BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

Ukraine Ready to Take on Russian Election Hackers

view counter
At the headquarters of Ukraine's SBU security service more than a dozen local and Western security experts watch a simulated foreign cyber attack on several big screens ahead of this month's...
Continue reading
  0 Comments
0 Comments

EU to Slap Google With Fresh Fine: Sources

view counter
The EU's anti-trust regulator is to slap tech giant Google with a new fine over unfair competition practices, sources told AFP on Friday. Brussels has targeted the Silicon Valley firm's AdSense...
Continue reading
  0 Comments
0 Comments

Google Took Down 2.3 Billion Bad Ads in 2018

view counter
Google this week revealed that it took down 2.3 billion bad ads last year, including 58.8 million phishing ads. The ads were taken down for violations of both new and existing...
Continue reading
  0 Comments
0 Comments

E-Commerce Company Gearbest Leaked User Information

Gearbest statement on data leak
view counter
Chinese e-commerce company Gearbest has failed to properly secure some of its databases, thus leaking users’ personally identifiable information (PII), VPNMentor’s researchers have discovered. Gearbest has downplayed the impact of the...
Continue reading
  0 Comments
0 Comments

China Does Not Ask Firms to Spy on Others: Premier

view counter
China will "never" ask its firms to spy on other nations, Premier Li Keqiang said Friday, amid US warnings that Chinese telecommunications behemoth Huawei poses security risks. The United States has...
Continue reading
  0 Comments
0 Comments

Hackers Bypass MFA on Cloud Accounts via IMAP Protocol

view counter
Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor...
Continue reading
  0 Comments
0 Comments

Uncovering the Data Security Triad

Data Security Triad
view counter
Data Must be Protected as it Exists at All Points in the Processing Lifecycle Data is often an organization’s largest and most valuable asset, making it a prime target for all...
Continue reading
  0 Comments
0 Comments

Recently Patched WinRAR Flaw Exploited in APT Attacks

view counter
A recently patched WinRAR vulnerability has been exploited by several threat groups, including advanced persistent threat (APT) actors. The flaw, tracked as CVE-2018-20250, impacts the unacev2.dll library used by WinRAR for...
Continue reading
  0 Comments
0 Comments

G Suite Admins Can Now Disable Phone 2-SV

view counter
Google is making G Suite accounts more secure by allowing administrators to remove phone-based 2-step verification (2-SV) from the available multi-factor verification options. With the new policy in place, admins enforcing...
Continue reading
  0 Comments
0 Comments

Leading Israeli Candidate for PM Targeted by Iranian Hackers

Israeli PM candidate targeted by Iranian hackers
view counter
The campaign of a former Israeli military chief who is a leading challenger to Prime Minister Benjamin Netanyahu in his tight race for re-election says the candidate has been targeted by...
Continue reading
  0 Comments
0 Comments

Details of Actively Exploited Windows Flaw Made Public

view counter
Researchers from Chinese cybersecurity firm Qihoo 360 have made public technical details that can be used to construct a proof-of-concept (PoC) exploit for CVE-2019-0808, a recently patched Windows vulnerability that has...
Continue reading
  0 Comments
0 Comments

NATO Takes Huawei Security Concerns Seriously: Stoltenberg

view counter
Security concerns about the role of Huawei in Western 5G telecom infrastructure are to be taken seriously, the head of NATO said Thursday, as Washington steps up pressure on Europe not...
Continue reading
  0 Comments
0 Comments

WordPress 5.1.1 Patches Remote Code Execution Vulnerability

view counter
WordPress this week addressed a vulnerability that could allow an unauthenticated attacker to execute code remotely and take over vulnerable websites.  The vulnerability impacts the manner in which comments are filtered...
Continue reading
  0 Comments
0 Comments

Code Execution Flaw Found in Sonatype Nexus Repository Manager

view counter
A critical remote code execution vulnerability has been found and patched in Sonatype’s Nexus Repository Manager (NXRM), a popular open-source tool that allows developers to manage software components. The flaw, tracked...
Continue reading
  0 Comments
0 Comments

U.S. Senators Want Transparency on Senate Cyberattacks

view counter
U.S. Senators Ron Wyden and Tom Cotton believe all senators should receive information on successful cyberattacks aimed at the Senate. In a letter sent this week to the U.S. Senate Sergeant...
Continue reading
  0 Comments
0 Comments

US Warns of Sophisticated Cyberattacks From Russia, China

view counter
Cyberattacks from Russia, China, North Korea and Iran are increasingly sophisticated and, until recently, were done with little concern for the consequences, the top Pentagon cyber leaders told a congressional committee...
Continue reading
  0 Comments
0 Comments

Default Account in Cisco CSPC Allows Unauthorized Access

view counter
Cisco on Wednesday informed customers that updates released for its Cisco Common Services Platform Collector (CSPC) software address a critical vulnerability. Cisco CSPC is an SNMP-based tool that collects information from...
Continue reading
  0 Comments
0 Comments

Many Security Apps on Google Play Inefficient, Fake: Study

view counter
Antivirus testing firm AV-Comparatives has analyzed 250 security applications for Android offered on Google Play and found that many of them either fail to detect threats or they are simply fake....
Continue reading
  0 Comments
0 Comments

Facebook Faces Criminal Probe of Data Deals: Report

view counter
US prosecutors have launched a criminal investigation into Facebook's practice of sharing users' data with companies without letting the social network's members know, The New York Times reported on Wednesday. A...
Continue reading
  0 Comments
0 Comments

Multiple Security Flaws Discovered in Visitor Management Systems

view counter
Vulnerabilities discovered by IBM security researchers in five different visitor management systems could be abused for data exfiltration or for access to the underlying machines.  The analyzed systems include Lobby Track Desktop (Jolly...
Continue reading
  0 Comments
0 Comments