Security News

Protect your business from cybercrime with this dark web monitoring service We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. In addition to using a VPN and anti-malware software, it's also smart to invest in a service like Dark Web Monitoring for Business.

Specops Software released new research finding cybersecurity weaknesses in business web apps including Shopify, Zendesk, Trello, and Stack Overflow. This Help Net Security video reveals how popular business web applications failed to implement critical password and authentication requirements to protect customers.

This new research reveals that several popular business web applications have failed to implement critical password and authentication requirements to protect customers. Specops' analysis found inadequate password and authentication requirements that could leave customers vulnerable, including allowing users to set weak and breached passwords, often with little or no strong authentication in place.

Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. Security researchers at Palo Alto Networks' Unit 42 say that the attackers' goal was to plant a PHP web shell that could run arbitrary commands on the compromised communications server.

A widespread software supply chain attack has targeted the NPM package manager at least since December 2021 with rogue modules designed to steal data entered in forms by users on websites that include them. The coordinated attack, dubbed IconBurst by ReversingLabs, involves no fewer than two dozen NPM packages that include obfuscated JavaScript, which comes with malicious code to harvest sensitive data from forms embedded downstream mobile applications and websites.

July may positively disrupt and adrenalize the old-fashioned Dynamic Application Security Scanning market, despite the coming holiday season. The pathbreaking innovation comes from ImmuniWeb, a global application security company, well known for, among other things, its free Community Edition that processes over 100,000 daily security scans of web and mobile apps.

Cybersecurity researchers have detailed the various measures ransomware actors have taken to obscure their true identity online as well as the hosting location of their web server infrastructure. "Most ransomware operators use hosting providers outside their country of origin to host their ransomware operations sites," Cisco Talos researcher Paul Eubanks said.

One of the common techniques used by these threat actors to try to add a strong layer of anonymity consists of using The Onion Router network to hide the location of their servers. It is important to note that servers hosted on the Tor network are just typical servers hosted on the Internet - users are merely accessing them via a special network.

Privacy Affairs researchers concluded criminals using the dark web can get a complete set of a person’s account details, enabling them to create fake IDs and forge private documents, such as...

What is the price for personal information, including credit cards and bank accounts, on the dark web? Privacy Affairs researchers concluded criminals using the dark web need only spend $1,115 for a complete set of a person's account details, enabling them to create fake IDs and forge private documents, such as passports and driver's licenses.