VMware Urges Businesses To Stay Secure In An IoT-Enabled Virtual World

VMWORLD 2016: Digital transformation is exciting for many businesses, but VMware has made sure that security plays an integral role According to Rajiv Ramaswami, VMware’s executive vice president and general manager of Networking & Security, the average cost of a data breach now stands at €4 million – a figure that could bankrupt many businesses. Source:Continue reading “VMware Urges Businesses To Stay Secure In An IoT-Enabled Virtual World”

Ops also the Trump Organization uses insecure e-mail serversSecurity Affairs

The irony of fate, now we are here discussing because also Trump’s staff has some problems with his email servers. According to the security researcher Kevin Beaumont, the Trump Organization’s mail servers run on Microsoft Windows Server 2003 version with Internet Information Server 6 that is no more supported by the company. The researchers also discoveredContinue reading “Ops also the Trump Organization uses insecure e-mail serversSecurity Affairs”

UK Police purchased IMSI-catcher technology for mobile surveillanceSecurity Affairs

Privacy advocates and rights groups are in revolt against the UK law enforcement that has purchased mobile phone snooping technology.The rights groups are protesting against the adoption of the IMSI-catcher technology that could be used for dragnet surveillance.The IMSI-catcher is a surveillance solution used for intercepting mobile phone traffic, calls, tracking movements of mobile phone users block phones from operating. Source: UK PoliceContinue reading “UK Police purchased IMSI-catcher technology for mobile surveillanceSecurity Affairs”

Europe to Push New Security Rules Amid IoT Mess — Krebs on Security

The European Commission is drafting new cybersecurity requirements to beef up security around so-called Internet of Things (IoT) devices such as Web-connected security cameras, routers and digital video recorders (DVRs). News of the expected proposal comes as security firms are warning that a great many IoT devices are equipped with little or no security protections.Continue reading “Europe to Push New Security Rules Amid IoT Mess — Krebs on Security”

The leak of NSA hacking tools was caused by a staffer mistakeSecurity Affairs

According to the sources, it seems that an employee or a contractor mistakenly left the NSA hacking tools unattended on a remote server about three years ago during a cyber operation. The NSA was aware of the incident and did not inform the companies of the risks related to the exposure of the exploits. Source:Continue reading “The leak of NSA hacking tools was caused by a staffer mistakeSecurity Affairs”

Yahoo Data Breach, the company confirms the incident that exposed 500M accountsSecurity Affairs

The company has finally made the announce, the news related the Yahoo data breach is in the headlines. The IT giant confirmed that hackers have stolen at least 500 million user accounts in a data breach dating back to 2014. “We have confirmed that a copy of certain user account information was stolen from the company’sContinue reading “Yahoo Data Breach, the company confirms the incident that exposed 500M accountsSecurity Affairs”

As of Oct 5, automatic OAuth 2.0 token revocation upon password resetSecurity Affairs

Google announced a change to its security policy to increase the account security that includes the OAuth 2.0 token revocation upon password reset. Google aims to improve users’ security limiting the impact on the usability of its application, at least in this first phase so although initially planned for a wider set of applications, theContinue reading “As of Oct 5, automatic OAuth 2.0 token revocation upon password resetSecurity Affairs”

CVE-2016-6415 – CISCO confirms a new 0Day linked to Equation GroupSecurity Affairs

Cisco revealed the existence of another zero-day vulnerability, tracked as CVE-2016-6415, in the Equation Group archive leaked by the Shadow Broker hackers. Further analysis revealed that the flaw exploited by the BENIGNCERTAIN, tracked as CVE-2016-6415, also affects products running IOS, IOS XE and IOS XR software. Source: CVE-2016-6415 – CISCO confirms a new 0Day linkedContinue reading “CVE-2016-6415 – CISCO confirms a new 0Day linked to Equation GroupSecurity Affairs”

Dutch Police Seize Two VPN Servers, But Without Explaining… Why?

Recently, two European countries, France and Germany, have declared war against encryption with an objective to force major technology companies to built encryption backdoors in their secure messaging services. Source: Dutch Police Seize Two VPN Servers, But Without Explaining… Why?

Agencies refuse cyber quick-fixes.

In 2015, Murphy’s whole-of-government IT security survey uncovered 454 problems, up from 389 in 2014. It also identified a 3 percent decline in the number of agencies meeting the audit office’s bare minimum infosec benchmark, sending the proportion below half. “My practice is not to name agencies that have information system weakness for fear that thisContinue reading “Agencies refuse cyber quick-fixes.”