The domain hijacking incident appears to have followed the age-old path of an attacker pouncing on a compromised account and swiping the domain rather than a simple expiration.
Libgcrypt 1.9.0, the newest version of a cryptographic library integrated in the GNU Privacy Guard (GnuPG) free encryption software, has a “severe” security vulnerability, warned Werner Koch.
With the release of iOS 14 last fall, Apple has added a new security system to iPhones and iPads to protect users against attacks carried out via the iMessage instant messaging client.
Discovered by researchers at WebARX, the recently addressed issues are caused by the lack of authorization on most AJAX methods, and impact all Popup Builder versions up to 3.71.
Tanium announced Thursday that it sold $150 million in common stock to the Ontario Teachers’ Pension Plan, Canada’s largest pension plan and an active investor in late-stage technology companies.
Breaches and leaks of sensitive information from organizations doubled last year, even as consumer concerns over data privacy surged, according to two new reports published on Data Protection Day.
Although the tactic was unique considering the targeting of security researchers, it is not technically novel. This incident is a reminder to maintain your psychological defenses and stay vigilant.
“Overall, the Wordfence scanner found malware originating from a nulled plugin or theme on 206,000 sites, accounting for over 17% of all infected sites,” Wordfence said on Wednesday.
Although Microsoft deemed the bug “very difficult” to exploit and therefore only fixed it in Windows 8, researcher Adam Zabrocki says that he was able to rework the attack for use against Windows 7.
Titled, “Online Impersonation Prohibition,” House Bill 239 introduced by Rep. Karianne Lisonbee proposes legal consequences for people that “use the name or persona of an individual” without consent.