How Hackers Turn Microsoft Excel’s Own Features Against It

You probably think of Microsoft’s classic spreadsheet program Excel as mostly boring. Sure, it can wrangle data, but it’s not exactly Apex Legends. For hackers, though, it’s a lot of fun. Like the rest of the Office 365 suite, attackers often manipulate Excel to launch their digital strikes. And two recent findings demonstrate how the program’s own legitimate features can be used against it. On Thursday, researchers from the threat…

June 27, 2019
Read More >>

How to Block Bots using Cloudflare Firewall?

Getting lots of requests from crawler and bots, which doesn’t add value to your business? There are thousands of crawlers/bots visit your site every day, and very few are helpful. Some of them are considered bad bots or spam. How do you know what all bots are visiting your websites? Well, there is no easy answer. To find out, you need to review your web server access.log file and look…

June 27, 2019
Read More >>

Similarities and differences between MuddyWater and APT34

Many state sponsored groups have been identified over time, many of them have different names (since discovered by different organizations) and there is no an agreed standardization on the topic but many victims and some interests look very tight together. From here the idea to compare the leaked source code of two different state sponsored […]

June 27, 2019
Read More >>

Hackers Are Poking at a MacOS Gatekeeper Flaw Apple Left Unfixed

On February 22, cybersecurity researcher Filippo Cavallarin told Apple that he had found a bug in macOS. Left unchecked, the vulnerability could let malware slip past the operating system’s Gatekeeper security feature ndetected. According to Cavallarin, Apple said it would fix the problem by mid-May. When the company still hadn’t done so by the time a standard 90-day disclosure deadline had passed, Cavallarin went public, publishing a full description and…

June 27, 2019
Read More >>

Three Network Security Questions with CEITEC’s CIO

Ireneo Demanarig is the Chief Information Officer at CEITEC S.A. located in Porto Alegre, Rio Grande do Sul, Brazil. CEITEC is a microelectronics manufacturer that specializes in solutions such as automatic identification (RFID and smartcards), application-specific integrated circuits (ASICs) aimed at identifying animals, and much more. Recently, I jumped on the phone with Ireneo and…

The post Three Network Security Questions with CEITEC’s CIO appeared first on .

June 26, 2019
Read More >>

7 Top Tools for Single Sign-on

Single sign-on products have been around for a while, but the latest generation of SSO products have moved to the cloud. Vendors include Okta, OneLogin, McAfee, Numina, RadiantLogic, SecureAuth, Symplified and SmartSignin. See the story version. McAfee Cloud Identity Manager McAfee has probably one of the largest collection of identity providers of any product we’ve seen, including AD, LDAP, Google, OpenID, Salesforce, Twitter, various SQL databases and others. McAfee’s app…

June 26, 2019
Read More >>

I Scraped Millions of Venmo Payments. Your Data Is at Risk

Like many people, I use Venmo to pay for stuff: to split the check at dinner, to send my roommate my portion of the utility bills each month, to reimburse friends for concert tickets. It’s a useful app for sending and receiving money, regardless of who you bank with. WIRED OPINION ABOUT Dan Salmon is a masters graduate from Minnesota State University who specializes in information security. Last summer, after…

June 26, 2019
Read More >>