Security News
It was a tsunami of DNS queries that ultimately took out a host of Microsoft services, from Xbox Live to Teams, for some netizens about an hour on April Fools' Day, Redmond has said. The web giant's Threat Analysis Group said it had detected in March a bogus security company SecuriElite reaching out to legit professionals via social media, such as LinkedIn and Twitter.
Aamir Lakhani, cybersecurity researcher for Fortinet's FortiGuard Labs, discusses criminals flocking to web server and browser attacks, and what to do about it. Attackers use email, instant messages, SMS messages and links on social networking to trick at-home workers into installing malware that leads to identity theft, loss of property and, possibly, entry into the corporate network.
Cisco announced its strategy to help communication service providers and web scale companies around the world connect, secure and automate their networks to deliver a stronger, more accessible internet to everyone, everywhere, regardless of geographic limitations. Answering the call, Cisco designed its Converged SDN Transport, an innovative blueprint designed to help service providers converge multiple networks into a common, cost efficient and secure infrastructure with enormous scale.
An Israeli national has pleaded guilty to his role in operating DeepDotWeb, a website that functioned as a gateway to various Dark Web marketplaces, the U.S. Justice Department announced on Wednesday. The man, Tal Prihar, 37, together with co-defendant Michael Phan, 34, of Israel, owned and operated DeepDotWeb between October 2013 and May 2019, when the website was seized by authorities.
Indian payment app maker MobiKwik has denied its security has been breached, saying that if it's true, as has been claimed, that its customers' information has appeared on the dark web, then some other platform was totally responsible for that. "Some users have reported that their data is visible on the dark web," reads a message from the company, dated March 30.
Indian payment app maker MobiKwik has denied its security has been breached, saying that if it's true, as has been claimed, that its customers' information has appeared on the dark web, then some other platform was totally responsible for that. "Some users have reported that their data is visible on the dark web," reads a message from the company, dated March 30.
Open source web programming language PHP narrowly avoided a potentially dangerous supply chain attack over the weekend. In theory, anyone who downloaded the very latest "Still in development" version of PHP on Sunday 2021-03-28, compiled it, and installed it on a real-life, internet facing web server could have been at risk.
A web application firewall is your first line of defence when it comes to protecting your organization from an array of potential threats. By filtering out the content scrapers, bots, and other web creepy-crawlies, you can remove their impact on your infrastructure reduce the overall cost of maintaining your web presence.
As Google security engineers pointed out, these mechanisms do not prevent the Spectre exploit, but rather "Protect sensitive data from being present in parts of the memory from which they can be read by the attacker." To further reduce the risk of data leakage, website owners should add an extra line of defense to protect the actual data in memory in the event that all other security controls.
The Chrome browser extension ClearURLs has been removed from the Chrome Web Store, for reasons its developer describes as "Ridiculous." Google's Chrome team emailed ClearURLs developer Kevin Roebert yesterday to tell him: "Your item had to be removed from the Chrome Web Store," citing three violations of its terms.