1252 matches found
The digital entropy of death: what happens to your online accounts when you die
Unless you're planning on having your mind jammed inside some sort of computer chip, eventually mortality will catch up and you're going to have to work out what you'll do with all of your online accounts. When it's time to shuffle off this mortal coil, you might, theoretically, be slightly annoy...
Abine Blur Information Disclosure Vulnerability
Abine Blur is a private account management application from Abine USA.Password Manager Extension is one of the password management plug-ins. A security vulnerability exists in Password Manager Extension in Abine Blur version 7.8.2428 prior to 7.8.242. A remote attacker can exploit this...
CVE-2018-7213
The Password Manager Extension in Abine Blur 7.8.242 before 7.8.2428 allows attackers to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured...
Code injection
The Password Manager Extension in Abine Blur 7.8.242 before 7.8.2428 allows attackers to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured...
CVE-2018-7213
The Password Manager Extension in Abine Blur 7.8.242 before 7.8.2428 allows attackers to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured...
CVE-2018-7213
The CVE concerns Abine Blur’s Password Manager Extension. Affected: Blur 7.8.242* pre-release 7.8.2428. Root cause: an unsecured right-click context menu allows bypass of Multi-Factor Authentication and macOS disk encryption protection, enabling exfiltration of secured data. Documents do not spec...
CVE-2018-7213
The Password Manager Extension in Abine Blur 7.8.242 before 7.8.2428 allows attackers to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured...
Financial Cyber Threat Sharing Group Phished
The Financial Services Information Sharing and Analysis Center FS-ISAC, an industry forum for sharing data about critical cybersecurity threats facing the banking and finance industries, said today that a successful phishing attack on one of its employees was used to launch additional phishing...
Akamaizing Your Dev & QA Environments
Over the last few months, I've been talking to many development and test teams who deliver their sites and applications through the Akamai Intelligent Platform. One common challenge they face is how to test their Akamai delivery configurations on the Internet against their private development and...
When Phishing Starts from the Inside
A growing concern of security professionals is internal phishing attacks - phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with...
Back to school cybersecurity tips for parents and kids
The time to start the new school term is just around the corner. And for parents, the excitement and anxiety may be palpable, especially if it's their kid's first time attending a new school. Ads for back-to-school gear start as early as July, increasing in frequency and urgency until the kiddos...
How Do SMEs Fight Off Cyberattacks?
I'd like to address some of the concerns that small and medium sized enterprises SMEs may have around cybersecurity, especially in the wake of the WannaCry ransomware attack and a continuous news flow around successful attacks on high profile companies. Does the fact that well-known brands are...
Zeus - AWS EC2 / S3 Auditing & Hardening Tool
Zeus is a powerful tool for AWS EC2 / S3 best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user. Identity and Access Management Avoid the use of the "roo...
FBI Releases Article on Protecting Business Email Systems
The Federal Bureau of Investigation FBI has released an article on Building a Digital Defense with an Email Fortress. FBI warns that scammers commonly target business email accounts with phishing and social engineering schemes. Strategies for preventing email compromises include avoiding the use ...
FTC Releases Alert on Identity Theft
The Federal Trade Commission FTC has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to...
Senate's Use of Signal A Good First Step, Experts Say
On Tuesday the United States Senate made it official and approved the use of encrypted messaging app Signal by staffers. Encryption advocates applauded the measure, but say more needs to be done to protect “civic” infrastructure critical to democracy. “The move to secure communications...
Strengthening Network Access Security with Multi-Factor Authentication
As technology continues to develop, more and more applications become not just convenient, but necessary. It was less than a decade ago that it was inconceivable we would 'need' to carry a consumer device to access the internet in our pockets. Today, it is essential. The same is true with the...
Remote Access no longer needs to be Complex and Cumbersome
From an IT management perspective, remote access management can be complex. Deployment, administration, testing and compliance is often multifaceted and time consuming, and security is an on-going concern. Granted, I have talked with IT professionals who tell me VPNs - being the primary remote...
Websites Can Now Track You Online Across Multiple Web Browsers
You might be aware of websites, banks, retailers, and advertisers tracking your online activities using different Web "fingerprinting" techniques even in incognito/private mode, but now sites can track you anywhere online — even if you switch browsers. A team of researchers has recently developed...
Gameover ZeuS Trojan Targets Users of Monster.com Employment Portal
Zeus Trojan is one of the most popular families of Banking Trojan, which was also used in a targeted malware campaign against a Salesforce.com customer at the end of the last month and researchers found that the new variant of Zeus Trojan has web crawling capabilities that are used to grab...