[email protected] +603-2181 3666
Extol Threat Intelligent Notification
All eConfirm IT News
Latest Cybersecurity News from the World IT News
‘unCAPTCHA’ Defeats Google CAPTCHA with 85% Accuracy
November 7, 2017 By aatech

unCAPTCHA, an artificial intelligence-based automated system designed at the University of Maryland, can break Google’s audio-based reCAPTCHA challenges with an accuracy of 85%. Google has been working on refining and strengthening reCAPTCHA for years, a Turing test-based methodology for proving that website users aren’t robots, and recently extended it to mobile websites for Android users. […]

Read more
0
IT News
Apple Patches KRACK Vulnerability in iOS 11.1
November 6, 2017 By aatech

Apple has patched iOS, macOS and other products to protect against the KRACK vulnerability recently disclosed in the WPA2 Wi-Fi security protocol.KRACK, short for key re-installation attack, allows an attacker within range of a victim’s Wi-Fi network to read encrypted traffic with varying degrees of difficulty. Many vendors had patched KRACK in their respective products […]

Read more
0
IT News
Backdoor Attacks From Windigo Operation Still Active
November 3, 2017 By aatech

Windigo, a malicious operation uncovered over three years ago, continues to be active despite a takedown attempt in 2014 and the sentencing of one conspirator in August 2017. At the core of Windigo was Linux/Ebury, an OpenSSH backdoor and credential stealer that was estimated to have infected over 25,000 servers worldwide during a two and […]

Read more
0
Latest Cybersecurity News from the World IT News
Mozilla Raises Concerns Over DigiCert Acquiring Symantec CA
November 2, 2017 By aatech

Mozilla has raised some concerns regarding DigiCert acquiring Symantec’s website security and related public key infrastructure (PKI) solutions after major web browser vendors announced that certificates issued by the security firm would no longer be trusted. Due to a series of incidents involving mississued TLS certificates, Mozilla and Google want Symantec and its partners to […]

Read more
0
Latest Cybersecurity News from the World IT News
VPN, Web Sessions Exposed to DUHK Crypto Attack
November 1, 2017 By aatech

A vulnerability in the outdated ANSI X9.31 random number generator (RNG) can allow attackers to recover encryption keys and read data passing through VPN connections and encrypted web browser sessions, researchers warned. The vulnerability has been dubbed DUHK (Don’t Use Hard-coded Keys) and it has been found to affect the products of at least a […]

Read more
0
IT News
‘Bad Rabbit’ Ransomware Attack Hits Russia, Ukraine
October 31, 2017 By aatech

Several major organizations in Russia and Ukraine were hit in the past few hours by a ransomware named “Bad Rabbit.” The incident reminds of the massive attack involving NotPetya malware, which ended up costing companies millions of dollars. Few details are known so far about the Bad Rabbit attack, which has the potential to cause […]

Read more
0
Latest Cybersecurity News from the World IT News
Personal Data of Millions of Malaysians, Sold for Bitcoins
October 30, 2017 By aatech

Last Thursday, Lowyat reported news of “one of the biggest data breaches ever in Malaysian history” – compromising millions of Malaysians’ privacy.The article was taken down temporarily, by request of MCMC, but it is now back up. MCMC has since released a press statement, announcing that an investigation is underway. According to a tip off […]

Read more
0
IT News
Locky Uses DDE Attack for Distribution
October 27, 2017 By aatech

While continuing to spread via spam emails sent by the Necurs botnet, the Locky ransomware has switched to new attack techniques in recent campaigns, in an attempt to evade detection and improve infection rate. One of the methods involves the use of the Dynamic Data Exchange (DDE) protocol, which has been designed to allow Windows […]

Read more
0
Latest Cybersecurity News from the World IT News
BoundHook Attack Exploits Intel Skylake MPX Feature
October 26, 2017 By aatech

A post-intrusion technique developed by researchers at CyberArk Labs called BoundHooking allows attackers to exploit a feature in all Intel chips introduced since Skylake. The attack technique allows for the execution of code from any process without detection by antivirus software or other security measures, researchers said. According to CyberArk, a BoundHooking attack exploits the […]

Read more
0
Latest Cybersecurity News from the World IT News
Critical Code Execution Flaw Patched in PeopleSoft Core Engine
October 25, 2017 By aatech

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code execution on a server running PeopleSoft software. The flaw is in the core […]

Read more
0
1 17 18 19 20 21 157