to data privacy and security. To counter the growing risks of unauthorized access to proprietary or confidential information, the
0 Comments
When identity and access management doesn’t get the attention it deserves, there tends to be trouble. For both cloud and on-premises systems, a strong set of security access controls and a tight grasp on identity governance can save enterprises from data exposure or data loss, embarrassment and a damaged reputation. Enterprise systems are becoming increasingly
0 Comments
Zerodium, the infamous exploit vendor that earlier this year offered $1 million for submitting a zero-day exploit for Tor Browser, today publicly revealed a critical zero-day flaw in the anonymous browsing software that could reveal your identity to the sites you visit. In a Tweet, Zerodium shared a zero-day vulnerability that resides in the NoScript
0 Comments
British police have arrested a 19-year-old teen who is an alleged member of Apophis Squad cybercriminal group responsible for making hoax bomb threats to thousands of schools and airlines; and DDoSing ProtonMail and Tutanota secure email services. George Duke-Cohan was arrested in his bedroom at his family home in Watford by British National Crime Agency
0 Comments
Mobile spyware company mSpy has once again leaked millions of customer records to the public internet. The company develops mobile spyware that customers use to monitor the mobile device activity of their children, partners and others. Security researcher Nitish Shah discovered the mSpy leak via a public-facing database and reached out to cybersecurity journalist Brian
0 Comments
British Airways, who describes itself as “The World’s Favorite Airline,” has confirmed a data breach that exposed personal details and credit-card numbers of up to 380,000 customers and lasted for more than two weeks. So who exactly are victims? In a statement released by British Airways on Thursday, customers booking flights on its website (ba.com)
0 Comments
Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable
0 Comments
At least one malicious actor began exploiting a critical vulnerability in Apache Struts in the wild, despite a patch being issued last week. According to researchers at Volexity, a cybersecurity company based in Washington, D.C., the exploits of the Apache Struts vulnerability surfaced in the wild not long after a proof-of-concept (PoC) exploit was published
0 Comments
Instagram is growing quickly—and with the second most popular social media network in the world (behind just Facebook), the photo-sharing network absolutely dominates when it comes to user interactions. And with great success comes great responsibility—responsibility to keep users’ accounts safe, responsibility to fight fake accounts and news, and responsibility of being transparent. You might
0 Comments
The fourth celebrity hacker, who was charged earlier this year with hacking into over 250 Apple iCloud accounts belonging to Jennifer Lawrence and other Hollywood celebrities, has been sentenced to eight months in prison. Earlier this year, George Garofano, 26, of North Branford, admitted to illegally obtaining credentials of his victims’ iCloud accounts using a
0 Comments
Google just made its Titan Security Key available on its store for $50. First announced last month at Google Cloud Next ’18 convention, Titan Security Key is a tiny USB device—similar to Yubico’s YubiKey—that offers hardware-based two-factor authentication (2FA) for online accounts with the highest level of protection against phishing attacks. Google’s Titan Security Key
0 Comments
A security researcher has publicly disclosed the details of a previously unknown zero-day vulnerability in the Microsoft’s Windows operating system that could help a local user or malicious program obtain system privileges on the targeted machine. And guess what? The zero-day flaw has been confirmed working on a “fully-patched 64-bit Windows 10 system.” The vulnerability
0 Comments
Security researchers from Google have publicly disclosed an extremely serious security flaw in the first Fortnite installer for Android that could allow other apps installed on the targeted devices to manipulate installation process and load malware, instead of the Fortnite APK.   Earlier this month, Epic Games announced not to make its insanely popular game