New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers
OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems.
Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims
Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks.
Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root
Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative ('root') privileges on Linux or macOS systems.
Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA
After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products.
Adobe Releases First 2020 Patch Tuesday Software Updates
Adobe today released software updates to patch a total of 9 new security vulnerabilities in two of its widely used applications, Adobe Experience Manager and Adobe Illustrator. It's the first...
Drupal Warns Web Admins to Update CMS Sites to Patch a Critical Flaw
Drupal development team yesterday released important security updates for its widely used open-source content management software that addresses a critical and three "moderately critical" vulnerabilities in its core system.
Latest Microsoft Update Patches New Windows 0-Day Under Active Attack
With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vulnerable computers.
Snatch Ransomware Reboots Windows in Safe Mode to Bypass Antivirus
Cybersecurity researchers have spotted a new variant of the Snatch ransomware that first reboots infected Windows computers into Safe Mode and only then encrypts victims' files to avoid antivirus detection.
Avast and AVG Browser Extensions Spying On Chrome and Firefox Users
If your Firefox or Chrome browser has any of the below-listed four extensions offered by Avast and its subsidiary AVG installed, you should disable or remove them as soon as possible; Avast Online Security, AVG Online Security,Avast SafePrice and AVG SafePrice.
Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data
Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users' data associated with their connected social media accounts.
Password Security Advisories
Password Security Advisories
A password is a secret word or string of characters that is used for user authentication to prove identity, or for access approval to gain access to a resource. The password should be kept secret from those not allowed access. User names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, automated teller machines (ATMs), etc.
A typical computer user has passwords for many purposes: logging in to accounts, retrieving e-mail, accessing applications, databases, networks, web sites, and even reading the morning newspaper online.
Password Security tips
Don't use personal information such as your name, age, birth date, child's name, nickname, phone number or favorite color/song, etc that can be easily accessed or guessed.
Don't use words that can be found in any dictionary of any language.
Develop a mnemonic for remembering complex passwords.
Use both lowercase and capital letters.
Use a long password made up of numbers, letters and special characters
Make sure you use different passwords for each of your accounts.
Be sure no one watches when you enter your password.
Always log off if you leave your device and anyone is around—it only takes a moment for someone to steal or change the password.
Use comprehensive security software such as your anti-virus and keep it up to date to avoid key loggers (keystroke loggers) and other malware.
Avoid entering passwords on computers you don't control (like computers at an Internet cafe or library)—they may have malware that steals your passwords.
Depending on the sensitivity of the information being protected, you should change your passwords periodically.