[email protected] +603-2181 3666
Extol Threat Intelligent Notification
All eConfirm.my IT News
Latest Cybersecurity News from the World IT News
VPN, Web Sessions Exposed to DUHK Crypto Attack
November 1, 2017 By aatech

A vulnerability in the outdated ANSI X9.31 random number generator (RNG) can allow attackers to recover encryption keys and read data passing through VPN connections and encrypted web browser sessions, researchers warned. The vulnerability has been dubbed DUHK (Don’t Use Hard-coded Keys) and it has been found to affect the products of at least a […]

Read more
0
IT News
‘Bad Rabbit’ Ransomware Attack Hits Russia, Ukraine
October 31, 2017 By aatech

Several major organizations in Russia and Ukraine were hit in the past few hours by a ransomware named “Bad Rabbit.” The incident reminds of the massive attack involving NotPetya malware, which ended up costing companies millions of dollars. Few details are known so far about the Bad Rabbit attack, which has the potential to cause […]

Read more
0
Latest Cybersecurity News from the World IT News
Personal Data of Millions of Malaysians, Sold for Bitcoins
October 30, 2017 By aatech

Last Thursday, Lowyat reported news of “one of the biggest data breaches ever in Malaysian history” – compromising millions of Malaysians’ privacy.The article was taken down temporarily, by request of MCMC, but it is now back up. MCMC has since released a press statement, announcing that an investigation is underway. According to a tip off […]

Read more
0
IT News
Locky Uses DDE Attack for Distribution
October 27, 2017 By aatech

While continuing to spread via spam emails sent by the Necurs botnet, the Locky ransomware has switched to new attack techniques in recent campaigns, in an attempt to evade detection and improve infection rate. One of the methods involves the use of the Dynamic Data Exchange (DDE) protocol, which has been designed to allow Windows […]

Read more
0
Latest Cybersecurity News from the World IT News
BoundHook Attack Exploits Intel Skylake MPX Feature
October 26, 2017 By aatech

A post-intrusion technique developed by researchers at CyberArk Labs called BoundHooking allows attackers to exploit a feature in all Intel chips introduced since Skylake. The attack technique allows for the execution of code from any process without detection by antivirus software or other security measures, researchers said. According to CyberArk, a BoundHooking attack exploits the […]

Read more
0
Latest Cybersecurity News from the World IT News
Critical Code Execution Flaw Patched in PeopleSoft Core Engine
October 25, 2017 By aatech

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code execution on a server running PeopleSoft software. The flaw is in the core […]

Read more
0
IT News
Flash 0-day in the wild – patch now!
October 24, 2017 By aatech

This past Patch Tuesday, Adobe released, well, nothing. Given that the past few months of Adobe Patch Tuesdays have been gradually diminishing, perhaps some of us thought these Flash-related patches were going the way of the dodo. Alas, it was wishful thinking. Six days after Patch-Tuesday-that-wasn’t, Adobe has released an out-of-band patch for Flash in […]

Read more
0
Latest Cybersecurity News from the World IT News
Recently Patched .NET Flaw Exploited by China-Linked Cyberspies
October 23, 2017 By aatech

A cyber espionage group previously linked to China has been using a recently patched .NET vulnerability in attacks aimed at organizations in the United States, including a shipbuilding company and a university research center with ties to the military. The threat actor, known for its use of a remote access trojan (RAT) named NanHaiShu, has […]

Read more
0
Latest Cybersecurity News from the World IT News
Adobe Patches Flash Zero-Day Exploited in Targeted Attacks
October 20, 2017 By aatech

A Flash Player security update released on Monday by Adobe patches a zero-day vulnerability that has been exploited in targeted attacks. The security hole, tracked as CVE-2017-11292, has been described as a critical type confusion issue that could lead to remote code execution.The vulnerability affects the Windows, Mac, Linux and Chrome OS versions of Flash […]

Read more
0
IT News
Wi-Fi at risk from KRACK attacks – here’s what to do
October 19, 2017 By aatech

News of the week – and it’s still only Monday – is a Bug With An Impressive name (and its own logo!) called the KRACK Attack.Actually, there are several attacks of a similar sort discussed in the paper that introduced KRACK, so they’re more properly known as the KRACK Attacks.These KRACK attacks mean that most […]

Read more
0
1 17 18 19 20 21 157