Security

Cyber Security Reviews – Security will bring to our readers whats happening on the Security scene around the world.

0 Comments
Speaking at the Virus Bulletin 2019 conference in London, Yonathan Klijnsman, head of threat research at RiskIQ, said that many groups had been identified as being behind recent Magecart attacks, but new movements were being made towards more targeted attacks. Klijnsman explained that traditional Magecart attacks groups would get into a company’s network, and they would
0 Comments
by John E Dunn Remember the critical remote code execution (RCE) vulnerability in the Exim email server, CVE-2019-15846, from mid-September? Barely two weeks later, and the software’s maintainers have issued an advisory for another potentially troublesome bug, identified as CVE-2019-16928, which has been given the same critical rating. Affecting all Exim versions between and including
0 Comments
Security software and services company BlackBerry Limited has announced the launch BlackBerry Advanced Technology Development Labs (BlackBerry Labs), a new business unit operating at the forefront of research and development in the cybersecurity space. The Labs will be led by CTO Charles Eagan and will include a team of over 120 software developers, architects, researchers,
0 Comments
by John E Dunn News for Outlook on the web users who regularly email attachments: Microsoft is about to put another 38 file extensions on its too risky to receive blocklist. Once there – implemented through Outlook’s BlockedFileTypes filter – Outlook for the web recipients will no longer be able to receive attachments using these
0 Comments
A new piece of spyware, designed to steal sensitive information from users of the messaging app Telegram, is for sale on the black market.   Trojan-delivered Masad Stealer and Clipper was clocked by researchers at Juniper Threat Labs. The spyware uses Telegram as a command and control (CnC) channel to cloak itself in a veil of anonymity. 
0 Comments
Lawyer, law professor, and civil rights advocate Danielle Keats Citron has been awarded a MacArthur grant for her efforts to address the scourge of cyber-harassment.  Citron, a professor at Boston University Law School, is one of 26 individuals this year to receive a so-called genius grant from the John D. and Catherine T. MacArthur Foundation. Citron was awarded $625,000
0 Comments
Global consumers overwhelmingly reject government arguments that encryption backdoors will make them safer from terrorists, according to new research from Venafi. The security vendor polled over 4100 consumers in the US, UK, France and Germany to better understand their attitudes to government and social media when it comes to data protection. Law enforcers and governments
0 Comments
Very few companies are securing the majority of their cloud-native apps with DevSecOps practices, according to new research. According to findings from ESG and Data Theorem, only 8% of companies are securing 75% or more of their cloud-native applications with DevSecOps practices today. However, 68% of companies are expected to be securing 75% (or more) of their cloud-native
0 Comments
by Danny Bradbury If you’re a WordPress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now. The now-defunct plug-in has a major vulnerability that allows malvertisers to infect sites running WordPress and redirect visitors to other sites. Rich Reviews is a WordPress plugin that lets sites manage reviews internally in WordPress,
0 Comments
Ransomware attacks have disrupted operations at 49 US school districts and educational institutions, making the sector the second most popular for attackers after local government municipalities, according to Armor. The cloud security vendor analyzed publicly reported attacks since January 2019 to better understand the scale of the threat facing the education industry. It claimed that
0 Comments
Twitter has removed another 10,000 accounts across six countries after discovering coordinated activity among nation states designed to spread misinformation. The move comes nearly a year after the social network first began efforts at uncovering state-sponsored propaganda efforts using fake accounts. Since then, it has announced new discoveries in January, June and August this year.
0 Comments
A lack of security on WeWork‘s WiFi network has left sensitive user data exposed. In August, Fast Company revealed that WeWork had used the same WiFi password at many of its rentable shared co-working spaces for years, a password that appears in plain text on WeWork’s app.  The security of the real estate company’s WiFi came under further
0 Comments
The City of Los Angeles and IBM are joining forces with the LA Cyber Lab to help local businesses combat cybercrime. In a new project announced by IBM Security on September 17, the American multi-national IT company will provide technologies and data that will give the city’s commercial movers and shakers an edge in the event of a cyber-attack.
0 Comments
by Danny Bradbury A researcher has just published a zero-day security bug in one of the web’s most popular database administration software packages. The bug makes it possible for an attacker to delete a server by hijacking a user’s account in phpMyAdmin, a 21-year-old open-source tool used to manage MySQL and MariaDB databases. The flaw
0 Comments
In a surprise u-turn, senate Republicans have decided to back Democrat calls for an extra $250m to enhance the security of the nation’s voting infrastructure. Speaking on the floor yesterday, senate majority leader Mitch McConnell said: “I’m proud the Financial Services & General Government bill will include a bipartisan amendment providing another $250 million for
0 Comments
by Lisa Vaas Facebook’s original motto: “Move fast and break things.” France’s finance minister Bruno Le Maire: Non merci, not our global economy, you don’t. Last week, on Thursday, 13 September, Le Maire said in a speech at the OECD Global Blockchain Policy Forum 2019 – a digital currency conference – that he sees Facebook’s
0 Comments
A new government-backed report has warned that the growing use of automation and machine learning algorithms in policing could be amplifying bias, in the absence of consistent guidelines. Commissioned by the Centre for Data Ethics and Innovation (CDEI), which sits in the Culture Department, the report from noted think tank the Royal United Services Institute
0 Comments
by Lisa Vaas An Ohio gamer who got into a spat over a $1.50 wager that led to the death-by-swatting of an innocent man has been sentenced to 15 months in prison, the Department of Justice (DOJ) announced on Friday. Casey S. Viner, 19, pleaded guilty to one count of conspiracy and one count of