Security News
Aamir Lakhani, cybersecurity researcher for Fortinet's FortiGuard Labs, discusses criminals flocking to web server and browser attacks, and what to do about it. Attackers use email, instant messages, SMS messages and links on social networking to trick at-home workers into installing malware that leads to identity theft, loss of property and, possibly, entry into the corporate network.
Cisco announced its strategy to help communication service providers and web scale companies around the world connect, secure and automate their networks to deliver a stronger, more accessible internet to everyone, everywhere, regardless of geographic limitations. Answering the call, Cisco designed its Converged SDN Transport, an innovative blueprint designed to help service providers converge multiple networks into a common, cost efficient and secure infrastructure with enormous scale.
An Israeli national has pleaded guilty to his role in operating DeepDotWeb, a website that functioned as a gateway to various Dark Web marketplaces, the U.S. Justice Department announced on Wednesday. The man, Tal Prihar, 37, together with co-defendant Michael Phan, 34, of Israel, owned and operated DeepDotWeb between October 2013 and May 2019, when the website was seized by authorities.
Indian payment app maker MobiKwik has denied its security has been breached, saying that if it's true, as has been claimed, that its customers' information has appeared on the dark web, then some other platform was totally responsible for that. "Some users have reported that their data is visible on the dark web," reads a message from the company, dated March 30.
Indian payment app maker MobiKwik has denied its security has been breached, saying that if it's true, as has been claimed, that its customers' information has appeared on the dark web, then some other platform was totally responsible for that. "Some users have reported that their data is visible on the dark web," reads a message from the company, dated March 30.
Open source web programming language PHP narrowly avoided a potentially dangerous supply chain attack over the weekend. In theory, anyone who downloaded the very latest "Still in development" version of PHP on Sunday 2021-03-28, compiled it, and installed it on a real-life, internet facing web server could have been at risk.
A web application firewall is your first line of defence when it comes to protecting your organization from an array of potential threats. By filtering out the content scrapers, bots, and other web creepy-crawlies, you can remove their impact on your infrastructure reduce the overall cost of maintaining your web presence.
As Google security engineers pointed out, these mechanisms do not prevent the Spectre exploit, but rather "Protect sensitive data from being present in parts of the memory from which they can be read by the attacker." To further reduce the risk of data leakage, website owners should add an extra line of defense to protect the actual data in memory in the event that all other security controls.
The Chrome browser extension ClearURLs has been removed from the Chrome Web Store, for reasons its developer describes as "Ridiculous." Google's Chrome team emailed ClearURLs developer Kevin Roebert yesterday to tell him: "Your item had to be removed from the Chrome Web Store," citing three violations of its terms.
Ever since the first dark web monitoring services became available, around 2005, consumers of such services often asked - why aren't these websites being taken down? After all, the sites that comprise the dark web are platforms and tools for illegal activities. There is a case to be made for adopting the other strategy - disrupt the dark web as much as possible - and it seems that unlike the early days of dark web monitoring, it is not one that is discussed at all.