An Italian researcher from the security firm InTheCyber devised an attack technique to create self-replicating malware hidden in MS Word documents. A few weeks ago, a security researcher reported a flaw that affects all versions of Microsoft Office that could be exploited by attackers to spread macro-based self-replicating malware. Microsoft promptly implemented a security mechanism in […]
The advent of Artificial Intelligence has brought with it a new scope for cybersecurity. Why the artificial intelligence is important for cybersecurity? In my last blog, I discussed AI and Big Data. Now, I am going to explain about AI and Cybersecurity. The advent of Artificial Intelligence has brought with it a new scope for […]
The major Linux distributions rolled out security fixes for a use-after-free error, tracked as CVE-2017-14746, affecting all versions of SAMBA since 4.0. The major Linux distributions (Red Hat, Ubuntu, Debian and others) rolled out security patches for a use-after-free error, tracked as CVE-2017-14746, affecting all versions of SAMBA since 4.0. Administrations have to apply the fixes to their distributions, […]
Almost any PC vendor announced the imminent release of fixes for the flaws in Intel Management Engine, but many of them will be available only in 2018. Intel has started to issue security updated to fix multiple flaws in Intel’s CPUs, unfortunately many of them will not be available to the end-users until 2018. The tech giant […]
A new strain of the notorious macOS Proton malware is spreading through a blog spoofing the legitimate blog of the security firm Symantec. The attackers used the same domain registration information of the original site, except for the email address. The SSL digital certificate for the site is a legitimate certificate issued by Comodo instead of the […]
Unbelievable: Uber concealed data breach that exposed 57 Million records in 2016 and paid hackers to delete stolen records. Uber CEO Dara Khosrowshahi announced on Tuesday that hackers broke into the company database and accessed the personal data of 57 million of its users, the bad news is that the company covered up the hack […]
The Open Web Application Security Project (OWASP) presented the final release for the 2017 OWASP Top 10. The Open Web Application Security Project (OWASP) published the final version of the 2017 OWASP Top 10. In April, the OWASP announced the first release candidate for the 2017 OWASP Top 10, the main novelty was represented by the presence […]
According to a report recently published by the security firm Corero the number of DDoS Attacks doubled in the First Half of 2017 due to unsecured IoT. Denial of Service (DoS) attacks have been around as long as computers have been networked. But if your business relies on the Internet to sell products or collaborate, […]
CC/CERT is warning the Address Space Layout Randomisation (ASLR)Â isnât properly implemented in versions of Microsoft Windows 8 and newer. The researcher Will Dormann from the Carnegie-Mellon CERT has discovered the Address Space Layout Randomisation (ASLR)Â isnât properly implemented in versions of Microsoft Windows 8 and newer. Actually, with Windows 7 and EMET System-wide ASLR, the loaded […]
Experts from the firm Sucuri observed a new wave of wp-vcd malware attacks that is targeting WordPress sites leveraging flaws in outdated plugins and themes A new malware campaign is threatening WordPress installs, the malicious code tracked as wp-vcd hides in legitimate WordPress files and is used by attackers to add a secret admin user and […]