Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

Zero Day in jQuery Plugin Impacts Thousands of Applications

22nd October 2018

Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild, a security researcher has discovered. Tracked as CVE-2018-9206, the security bug impacts older versions of the plugin as well, going all the way back to 2010, Akamai researcher Larry Cashdollar found out. At the […]

Read More

Flaw in Media Library Impacts VLC, Other Software

22nd October 2018

A serious vulnerability in the LIVE555 Streaming Media RTSP server affects popular applications, including VLC, MPlayer and others, Cisco Talos has discovered. Developed by Live Networks, Inc, LIVE555 Streaming Media represents a set of open-source C++ libraries meant for multimedia streaming. The libraries provide support for open standards used in streaming, but can also be […]

Read More

Recent Branch.io Patch Creates New XSS Flaw

22nd October 2018

The patch for a recently disclosed cross-site scripting (XSS) vulnerability in Branch.io introduced another similar flaw, a security researcher revealed last week. California-based Branch.io provides customers with solutions that help create deep links for referral systems, invitations, and sharing links for attribution and analytics purposes. The service is used by many popular web platforms, including […]

Read More

Facebook Says No Apps Were Accessed in Recent Hack

3rd October 2018

Facebook has shared another update on the hacker attack disclosed last week. The social media giant says there is no evidence that the attackers accessed any third-party apps. Facebook revealed on September 28 that it had reset the access tokens for 90 million accounts, including 50 million that were directly impacted and 40 million deemed […]

Read More

Fileless Malware Attacks on the Rise, Microsoft Says

3rd October 2018

Fileless malware attacks, or incidents where the malicious payload doesn’t touch the disk, but is executed directly in memory instead, are on the rise, Microsoft says. Attacks that leverage fileless techniques are not new, but were recently adopted by a broader range of malware. A couple of years ago, the Kovter Trojan was well known […]

Read More

New Twitter Rules Target Fake Accounts, Hackers

3rd October 2018

Twitter on Monday announced that it has made some changes in preparation for the upcoming midterm elections in the United States. The changes include updated rules that target fake accounts and hackers. Social media companies have been criticized for allowing their platforms to be abused for influence campaigns ahead of the 2016 presidential election in […]

Read More

Cybercriminals Have Been Experimenting With a Blockchain Domain Name System (DNS)

3rd September 2018

The takedowns of AlphaBay and Hansa in 2017 by law enforcement gave rise to much speculation about the future of dark web marketplaces. As I’ve discussed before, an environment of fear and mistrust are driving the cybercriminal community to incorporate alternative technologies to improve security and remain below the radar as they conduct illicit business […]

Read More

CEIDPageLock Rootkit Hijacks Web Browsers

3rd September 2018

A new rootkit that has been distributed via the RIG exploit kit over the past few weeks can manipulate web browsers and also contains sophisticated defense mechanisms, Check Point says. Dubbed CEIDPageLock, the malware was initially discovered a few months ago, when it was attempting to modify the homepage of a victim’s browser. The rootkit […]

Read More

Advanced Android Spyware Remained Hidden for Two Years

3rd September 2018

A newly detailed Android spyware that has an incredibly wide-ranging protocol has been active since May 2016, Kaspersky Lab warns. Dubbed BusyGasper, the malware includes device sensors listeners (such as motion detectors), can exfiltrate data from messaging applications (WhatsApp, Viber, Facebook), includes keylogging capabilities, and supports 100 commands. Featuring a multicomponent architecture, the malware can […]

Read More

The Disconnect Between Understanding Email Threats and Preventing Them

3rd August 2018

Email continues to be the starting point for the majority of all security breaches. The 2018 Verizon Data Breaches Investigation Report (DBIR) says that email is the attack vector in 96% of breaches. But a new study suggests that despite these figures, companies are not allocating sufficient resources to reduce email risk. The study was […]

Read More

Page 4 of 10« First...2345610...Last »