Information Security

Apple no longer supports QuickTime for Windows, users are being encouraged to uninstall the program immediately. The warning from the U.S. Department of Homeland Security (DHS) comes on the heels of a  warning   from antivirus vendor Trend Micro that the video playback software is vulnerable to a pair of zero-day exploits. Apple has not updated the Windows version of QuickTime 7 since January and it would seem does not plan to release any more security patches to fix the exploits. Trend Micro notes that even Apple recommends Windows users uninstall the player. QuickTime for Mac is unaffected and remains supported by Apple. Trend Micro said it was not aware of any active attacks against these vulnerabilities, but that “the only way to protect your Windows systems from potential attacks against these or other vulnerabilities in Apple QuickTime now is to uninstall it.” The  DHS warning  is pretty basic and to the point about QuickTime no longer being supp...

Despite so many messaging apps, Email is still one of the widely used and popular ways to communicate in this digital age. But are your Emails secure? We are using email services for decades, but the underlying 1980s transport protocol used to send emails, Simple Mail Transfer Protocol (SMTP), is ancient and lacks the ability to secure your email communication entirely. However, to overcome this problem, SMTP STARTTLS was invented in 2002 as a way to upgrade an insecure connection to a secure connection using TLS. But, STARTTLS was susceptible to man-in-the-middle attacks and encryption downgrades. But worry not. A new security feature is on its way!!! SMTP STS: An Effort to Make Email More Secure Top email providers, namely Google, Microsoft, Yahoo!, Comcast, LinkedIn, and 1&1 Mail & Media Development, have joined forces to develop a new email standard that makes sure the emails you send are going through an encrypted channel and cannot be sniffed. Dubbed...

Just last week, the Federal Bureau of Investigation (FBI) issued an urgent "Flash" message to the businesses and organisations about the threat of  Samsam Ransomware , but the ransomware has already wreaked havoc on some critical infrastructure. MedStar, a non-profit group that runs 10 hospitals in the Baltimore and Washington area, was attacked with Samsam, also known as  Samas  and  MSIL , last week, which encrypted sensitive data at the hospitals. After compromising the MedStar Medical System, the operators of the ransomware offered a bulk deal: 45 Bitcoins (about US$18,500) for the decryption keys to unlock all the infected systems. But unlike other businesses or hospitals, MedStar did not pay the Ransom to entertain the hackers. So, you might be thinking that the hospitals lost all its important and critical data. Right? But that was not the case in MedStar. Here's How MetStar Successfully dealt with SAMSAM Ransomware MetStar set...