Security

Image: ZDNet A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) “smart” devices. The list, which was published on a popular hacking forum, includes each device’s IP address, along with a username and password for ...

Microsoft has published a security advisory today about an Internet Explorer (IE) vulnerability that is currently being exploited in the wild — a so-called zero-day. The company’s security advisory (ADV200001) currently only includes workarounds and mitigations that can be applied in order to safeguard vulnerable systems from attacks. At the ...

Attacks on Citrix appliances have intensified this week, and multiple threat actors have now joined in and are launching attacks in the hopes of compromising a high-value target, such as a corporate network, government server, or public institution. In a report published today, FireEye says that among all the attack ...

How Oracle’s new, free tool will help make the internet’s routing system more secure ZDNet’s Stephanie Condon tells Karen Roby how Oracle’s new IXP FilterCheck works and why Oracle’s making it available. Read more: https://zd.net/2NbvO3v On the heels of Microsoft’s first Patch Tuesday for 2020, Oracle has pushed out a ...

What happens after a data breach in a major company? Nothing good, says Wall Street The stock market does not take cybersecurity incidents kindly, it seems. P&N Bank is informing customers of a data breach in which personally identifiable information (PII) and sensitive account information was exposed. On Wednesday, a ...

Why only one in three organizations are GDPR compliant — and the risks they’re facing as a result ZDNet’s Danny Palmer tells Karen Roby that over a year after coming into force, these three things are still causing trouble for organizations. Read more: https://zd.net/2nxbLDO Dixons Carphone was recently issued with ...

Cybersecurity: Password-stealing hacking campaign poses new data threat Researchers uncover a phishing campaign attempting to steal login credentials from government departments across North America, Europe and Asia – and nobody knows who is behind it. A successful phishing scam has left a Texan school district $2.3 million out of pocket.  ...

Image: Project Zero India Starting with yesterday, there is now public proof-of-concept exploit code for CVE-2019-19781, a vulnerability in Citrix enterprise equipment that can allow hackers to take over devices and access a companies’ internal networks. The vulnerability is as bad as it gets and has been deemed one of ...

Image: Brett Jordan A Princeton University academic study published yesterday found that five major US prepaid wireless carriers are vulnerable to SIM swapping attacks. A SIM swap is when an attacker calls a mobile provider and tricks the telco’s staff into changing a victim’s phone number to an attacker-controlled SIM ...

Despite nagging from Microsoft, millions of users have yet to upgrade from Windows 7 Nearly half of all PCs used in small businesses are running Windows 7 despite Microsoft’s January 2020 deadline. Just as it did for Windows XP, Google is offering extended Chrome support for Windows 7 for at ...