News

Most SAP systems vulnerable to critical security configuration risk

Net Security - 3 hours 16 min ago

Onapsis researchers revealed a critical security configuration vulnerability that results from default installations in SAP systems which if left insecure, could lead to a full system compromise in unprotected environments. If exploited the impact could be full control of the system by hackers, putting business-critical ERP, HR, PII, Finance, and Supply Chain data and processes at risk. Most SAP systems are vulnerable The vulnerability, mainly driven by a security configuration originally documented by SAP in … More →

The post Most SAP systems vulnerable to critical security configuration risk appeared first on Help Net Security.

Categories: News

New Drupal RCE vulnerability under active exploitation, patch ASAP!

Net Security - 6 hours 12 min ago

Yet another Drupal remote code execution vulnerability has been patched by the Drupal security team, who urge users to implement the offered updates immediately as the flaw is being actively exploited in the wild. The vulnerability (CVE-2018-7602) affects Drupal versions 7.x and 8.x. Users should upgrade to v7.59 and 8.5.3. Those who, for whatever reason, can’t implement the update can implement standalone patches, but before doing so they have to apply the fix from SA-CORE-2018-002 … More →

The post New Drupal RCE vulnerability under active exploitation, patch ASAP! appeared first on Help Net Security.

Categories: News

Tackle cyber threats in real time with the Micro Focus enterprise security platform

Net Security - Thu, 26/04/2018 - 22:30

In this podcast recorded at RSA Conference 2018, John Delk, Chief Product Officer and the General Manager of the security product group at Micro Focus, talks about how Micro Focus’ solutions comprise an enterprise-grade security platform with built-in scalability and analytics to drive the future of security. Here’s a transcript of the podcast for your convenience. Hi, I’m John Delk, I’m the Chief Product Officer and the General Manager of the security product group here … More →

The post Tackle cyber threats in real time with the Micro Focus enterprise security platform appeared first on Help Net Security.

Categories: News

Gmail users can now send self-destructing emails

Net Security - Thu, 26/04/2018 - 22:15

Google is slowly rolling out a number of changes for consumer Gmail users and G Suite users. Some of the changes improve usability and productivity, while others are meant to maximize data and user protection. Some of the new security options should help enterprise users meed GDPR compliance needs. New Gmail security features Gmail confidential mode will allow users to: Set expiration dates for emails or revoke previously sent messages Secure access to the contents … More →

The post Gmail users can now send self-destructing emails appeared first on Help Net Security.

Categories: News

Can existing endpoint security controls prevent a significant attack?

Net Security - Thu, 26/04/2018 - 22:00

Endpoint security solutions are failing to provide adequate protections to address today’s security threats, specifically malware, according to Minerva Labs. A majority of the respondents surveyed indicated a heightened concern of a major malware breach in the coming year and acknowledged that they require more than an AV solution on the endpoint to combat the rising threat. After a year of massive ransomware outbreaks, NSA state-grade exploit leaks, and an extraordinary number of cybersecurity meltdowns, … More →

The post Can existing endpoint security controls prevent a significant attack? appeared first on Help Net Security.

Categories: News

Better code won’t save developers in the short run

Net Security - Thu, 26/04/2018 - 21:45

According to OWASP, “Insecure software is undermining our financial, healthcare, defense, energy and other critical infrastructure.” In its 2017 OWASP Top 10 Most Critical Web Application Security Risks, the authors argue that as software becomes increasingly complex, and connected, the difficulty of achieving application security increases exponentially. The rapid pace of modern software development processes makes the most common risks essential to discover and resolve quickly and accurately. Incapsula, a web application firewall (WAF) provider, … More →

The post Better code won’t save developers in the short run appeared first on Help Net Security.

