Silensec Newsletter

Category: News

Top News

Facebook Messenger bug revealed who you had conversations with

Facebook is making a big shift to private messages, but it's not immune to security vulnerabilities. Imperva recently detailed a flaw with Facebook Messenger that allowed potential attackers to learn who you were talking with on the chatting service.

The security bug didn't show the content of the messages, but security researcher is warning users to ensure that they know who they are in touch, since they have the potential to harm your privacy.

Read more...

Huawei to sue US government to overturn its ban as unconstitutional

Huawei has filed a suit against the government of the US's as it seeks to overturn its ban through the National Defense Authorization Act (NDAA).

Filed in the US Federal Court, Huawei rotating chair Guo Ping said in Shenzhen on Thursday that the company is seeking a declaratory judgment that the NDAA restrictions were unconstitutional, as well as a permanent injunction against the restrictions.

Read more...

Major Hacks of the Week

Iranian hackers caused losses in hundreds of millions

Iranian hackers working to penetrate systems, businesses and governments around the world have caused hundreds of millions of dollars in damages, a report said Wednesday.

Researchers for tech giant Microsoft said the attackers stole secrets and wiped data from computer networks after targeting thousands of people at some 200 companies over the past two years.

Read more...

Chinese hackers target universities in pursuit of maritime military secrets

Chinese hackers have targeted more than two dozen universities in the U.S. and around the globe as part of an elaborate scheme to steal research about maritime technology being developed for military use, cybersecurity experts and current and former U.S. officials said.

Read more...

Major Vulnerabilities Disclosed

A "serious" Windows zero-day is being actively exploited in the wild

Unidentified attackers have been combining an exploit for the unpatched local privilege escalation in Windows with one for a separate security flaw in the Chrome browser that Google fixed last Friday.

While that specific exploit combination won't be effective against Chrome users who are running the latest browser version, the Windows exploit could still be used against people running older versions of Windows.

Read more...

Word Bug allows attackers to sneak exploits past anti-malware defenses

The manner in which Microsoft Word handles integer overflow errors in the Object Linking and Embedding (OLE) file format has given attackers a way to sneak weaponized Word documents past enterprises sandboxes and other anti-malware controls.

Read more...

Legal, Regulatory and Corporate
Security and Beyond

Google refuses to delete "Absher" that allows men to track women

Google says that it won't pull Absher, a controversial government app from Saudi Arabia, from its app store, telling California representative Jackie Speier that it did not violate its policies, and that it would remain up, according to Business Insider.

The app allows Saudi users to access government services, letting them apply for jobs or permits, pay fines, renew licenses, or to report crimes.

Read more...

Man admits to hacking Minnesota databases over cop acquittal

A Minnesota man admitted recently that he hacked into state government databases two years ago as an act of retaliation after the acquittal of an officer who fatally shot Philando Castile during a 2016 traffic stop.

Cameron Thomas Crowley, 20, apologized for his actions as he pleaded guilty in U.S. District Court to one count of intentional access to a protected computer. As part of the plea agreement, four other counts against him will be dismissed.

Read more...

Security Awareness Tip

7 tips to improve your security awareness training

  1. Be Flexible to Your Corporate Culture
  2. Make Sure Training Covers Everything Relevant to Your Organization
  3. Schedule Phishing Simulations at Random Intervals
  4. Training Frequency is Key
  5. Tailor Training to the Right Groups
  6. Focus on Behavioral Change
  7. Don’t Punish Mistakes

Read more...

Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.


Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed