BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

French Authorities Release Free Decryptor for PyLocky Ransomware

view counter
The French Ministry of Interior has released a free decryption tool for the PyLocky ransomware to help victims recover their data.  Initially spotted in attacks in July and August last year,...
Continue reading
  0 Comments
0 Comments

Vulnerabilities Expose BD Infusion Therapy Devices to Attacks

Vulnerabilities found in BD Alaris Gateway Workstation
view counter
CyberMDX, a research and analysis company specializing in medical device security, on Thursday revealed that its employees identified two serious vulnerabilities in infusion therapy products from medical technology firm BD. The...
Continue reading
  0 Comments
0 Comments

Vulnerabilities in Thunderbird Email Client Allow Code Execution

view counter
Security updates released by Mozilla this week for the Thunderbird email client address vulnerabilities that could be exploited to execute arbitrary code on impacted systems.  Available as version 60.7.1, the latest Thunderbird iteration...
Continue reading
  0 Comments
0 Comments

Canadian City Loses $500,000 to Phishing Attack

view counter
The City of Burlington, Ontario, revealed Thursday that it fell prey to "a complex phishing email" that cost the City CAD $503,000 (around USD $375,000). Few details have yet been released....
Continue reading
  0 Comments
0 Comments

Hackers Behind 'Triton' Malware Target Electric Utilities in US, APAC

view counter
Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting — in addition to oil and gas organizations — electric utilities in the United States and the Asia-Pacific...
Continue reading
  0 Comments
0 Comments

Another World Password Day Has Passed and Little Has Changed

view counter
Six weeks ago, we celebrated World Password Day. Yet, unfortunately, not much has changed since last year. Cyber breaches are bigger and worse than ever. Hardly a week goes by without...
Continue reading
  0 Comments
0 Comments

New API Changes How Ad Blockers Work in Chrome

view counter
Google this week announced the introduction of a new API that effectively changes the manner in which ad blockers work in Chrome.  The Internet search giant has made numerous changes to...
Continue reading
  0 Comments
0 Comments

Amid Privacy Firestorm, Facebook Curbs Research Tool

view counter
Facebook has curbed access to a controversial feature allowing searches of the vast content within the social network -- a tool which raised privacy concerns but was also used for research...
Continue reading
  0 Comments
0 Comments

Yubico Replacing YubiKey FIPS Devices Due to Security Issue

YubiKey FIPS series impacted by crypto flaw
view counter
Yubico is in the process of replacing YubiKey FIPS (Federal Information Processing Standards) security keys following the discovery of a potentially serious cryptography-related issue that can cause RSA keys and ECDSA...
Continue reading
  0 Comments
0 Comments

New Malware Lays P2P Network on Top of IPFS’

view counter
A newly discovered piece of malware uses a peer-to-peer (p2p) network on top of InterPlanetary File System’s (IPFS) p2p network, Anomali’s security researchers report.  Discovered in May 2019 and dubbed IPStorm,...
Continue reading
  0 Comments
0 Comments

The Active Cyber Defense Bill is Back on the Table

view counter
Rep. Tom Graves, R-Ga., is reintroducing his Active Cyber Defense Bill today. He first floated the idea in March 2017 , and published an updated version in May 2017. It was...
Continue reading
  0 Comments
0 Comments

Surveillance-Savvy Hong Kong Protesters Go Digitally Dark

view counter
Hong Kong's tech-savvy protesters are going digitally dark as they try to avoid surveillance and potential future prosecutions, disabling location tracking on their phones, buying train tickets with cash and purging...
Continue reading
  0 Comments
0 Comments

Converging on a Better Approach to Security

view counter
Security organizations are grappling with anywhere from five to 50+ different security vendors and solutions. These disparate products each generate their own set of alerts which quickly becomes overwhelming. Of the...
Continue reading
  0 Comments
0 Comments

Aircraft Parts Maker ASCO Severely Hit by Ransomware

view counter
Belgium-based aircraft parts maker ASCO Industries has been severely hit by a ransomware attack that started last week. Founded in 1954, ASCO has four manufacturing plants in Belgium, the US, Canada...
Continue reading
  0 Comments
0 Comments

Android’s Security Key Now Works with iOS Devices

view counter
Starting this week, Android phones can be used to verify sign-ins on Apple iPads and iPhones, Google announced.  The capability is enabled by the recently introduced 2-Step Verification (2SV) method that...
Continue reading
  0 Comments
0 Comments

Critical Vulnerabilities Found in WAGO Industrial Switches

WAGO industrial switch
view counter
A researcher at security services and consulting company SEC Consult discovered that some industrial managed switches made by WAGO are affected by several serious vulnerabilities. The flaws impact WAGO 852-303, 852-1305...
Continue reading
  0 Comments
0 Comments

XSS Vulnerability Exposed Google Employees to Attacks

XSS in Google invoice service
view counter
A researcher revealed on Wednesday that he discovered a blind cross-site scripting (XSS) vulnerability that could have been exploited to attack Google employees and possibly gain access to invoices and other...
Continue reading
  0 Comments
0 Comments

Blockchain Security Startup Fireblocks Emerges From Stealth With $16 Million in Funding

view counter
Fireblocks Emerges From Stealth Mode to Protect Digital Assets in Hot Wallets and Transit Fireblocks , a blockchain security provider, has emerged from stealth after closing a $16 million Series A...
Continue reading
  0 Comments
0 Comments

Majority of FTSE 250 Companies Expose Multiple Weaknesses to Internet: Analysis

DDoS Attack Report
view counter
Rapid7 has analyzed the visible cyber exposure of some of the UK's largest companies -- the FTSE 250 . It did this by using its proprietary internet-wide Project Sonar scanning platform,...
Continue reading
  0 Comments
0 Comments

Security First in the Cloud Wars

Cloud Security Benefits
view counter
“The Cloud Wars” may be dominating IT news headlines, but what does this phrase actually mean? And is it something that an enterprise needs to be concerned with?  Beyond the ongoing...
Continue reading
  0 Comments
0 Comments