Does your organization have cybersecurity defense systems in place? Are your employees trained to recognize some of the most common social engineering tricks? If not your system still has a wide-open gap.
Social engineers are cunning and malicious and they will go to any lengths to get access to information, systems or secure buildings e.t.c for instance phishing, tailgating, crankcall (phone impersonation) and not to mention oversharing by the employees ( social media pretexting)
After the first-wave of Spectre and Meltdown attacks were conquered, people relaxed. That was a mistake. Early this year, researchers from several organizations warned that processors from Intel, AMD, ARM and other companies are affected by flaws that allow malicious applications to bypass memory isolation mechanisms and gain access to sensitive data.
Spectre attacks are possible due to CVE-2017-5753/ CVE-2017-5715 (Variant 1 & 2), while Meltdown attacks are possible due to CVE-2017-5754 (Variant 3). Researchers at Google Project Zero & Microsoft recently identified a new method which they have dubbed Variant 4.
Security researchers have gone public with vulnerabilities in some secure mail apps that can be exploited by miscreants to decrypt intercepted PGP-encrypted messages.
Red Hat, opensource solutions provider, recently announced a critical vulnerability in its DHCP client tracked as CVE-2018-1111 that could be exploited by attackers to execute arbitrary commands with root privileges on targeted systems.
Security expert discovered the critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux, the issue also affects other distros based on it like Fedora.
Video streams are being hijacked in vast quantities and the biggest reason for the intrusion is fun. According to Trend Micro, most camera hacking is being done by "script kiddies" who are in it for fun and peer-group prestige.
The report states that information on exposed cameras or cameras with known passwords is widely shared on the 'Fun' sections of underground forums or in dedicated prank groups in certain social networks.
Android apps may not be able to detect when other apps on our devices are connecting to the internet. It's about time Google patched this nasty privacy flaw. Any app can monitor network activity without the users knowledge to see when the device connects with a competing app, or perhaps worse.
Developers first noticed the new changes on the Android's SELinux rules for apps targeting API level 28 running on Android P. The SELinux changes only enable designated VPN apps to access some networking information, according to the code.