Native American Indian & Service-Disabled Veteran Owned Business

News and Events

RSS Cybersecurity

  • Adobe Releases Out-of-Band Security Patches for 82 Flaws in Various Products October 15, 2019
    No, it's not a patch Tuesday. It's the third Tuesday of the month, and as The Hacker News shared an early heads-up late last week on Twitter, Adobe today finally released pre-announced out-of-band security updates to patch a total of 82 security vulnerabilities across its various products. The affected products that received security patches today […]
  • Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent October 15, 2019
    Do you know Apple is sending iOS web browsing related data of some of its users to Chinese Internet company Tencent? I am sure many of you are not aware of this, neither was I, and believe me, none of us could expect this from a tech company that promotes itself as a champion of […]
  • Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted October 15, 2019
    Attention Linux Users! A new vulnerability has been discovered in Sudo—one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system. The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program […]
  • Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks October 15, 2019
    In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in "about: pages" that are the gateway to sensitive preferences, settings, and statics of the browser. Firefox browser has 45 such internal locally-hosted about pages, some […]
  • Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template October 15, 2019
    Security incidents occur. It's not a matter of 'if' but of 'when.' There are security products and procedures that were implemented to optimize the IR process, so from the 'security-professional' angle, things are taken care of. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process […]
  • SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks October 12, 2019
    Until now, I'm sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS. If you are unaware, the name "SimJacker" has been given […]
  • UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked October 11, 2019
    A 39-year-old password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers. In 2014, developer Leah Neukirchen spotted an interesting "/etc/passwd" file in a publicly available […]
  • Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks October 10, 2019
    Watch out Windows users! The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple's iTunes and iCloud software for Windows to evade antivirus detection. The vulnerable component in question is the Bonjour updater, a zero-configuration implementation of network
  • New Comic Videos Take CISO/Security Vendor Relationship to the Extreme October 10, 2019
    Today's CISOs operate in an overly intensive environment. As the ones who are tasked with the unenviable accountability for failed protection and successful breaches, they must relentlessly strive to improve their defense lines with workforce education, training their security teams and last but definitely not least — looking for products that will upgrade and adjust […]
  • 7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App October 9, 2019
    A 7-year-old critical remote code execution vulnerability has been discovered in iTerm2 macOS terminal emulator app—one of the most popular open source replacements for Mac's built-in terminal app. Tracked as CVE-2019-9535, the vulnerability in iTerm2 was discovered as part of an independent security audit funded by the Mozilla Open Source Support Program (MOSS) and conducted […]
  • Breaches are now commonplace, but Reason Cybersecurity lets users guard their privacy October 9, 2019
    There has been no shortage of massive security breaches so far this year. Just last July, Capital One disclosed that it was hit by a breach that affected more than 100 million customers. Also recently, researchers came across an unsecured cloud server that contained the names, phone numbers, and financial information of virtually all citizens […]
  • You Gave Your Phone Number to Twitter for Security and Twitter Used it for Ads October 9, 2019
    After exposing private tweets, plaintext passwords, and personal information for hundreds of thousands of its users, here is a new security blunder social networking company Twitter admitted today. Twitter announced that the phone numbers and email addresses of some users provided for two-factor authentication (2FA) protection had been used for targeted advertising purposes—though the company
  • Microsoft Releases October 2019 Patch Tuesday Updates October 8, 2019
    Microsoft today rolling out its October 2019 Patch Tuesday security updates to fix a total of 59 vulnerabilities in Windows operating systems and related software, 9 of which are rated as critical, 49 are important, and one is moderate in severity. What’s good about this month’s patch update is that after a very long time, […]
  • vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities October 8, 2019
    After releasing a patch for a critical zero-day remote code execution vulnerability late last month, vBulletin has recently published a new security patch update that addresses 3 more high-severity vulnerabilities in its forum software. If left unpatched, the reported security vulnerabilities, which affect vBulletin 5.5.4 and prior versions, could eventually allow remote attackers to take
  • Adobe Suspends Accounts for All Venezuela Users Citing U.S. Sanctions October 8, 2019
    I have really bad news for Adobe customers in Venezuela… California-based software company Adobe on Monday announced to soon ban accounts and cancel the subscriptions for all of its customers in Venezuela in order to comply with economic sanctions that the United States imposed on the Latin American country. The Trump administration issued an executive […]
  • Signal Messenger Bug Lets Callers Auto-Connect Calls Without Receivers' Interaction October 5, 2019
    Almost every application contains security vulnerabilities, some of which you may find today, but others would remain invisible until someone else finds and exploits them—which is the harsh reality of cybersecurity and its current state. And when we say this, Signal Private Messenger—promoted as one of the most secure messengers in the world—isn't any exception. […]
  • New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild October 4, 2019
    Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world's most widely used mobile operating system, Android. What's more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, […]
  • Just a GIF Image Could Have Hacked Your Android Phone Using WhatsApp October 3, 2019
    A picture is worth a thousand words, but a GIF is worth a thousand pictures. Today, the short looping clips, GIFs are everywhere—on your social media, on your message boards, on your chats, helping users perfectly express their emotions, making people laugh, and reliving a highlight. But what if an innocent-looking GIF greeting with Good […]
  • A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments October 2, 2019
    Phishing is still one of the widely used strategies by cybercriminals and espionage groups to gain an initial foothold on the targeted systems. Though hacking someone with phishing attacks was easy a decade ago, the evolution of threat detection technologies and cyber awareness among people has slowed down the success of phishing and social engineering […]
  • How SMBs Can Mitigate the Growing Risk of File-based Attacks October 2, 2019
    Cases of document-based malware are steadily rising. 59 percent of all malicious files detected in the first quarter of 2019 were contained in documents. Due to how work is done in today's offices and workplaces, companies are among those commonly affected by file-based attacks. Since small to medium businesses (SMBs) usually lack the kind of […]