Email list-cleaning site may have leaked up to 2 billion records

Posted on March 14th, 2019 by Responsible Cyber

by Danny Bradbury The number of records exposed online by an email list-cleaning service in February may be far higher than originally anticipated, according to experts. The number of records available for anyone to download in plaintext from a breach at Verifications.io may have been closer to two billion. Security researcher Bob Diachenko, who found […]

Read More

How to Stop Facebook App From Tracking Your Location In the Background

Posted on March 1st, 2019 by Responsible Cyber

Every app installed on your smartphone with permission to access location service “can” continually collect your real-time location secretly, even in the background when you do not use them.Do you know? — Installing the Facebook app on your Android and iOS smartphones automatically gives the social media company your rightful consent to collect the history […]

Read More

Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting Down

Posted on March 1st, 2019 by Responsible Cyber

Coinhive, a notorious in-browser cryptocurrency mining service popular among cybercriminals, has announced that it will discontinue its services on March 8, 2019.Regular readers of The Hacker News already know how Coinhive’s service helped cyber criminals earn hundreds of thousands of dollars by using computers of millions of people visiting hacked websites. For a brief recap: […]

Read More

Microsoft fixes DDoS bug in its web server

Posted on February 22nd, 2019 by Responsible Cyber

by Danny Bradbury Microsoft has fixed a bug that could have led to distributed denial of service (DDoS) attacks on its web server software. The flaw lay in the way that Internet Information Server (IIS) processed requests sent using HTTP/2. Ratified in 2015, HTTP/2 is an enhanced version of the original HTTP standard that includes […]

Read More

POS Vendor Announces January Data Breach

Posted on February 21st, 2019 by Responsible Cyber

Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2018-15380 PUBLISHED: 2019-02-20A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster serv… CVE-2019-3474 PUBLISHED: 2019-02-20A […]

Read More

DDoS explained: How distributed denial of service attacks are evolving

Posted on February 20th, 2019 by Responsible Cyber

What is a DDoS attack? A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it’s […]

Read More

Hackers Destroyed VFEmail Service – Deleted Its Entire Data and Backups

Posted on February 13th, 2019 by Responsible Cyber

What could be more frightening than a service informing you that all your data is gone—every file and every backup servers are entirely wiped out?The worst nightmare of its kind. Right?But that’s precisely what just happened this week with VFEmail.net, a US-based secure email provider that lost all data and backup files for its users […]

Read More

How to harden Windows 10 workstations and servers: Disable SMB v1

Posted on February 6th, 2019 by Responsible Cyber

Server Message Block (SMB) is a foundational service that has been used for many years. This internet standard protocol enables Windows to share files, printers and serial ports. SMB is used over the internet on top of the TCP/IP protocol. SMB v1 has been in use since Windows 95, and in 2019, it’s still often […]

Read More

Europol Now Going After People Who Bought DDoS-for-Hire Services

Posted on February 2nd, 2019 by Responsible Cyber

If you were a buyer of any online DDoS-for-hire service, you might be in trouble.After taking down and arresting the operators of the world’s biggest DDoS-for-hire service last year, the authorities are now in hunt for customers who bought the service that helped cyber criminals launch millions of attacks against several banks, government institutions, and […]

Read More

250 Webstresser Users to Face Legal Action — Krebs on Security

Posted on February 2nd, 2019 by Responsible Cyber

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol, the European Union’s law enforcement agency. In April 2018, investigators in the U.S., U.K. and the Netherlands took down attack-for-hire service WebStresser[.]org […]

Read More