As we’ll see in a moment, design flaws and other weaknesses in the central processing unit or CPU of a computer or mobile device can create and have in fact produced a number of vulnerabilities that are causing concern to hardware manufacturers and users the world over. They have reason to worry because, in the assessment of Google, “effectively every” … Read More
Web Cache Poisoning – How Hackers Are Weaponizing Web Caches
In a recently discovered (but yet to be fully publicized) attack, security researcher James Kettle has apparently succeeded in cache poisoning, the hacking and weaponizing of the web caches of several major websites and online platforms. The victims include online stores, a software product, a video game, a popular cloud platform provider, a hosting platform provider, an investment company’s investor … Read More
Microsoft Implementing JavaScript In Excel: What Are The Potential Threats?
Since its arrival on the computing scene in 1995, JavaScript has emerged as a “consumer level” programming language capable of powering common website features like multimedia modules and form submissions. And given its long history, JavaScript code snippets are currently available across the internet, in a number of freely accessible libraries and resource bases. It provides convenient automation – for … Read More
The Benefits of Real-Time Cyber Threat Intelligence
To protect their personnel, assets, and sensitive information from being compromised, hijacked, or stolen by malicious actors, organizations are often advised to adopt security best practices, and to deploy the latest in secure technologies. But these things can’t be pulled out of thin air, or identified and adopted without knowledge of what they are, how they should be used, and … Read More
Best Practices to Prevent DLL Hijacking
Though we routinely use computer programs to perform our daily tasks, few of us actually know or tend to consider the implications of how this software is constructed, and any weaknesses it might be vulnerable to before it starts its work. But hackers and the malicious tools employed by cyber-criminals don’t only target applications once they’re up and running. It’s … Read More
How Honeytokens Are Used To Track Cybercriminals
Proactive methods of cyber-defense, including the use of “honeytokens”, have been growing in popularity recently, as commercial and other organizations seek ways of “bringing the fight” to hackers and cyber-criminals, rather than just sitting back and waiting for something to happen. Ironically, one of those ways involves just that: Sitting back and waiting for something to happen – but only … Read More
Cyber Threats – How the Public is at Risk from Cyberattack
Given the number of media reports on high-profile cyber-attacks involving well-known brand names, organizations, or celebrities, you might be forgiven for assuming that only huge corporations or the rich and famous are targeted for cyber-crime attacks. But this is a dangerous assumption to make – one that can lead “ordinary” citizens to become dismissive or complacent, when it comes to … Read More
Top 5 Cybersecurity Mistakes That Make Life Easy for Cyber-criminals
Though high-profile assaults on huge corporations or well-known web platforms grab the most attention when they make the news, cyber-criminals are at work at all levels – from attacks on private individuals, to attempts made on businesses and organizations of all types and sizes. In recent times, they’ve met with increasing success, resulting in huge personal and corporate losses in … Read More
Spectre and Meltdown
2018 has just begun – and already we’ve seen the year’s first major cyber-security crisis. It concerns two vulnerabilities with the capacity to affect the majority of computers, smartphones, laptops, and tablets developed since 2011 – and it’s got individual citizens and businesses (including some of the world’s most heavyweight commercial organizations) scrambling to make sense of the issues, and … Read More
Email Spoofing – How SPF, DMARC and DKIM Help Detect and Prevent Attacks
As email remains one of the primary communications channels for private individuals, commercial or non-commercial organizations, and government institutions, it’s little wonder that it also continues to be a medium of choice for hackers and cyber-criminals. Two of their preferred attack methods are impersonation and fraud – both of which may be readily accomplished by spoofing the internet domains associated … Read More