As Windows 10 nears its one year anniversary, WeLiveSecurity gives an in-depth review of the operating system from a security and privacy perspective.
The post Windows 10 security and privacy: An in-depth review and analysis appeared first on We Live Security.
The United States federal authorities have boosted charges against a former IBM Corp. software developer in China for allegedly stealing valuable source code from his former employer in the US.
Chinese national Xu Jiaqiang, 30, was arrested by the FBI in December last year, when he was charged with just one count of theft of a trade secret.
However, Jiaqiang has been charged with six counts:
Joomla En-Masse component versions 5.1 through 6.4 suffer from a remote SQL injection vulnerability.
VerticalScope has experienced a major data breach, with cybercriminals making off with over 45 million records belonging to over 1,100 websites, it has been reported.
The post VerticalScope experiences major data breach: 45 million records stolen appeared first on We Live Security.
The fix applied for CVE-2014-1520 does not fix a DLL hijacking issue with Mozilla Firefox’s executable installer.
Release Date: June 15, 2016
Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
Affected Versions: version 6.2.15 and below
Vulnerability Type: Cross-Site Scripting
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:L/Au:S/C:N/I:P/A:N/E:F/RL:O/RC:C (What’s that?)
Problem Description: The extension fails to properly sanitize user input and is vulnerable to Cross-Site Scripting. To exploit the vulnerability a valid backend user account is required.
Solution: An updated version 6.2.16 is available from the TYPO3 Extension Manager and at https://typo3.org/extensions/repository/download/bootstrap_package/6.2.16/t3x/. Users of the extension are advised to update the extension as soon as possible.
Credits: Credits go to Falk Huber who discovered and reported the vulnerability.
General advice: Follow the recommendations that are given in the TYPO3 Security Guide. Please subscribe to the typo3-announce mailing list to receive future Security Bulletins via E-mail.
Release Date: June 15, 2016
Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
Affected Versions: version 6.2.15 and below
Vulnerability Type: Cross-Site Scripting
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:L/Au:S/C:N/I:P/A:N/E:F/RL:O/RC:C (What’s that?)
Problem Description: The extension fails to properly sanitize user input and is vulnerable to Cross-Site Scripting. To exploit the vulnerability a valid backend user account is required.
Solution: An updated version 6.2.16 is available from the TYPO3 Extension Manager and at https://typo3.org/extensions/repository/download/bootstrap_package/6.2.16/t3x/. Users of the extension are advised to update the extension as soon as possible.
Credits: Credits go to Falk Huber who discovered and reported the vulnerability.
General advice: Follow the recommendations that are given in the TYPO3 Security Guide. Please subscribe to the typo3-announce mailing list to receive future Security Bulletins via E-mail.
Malware creation continues to break records on an international level, as proven with the data from Q1 of 2016. Experts are identifying new malware samples every day that endanger the internet security on all of our devices.
Our day-to-day lives are effected, if not immersed, in unprecedented technological changes. As the world continues to become more digital, our personal and work environments continue to be susceptible to the +227,000 new threats that lurk on the internet. Although our online habits continue to change and reflect these developments, we must remember that technology also opens the door for extremely aggressive cyber-attackers who are financially motivated. But, if we take preventative and adequate security measures, we will be able to protect ourselves from financial harm.
Panda Security would like to accompany our users in their digital transformation by offering solutions for a wide variety of devices and for different budgets; let’s work together to prevent, detect, and remove any kind of malware that is trying to sneak into your computer (and your bank account). Taking care of our computers’ “health” is the best way to save money… don’t wait until it’s too late! Tools like our Panda Cloud Cleaner are the best for working against cyber-crime.
In a recent test comparison, Panda Cloud Cleaner has proven to be one of the best free anti-virus tools in the market. Among the number of solutions tested and analyzed, Panda Cloud Cleaner was rated as outstanding in analysis modes (it is both fast and complete), and was able to eliminate all malware without having to install another anti-virus tool.
As you can see, Panda Security’s solution is rated as one of the most effective solutions for detecting and disinfecting malware.
Businesses maximize their profits by taking advantage of the newest technology and latest products that are lighter, more efficient, and easy-to-use. One of the tools you can add to this is the newly designed Panda Cloud Cleaner, with new ways to detect, disinfect, inform, and protect from the start. Panda’s top priority is to keep users safe and maximize security in all aspects of our digital lives.
The post The Most Effective Tools to Keep Your PC Malware-free appeared first on Panda Security Mediacenter.
Kaspersky Lab researchers have investigated a global forum where cybercriminals can buy and sell access to compromised servers for as little as $6 each.
Do you own a Smartwatch, Smart TV, Smart fridge, or any Internet-connected smart device?
If your answer is yes, then you need to know the latest interest of the cyber criminals in the field of Internet of Things.
Ransomware!
After targeting hospitals, universities, and businesses, Ransomware has started popping up on Smart TV screens.
A new version of the Frantic Locker (better known as
