Some regulatory industries have been required to have the ability to control their own encryption keys, including the ability to revoke encryption keys for security reasons. Lately, the chat collaboration platform Slack has announced the launch of Enterprise Key Management (EKM), a new enterprise key management tool, which will be managed by the AWS KMS service. Slack is best known for its messaging and collaboration features. Read the rest of this post »
Published by Emerson L. Sullivan on March 20, 2019 6:32 am
Last week, the RSAC2019 security conference was held in the United States, attracting many world-renowned security vendors, and even the National Security Agency (NSA) came to help. At this security conference, the NSA opened up the reverse engineering toolkit Ghidra and the HIRS (Host Integrity at Runtime Startup) software to prevent supply chain attacks. Read the rest of this post »
Published by Emerson L. Sullivan on March 11, 2019 3:03 am and last modified on March 11, 2019 3:03 am.
Earlier this month, Adobe urgently patched ColdFusion security vulnerabilities that had been exploited by hackers. ColdFusion is a commercial rapid web application development platform.
This vulnerability, numbered CVE-2019-7816, will allow hackers to execute arbitrary codes and is therefore listed as a significance level of threat, and Adobe urges users to patch it as soon as possible. Read the rest of this post »
Published by Emerson L. Sullivan on March 8, 2019 6:53 am
The rumor about a possible connection between the two famous VPN providers PureVPN and Ivacy spread for a period of time. Now, Ivacy clears the air and confirms PureVPN’s minor stake in the company. Frank, PR Manager at Ivacy states, Read the rest of this post »
Published by Emerson L. Sullivan on March 6, 2019 1:36 am and last modified on March 6, 2019 1:53 am.
Recently, a Chromium project member Dbbrooks filed a vulnerability report stating that Kaspersky ‘s anti-virus software automatically blocks Google’s streaming TV stick Chromecast.
Dbbrooks pointed out that the recent report on device discovery has suddenly exploded, and it is a common problem on the Windows platform. After viewing the logs, the common point is the authentication error of the projection channel, which usually involves anti-virus or security software. Read the rest of this post »
Published by Emerson L. Sullivan on March 4, 2019 9:19 am
It has been revealed that the embedded hardware components on Supermicro motherboards have vulnerabilities that could let IBM or other cloud services be implanted with backdoors that allow attackers to steal corporate customer data, install malicious programs or launch DDoS denial of service attacks. Read the rest of this post »
Published by Emerson L. Sullivan on March 1, 2019 7:47 am
Security experts found a malspam campaign that spreads malicious RAR archive which could exploit the WinRAR flaw to spread malware on a computer.
Last week, a critical 19-year-old vulnerability in the WinRAR was disclosed by security experts at CheckPoint software. According to experts, this flaw can be used by cyber criminals to execute malicious code and gain full control over a compromised computer. It is an “Absolute Path Traversal.” Attacks can exploit UNACEV2.DLL can use a specially-crafted file archive to execute arbitrary code. Read the rest of this post »
Published by Emerson L. Sullivan on February 27, 2019 7:39 am
According to reports, 70,000 credit card details from Meezan Bank which is the first and largest Islamic commercial bank have shown up for sale on Joker’s Stash which is one of the largest underground hubs of stolen card data. The market value of this database is estimated at nearly 3.5 million USD in total. That is a huge data & privacy breaches.
Read the rest of this post »
Published by Emerson L. Sullivan on February 25, 2019 3:52 am
The well-known United States email provider – VFEmail – has suffered a brutal hack. Their servers, data as well as backups of almost two decades were permanently erased with no possibility to recover them.
VFEmail was started in 2001 by Rick Romero. It provides secure and private email services to companies and end users with both free & paid version. This “catastrophic destruction” caused massive data loss.
VFEmail.net tweeted, “Strangely, not all VMs shared the same authentication, but all were destroyed. This was more than a multi-password via ssh exploit, and there was no ransom. Just attack and destroy.” Read the rest of this post »
Published by Emerson L. Sullivan on February 18, 2019 3:38 am
You are always suggested to install the latest patches to avoid vulnerabilities and keep your PC safe. The vast ransomware last year sneaked into victims’ system once they turned on the PC. The hackers made use of Windows vulnerabilities to attack a large number of PCs and grabbed millions of dollars throughout the world. Victims lost their precious files on PC forever. It only takes minutes to install patches. You can avoid virus infection and data & financial loss effectively in this way. Read the rest of this post »
Published by Emerson L. Sullivan on February 14, 2019 2:30 am and last modified on February 14, 2019 2:30 am.