Categories: News

Global AI business value to reach $1.2 trillion in 2018

Net Security - Thu, 26/04/2018 - 21:30

Global business value derived from artificial intelligence (AI) is projected to total $1.2 trillion in 2018, an increase of 70 percent from 2017, according to Gartner. AI-derived business value is forecast to reach $3.9 trillion in 2022. The Gartner AI-derived business value forecast assesses the total business value of AI across all the enterprise vertical sectors covered by Gartner. There are three different sources of AI business value: customer experience, new revenue, and cost reduction. … More →

The post Global AI business value to reach $1.2 trillion in 2018 appeared first on Help Net Security.

Categories: News

PlayStation Plus May games include Rayman Legends, Beyond

PCA - Breaking - Thu, 26/04/2018 - 15:10
PS Plus subscribers have at least one great game awaiting them next month.
Categories: News

Toshiba arms its X98 OLED series with Alexa support and future-proofed HDR

PCA - Breaking - Thu, 26/04/2018 - 12:46
And it’ll hopefully come in a bit cheaper that its rivals...
Categories: News

Opera launches (another) mobile app – Opera Touch 1.0

PCA - Breaking - Thu, 26/04/2018 - 12:33
Opera Software has launched Opera Touch 1.0 a mobile app for Android (with iOS due to follow shortly).
Categories: News

CCleaner attackers gained access to app developer's network via TeamViewer

PCA - Breaking - Thu, 26/04/2018 - 12:25
The attackers who infected 2.27 million machines last year using a modified version of the computer maintenance app CCleaner gained unauthorised access to the developer's network using remote access program TeamViewer.
Categories: News

Two-thirds of online banking systems in 2017 contained high-risk vulnerabilities

PCA - Breaking - Thu, 26/04/2018 - 12:25
75 percent of online banking systems contained cross-site scripting flaws, 69 percent lacked protection from data interception, 63 percent had insufficient authorisation, 50 percent were vulnerable to sensitive data disclosure.
Categories: News

The Nintendo Switch has been blown wide open by an unfixable hack

PCA - Breaking - Thu, 26/04/2018 - 10:16
Thanks to an exploit at the core of Nintendo Switch's hardware, hackers are now running Gamecube games and more.
Categories: News

Nanowires could hold the key to safer, less flammable Lithium-ion batteries

PCA - Breaking - Thu, 26/04/2018 - 10:16
Scientists have made Lithium-ion batteries both safer and more powerful with the use of nanowires.
Categories: News

This chatbot could help you become Instagram famous by predicting the success of your next post

PCA - Breaking - Thu, 26/04/2018 - 10:16
Become the Instagram success you deserve to be, with the help of this AI chatbot.
Categories: News

Windows Phone apps to be killed off

PCA - Breaking - Thu, 26/04/2018 - 08:38
Microsoft drops support for Teams, Yammer, and Skype for Business apps as of next month.
Categories: News

Google's G Suite redesign draws on AI to kill email clutter

PCA - Breaking - Thu, 26/04/2018 - 08:38
Confidential mode also aims to protect personal data and reduce risk of user error.
Categories: News

MyEtherWallet users robbed after successful DNS hijacking attack

Net Security - Thu, 26/04/2018 - 06:00

Unknown attackers have managed to steal approximately $150,000 in Ethereum from a number of MyEtherWallet (MEW) users, after having successfully redirected them to a phishing site posing as MyEtherWallet.com. The redirection was seamless, and the only thing that gave some indication that the phishing site is not what it pretended to be was the warning showed to visitors saying that the TLS certificate used by the site was signed by an unknown authority (i.e., was … More →

The post MyEtherWallet users robbed after successful DNS hijacking attack appeared first on Help Net Security.

Categories: News

Researchers discover next generation phishing kit

Net Security - Thu, 26/04/2018 - 02:40

Researchers at Check Point and CyberInt, have discovered a new generation of phishing kit that is readily available on the Dark Web. A posting on the Dark Net that advertises the [A]pache phishing kit Created by a cyber-criminal known as ‘[A]pache’, the kit makes it simple for those with very little technical ability to carry out their own cyber-attack. By simply downloading this multi-functioning phishing kit and following the straightforward installation instructions, a threat actor … More →

The post Researchers discover next generation phishing kit appeared first on Help Net Security.

Categories: News

Pages