Silensec Newsletter

Category: News

Top News

WhatsApp caps message forwarding to five instances to fight fake news

WhatsApp is putting a worldwide limit of five on the number of times a message may be forwarded in an effort to stomp out misinformation and the spreading of rumours.

WhatsApp users could previously forward a message 20 times. The new update, to be rolled out on Monday, follows recent events around the world using the app for misinformation and the spreading of rumours.

Read more...

Google slapped with 50M euro fine for GDPR violation in France

France's data protection regulator, CNIL, has issued Google a 50 million euro fine for failing to comply with its GDPR obligations.

This is the biggest GDPR fine yet to be issued by a European regulator and the first time one of the tech giants has been found to fall foul of the tough new regulations that came into force in May last year.

Read more...

Major Hacks of the Week

Someone hacked PHP PEAR site and replaced the official package manager

Beware! If you have downloaded PHP PEAR package manager from its official website in past 6 months, we are sorry to say that your server might have been compromised.

Just last week the maintainers at PEAR took down the official website of the PEAR (pear-php(dot)net) after they found that someone has replaced original PHP PEAR package manager (go-pear(dot)phar) with a modified version in the core PEAR file system.

Read more...

Popular WordPress plugin hacked by angry former employee

A very popular WordPress plugin was hacked over the weekend after a hacker defaced its website and sent a mass message to all its customers revealing the existence of supposed unpatched security holes.

In a follow-up mass email, the plugin's developers blamed the hack on a former employee, who also defaced their website.

Read more...

Major Vulnerabilities Disclosed

Cisco's unpatched flaw CVE-2018-15439 exposes small Business Networks to hack

Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device.

Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device.

Read more...

Bug in Twitter Android App Exposed Protected Tweets

When a new Twitter account is created, the tweets posted by the user are public by default. However, users can ensure that only approved followers can see their posts by using the “Protect my Tweets” option from the account’s “Privacy and safety” settings.

However, due to a flaw, people who used Twitter for Android may have had the protected tweets setting disabled if they made certain changes to account settings, such as modifying the associated email address.

Read more...

Legal, Regulatory and Corporate
Security and Beyond

Banking trojan Emotet is back in a new form

Emotet, the infamous banking trojan has emerged again in the radar after a dip in its activity.

The latest version of Emotet can bypass spam filters in email services allowing attackers to send more emails. It spreads itself with different genuine-looking email addresses.

Furthermore, newer mails have MicrosoftWord attachments with embedded macros that downloads Emotet.

Read more...

WhiteHat Security launches essentials product line for security testing with code coverage

WhiteHat Security released its new ‘Essentials’ product line, with the launch of two solutions: Sentinel Source Essentials Edition and Sentinel SCA Essentials Edition.

The streamlined ‘Essentials’ products have been created to help organizations meet the needs of the DevOps build/test phase by offering security testing with code coverage.

The ‘Essentials’ solutions cut down scan times, helping developers get the vulnerability assessment results they need faster.

Read more...

Security Awareness Tip

What does cybersecurity mean to you?

Cyber security awareness is a combination of an organization's knowledge and action on how to protect business’s information assets.

When employees are cyber security aware, they understand what cyber threats are, the potential impact cyberattacks will have on the business and the steps required to reduce risk and prevent cyber-crime infiltrating their online workspace.

A few Tips:

  1. Create a Security Policy
  2. Educate Your Employees on Business Cybersecurity
  3. Keep Software Up-to-Date
  4. Secure Your Networks
  5. Back Up Your Data
  6. Control Access to Devices
  7. Cybersecurity Training

Read more...

Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.


Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed