Linux kernel RDS flaw affects Red Hat, Ubuntu, Debian and SUSE


If you're not in the habit of keeping up to date with the latest version of the Linux kernel, now might be a good time to think about doing so. Systems based on versions of the kernel older than 5.0.8 suffer from a severe flaw in the implementation of RDS over TCP.
Left unpatched, the flaw could enable an attacker to compromise a system. The National Vulnerability Database entry says: "There is a race condition leading to a use-after-free, related to net namespace cleanup".
Google recalls Bluetooth version of Titan Security Key after discovering hacking vulnerability


Google is recalling the Bluetooth Low Energy (BLE) version of its Titan Security Key, and is offering free replacements to owners.
The recall comes after the company became aware of a security issue which could allow a nearby hacker to hijack the security device. Google says that the security issue only affects the Bluetooth versions of the 2FA device sold in the US.
Trump invokes National Emergencies Act effectively banning Huawei from US


Donald Trump has declared a national emergency to fight "foreign adversaries" which he says are "increasingly creating and exploiting vulnerabilities in information and communications technology".
An executive order means that US companies are banned from buying and using foreign telecoms equipment which is deemed to be a threat to national security. Huawei and 70 affiliates have also been added to the US Commerce Department’s "Entity List" meaning that special approval would be needed to purchase such equipment, and also for companies deemed to pose a threat to buy US-made hardware.
Four out of five people expect Facebook to have another data privacy issue this year


People are becoming more aware of the need to protect their data online, not just because of the rate of cybercriminal activity, but also because large organizations are frequently being careless with the data they hold.
A new survey of 1,000 people from OpenVPN reveals that four out of five people are expecting Facebook to face at least one more data privacy issue in the next year. In addition 71 percent say recent scandals have somewhat or severely negatively affected their view on Facebook, while 37 percent trust tech giants less now because they don’t think the companies have properly addressed the data privacy problems.
46 percent of organizations consider taking personal data out of the cloud


A new study finds that 46 percent of organizations which store customer personally identifiable information (PII) in the cloud are considering moving it back on premises due to data security concerns.
The research from information security software company Netwrix also shows that of the 50 percent of organizations that store customer data in the cloud, 39 percent had security incidents in the past year and more than 50 percent of those couldn’t diagnose the problem.
WhatsApp users urged to install app update to patch serious spyware vulnerability


Users of WhatsApp could be infected by dangerous spyware just by receiving a call. The spyware, which is thought to originate from Israeli cyber intelligence firm NSO Group, can be installed just by calling a target -- there is no need for the call to be answered.
A security advisory on the Facebook website does not go into much detail about the exploit, which takes advantage of a buffer overflow vulnerability. WhatsApp says it was discovered earlier this month, and with 1.5 billion users, there are a huge number of people that are potentially affected.
Website attacks turn to stealth to boost their success


The story of website attacks in 2018 was one of high profile cybercrime, targeted at cryptocurrency, business, elections and more.
A new report from website security specialist SiteLock reveals that attackers are now taking a stealthier approach.
This little piece of tech can turn your old alarm into a home automation system


When people decide to install home automation systems and also have security alarms they installed several years ago, it's highly likely the new tech and old gadgets won't be compatible.
Similarly, if they have a security system that doesn't work with a smartphone app, they typically have to invest in new hardware and deal with lengthy installations and high bills.
Uncovering the everyday frustrations of cybersecurity professionals


Anyone who has worked in IT knows that it can be a frustrating experience at times. A new survey carried out by network security provider Lastline at RSAC 2019 set out to discover security professionals' attitudes and frustrations towards their jobs.
These come from a number of places, including resources, management and other workers. We all know that there's a skills shortage in security, but funding is often an issue too.
Helping organizations understand the pros and cons of blockchain


Blockchain is often seen as a game-changer for businesses, governments and criminals alike. But, as organizations rush to deploy applications based on blockchain technology, do the potential benefits outweigh the information risks?
The Information Security Forum (ISF) is releasing a new briefing paper aimed at boosting understanding of the technology.
Protecting card data and more in the contact center [Q&A]


Although many transactions are now carried out online, contact centers remain an important tool for businesses.
Call and contact center payment security solutions provider Semafone has had its latest Cardprotect (version 4) product validated by the Payment Card Industry Security Standards Council (PCI SSC) against the latest version of the Payment Application Data Security Standard (PA-DSS). This makes it one of the only companies in the industry to provide this level of certification.
Americans are overconfident about cybersecurity


A new study from Webroot that examines the cyber hygiene habits of 10,000 Americans, 200 in each state, reveals that 88 percent feel they take the right steps to protect themselves from cyberattacks.
However, just 10 percent scored 90 percent or higher on a cyber hygiene test, with the average respondent getting only 60 percent.
Hackers steal $40 million of Bitcoin from crypto exchange Binance


Cryptocurrency exchange Binance has been struck by hackers who were able to make off with $40 million worth of Bitcoin.
The exchange suffered what it describes as a "large scale security breach" in which attackers were able to obtain "a large number of user API keys, 2FA codes, and potentially other info". CEO Zhao Changpeng says that 7,000 BTC were withdrawn in a single transaction and the attack which was perpetrated using a variety of methods.
Shining a light onto the dark web


The dark web is, by its very nature something of an object of mystery. It's easy to think of it as a huge, closed community hidden from the world in dusty corners of the internet. But what's the reality?
Threat intelligence specialist Recorded Future has done some research to try to understand the dark web's true nature.
New risk assessment capabilities help secure containers


Container security company NeuVector is releasing new security risk assessment capabilities for enterprises using Kubernetes in production environments.
The features, added to its existing container security offering, include new dashboard widgets and downloadable reports to provide security risk scores for the most critical run-time attack risks, network-based attacks and vulnerability exploits in containers.
Recent Headlines
Most Commented Stories
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.