Multiple vulnerabilities in extension “DRC News Comment” (news_comment)

It has been discovered that the extension “DRC News Comment” (news_comment) is susceptible to Arbitrary Code Execution and Cross Site-Scripting. Release Date: December 18, 2017 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.0.7 and below Vulnerability Type: Arbitrary Code Execution, Cross Site-Scripting Severity: Critical Suggested CVSS v3.0: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:F/RL:O/RC:C …

What will happen with WHOIS when GDPR is implemented?

The countdown has now begun for the introduction of the General Data Protection Regulation (GDPR). Although the implications of the new regulation have been widely discussed, one of the lesser known side effects of its coming into force could jeopardize user security instead of enhancing it. This situation is due to the conflict between the obligations of the GDPR and …

Massive data breaches just one month before the arrival of the GDPR

The security and privacy of personal data is once again a cause of concern and debate for business organizations. With the new General Data Protection Regulation just weeks away, the latest cyber-security studies reveal that data theft incidents continue on the rise, with an average of 122 data records being compromised per second. What’s more, if you take a look at …

What is the future of drones?

The unmanned aerial vehicle (UAV) technology has continuously been evolving since the beginning of the last century with exceptional growth over the previous ten years. In the past UAV were only available for military purposes but over the last decade, the drone equipment has become easily accessible to regular folks and businesses of all sizes. Hobbyists of all sorts have …

India’s national ID database breached. Again.

Reports published by online tech journal ZDNet suggest that India’s high profile national ID database has been breached. This is the second time this year that people have been able to gain unauthorised access to extremely sensitive personal data belonging to Indian citizens. Aadhaar – intended to protect citizens Known as Aadhaar, the system stores data belonging to registered users …

Artificial Intelligence isn’t evil – but it could be

Artificial Intelligence (AI) should – in the hands of the right people – prove to be a massive benefit to humanity. AI’s ability to process vast data sets quickly to identify and act on trends should help in important tasks like developing new drugs, improving transport systems and solving the mysteries of the Universe. For all its “intelligence” however, AI …

Travel Fare Aggregator Orbitz has Been Hacked

On Tuesday, Expedia announced that one of its subsidiary companies might have been hacked. There is a high possibility that the online travel booking platform Orbitz.com might have been compromised in early 2016, and again right before Christmas of 2017. According to a statement released by Expedia earlier this week, cybercriminals might have had access to sensitive information of roughly …

Mr. Robot S03E05: A Runtime Error, Credential Theft and New Easter Eggs

The latest episode of this series marks the halfway point in the third season and, in addition to some amazing camerawork there are several examples of actions related to IT security that crop up throughout the episode. The post Mr. Robot S03E05: A Runtime Error, Credential Theft and New Easter Eggs appeared first on WeLiveSecurity

Panda Security Africa and BDO form Strategic Partnership to Mitigate Cyber-Risk

Leading global cyber security firm Panda Security Africa and audit, advisory and tax firm, BDO South Africa, have formed a strategic cyber alliance to enable BDO to offer a managed security service to their clients, using Panda’s next generation EDR solution. Predictions for 2018 indicate that cybercriminal activity shows no signs of slowing down, and organizations need to constantly review …

International Women’s Day – Where Are The Female Cybersecurity Experts?

No official figures exist to prove exactly how many women work in the cybersecurity industry, but some estimates suggest a figure as low as 10%. Which means that just 1 in 10 people working in cybersecurity are female. Cybersecurity is seen as “unsexy” Cybersecurity has an undeniable image problem. Both hackers and the experts tasked with fighting them are typically …