[email protected] +603-2181 3666
Extol Threat Intelligent Notification
All eConfirm.my IT News
Latest Cybersecurity News from the World IT News
BoundHook Attack Exploits Intel Skylake MPX Feature
October 26, 2017 By aatech

A post-intrusion technique developed by researchers at CyberArk Labs called BoundHooking allows attackers to exploit a feature in all Intel chips introduced since Skylake. The attack technique allows for the execution of code from any process without detection by antivirus software or other security measures, researchers said. According to CyberArk, a BoundHooking attack exploits the […]

Read more
0
Latest Cybersecurity News from the World IT News
Critical Code Execution Flaw Patched in PeopleSoft Core Engine
October 25, 2017 By aatech

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code execution on a server running PeopleSoft software. The flaw is in the core […]

Read more
0
IT News
Flash 0-day in the wild – patch now!
October 24, 2017 By aatech

This past Patch Tuesday, Adobe released, well, nothing. Given that the past few months of Adobe Patch Tuesdays have been gradually diminishing, perhaps some of us thought these Flash-related patches were going the way of the dodo. Alas, it was wishful thinking. Six days after Patch-Tuesday-that-wasn’t, Adobe has released an out-of-band patch for Flash in […]

Read more
0
Latest Cybersecurity News from the World IT News
Recently Patched .NET Flaw Exploited by China-Linked Cyberspies
October 23, 2017 By aatech

A cyber espionage group previously linked to China has been using a recently patched .NET vulnerability in attacks aimed at organizations in the United States, including a shipbuilding company and a university research center with ties to the military. The threat actor, known for its use of a remote access trojan (RAT) named NanHaiShu, has […]

Read more
0
Latest Cybersecurity News from the World IT News
Adobe Patches Flash Zero-Day Exploited in Targeted Attacks
October 20, 2017 By aatech

A Flash Player security update released on Monday by Adobe patches a zero-day vulnerability that has been exploited in targeted attacks. The security hole, tracked as CVE-2017-11292, has been described as a critical type confusion issue that could lead to remote code execution.The vulnerability affects the Windows, Mac, Linux and Chrome OS versions of Flash […]

Read more
0
IT News
Wi-Fi at risk from KRACK attacks – here’s what to do
October 19, 2017 By aatech

News of the week – and it’s still only Monday – is a Bug With An Impressive name (and its own logo!) called the KRACK Attack.Actually, there are several attacks of a similar sort discussed in the paper that introduced KRACK, so they’re more properly known as the KRACK Attacks.These KRACK attacks mean that most […]

Read more
0
IT News
Microsoft Patches Office Bug Actively Being Exploited
October 18, 2017 By aatech

Security experts are urging network administrators to patch a Microsoft Office vulnerability that has been exploited in the wild. The vulnerability (CVE-2017-11826) could allow remote code execution if a user opens a specially crafted Office file. It was one of 62 vulnerabilities patched by Microsoft as part of its monthly Patch Tuesday updates released today. […]

Read more
0
Latest Cybersecurity News from the World IT News
Researchers Warn of Cyber Risks for Olympic Games
October 17, 2017 By aatech

The Olympic Games offer a tempting target for hackers and other malicious actors, with potentially devastating consequences for one of the world’s premier sporting events, researchers said Tuesday. A report by University of California researchers said the efforts to disrupt the 2016 US election should serve as warning about the impact of a cyber-attack on […]

Read more
0
Latest Cybersecurity News from the World IT News
Vendor BPC Banking Silent on Patching SQL Injection in SmartVista Ecommerce Software
October 16, 2017 By aatech

A popular ecommerce platform sold in 60 countries suffers from a SQL injection vulnerability privately disclosed in April that has yet to be patched by the vendor. BPC Banking Technologies of Switzerland has not acknowledged the vulnerability in its SmartVista suite of ecommerce and financial software product, despite numerous reports from Rapid7, CERT/CC in the […]

Read more
0
IT News
iOS Password Prompts are Ripe for Abuse
October 13, 2017 By aatech

Apple’s policy to repeatedly ask users for their iTunes password needlessly exposes iOS device owners to possible phishing attacks, according a mobile app developer Felix Krause.Krause’s beef with Apple is that too often and seemingly at random times, popups deliver a dialogue box for users to enter their Apple ID. The prompts have become so […]

Read more
0
1 17 18 19 20 21 157