Microsoft Patches Windows Zero-Day Disclosed via Twitter

Microsoft’s Patch Tuesday updates for September 2018 address over 60 vulnerabilities, including a zero-day disclosed by a researcher and exploited shortly after by a threat actor. The actively exploited flaw,...
Continue reading
0 Comments

SAP Patches Critical Vulnerability in Business Client

SAP today released its September 2018 set of patches to address a total of 14 vulnerabilities in its products, including a critical bug in SAP Business Client. Featuring a CVSS...
Continue reading
0 Comments

The Risk of Triangulation: You May Just be a Piece of the Puzzle

As the world’s ongoing conversion to the digital realm continues, the risks involved with protecting sensitive information will only intensify.   For security teams, this means expanding your view of risk...
Continue reading
0 Comments

OpenSSL 1.1.1 Released With TLS 1.3, Security Improvements

The OpenSSL Project on Tuesday announced the release of OpenSSL 1.1.1, the new Long Term Support (LTS) version of the cryptographic software library. According to the organization, the most important...
Continue reading
0 Comments

British Airways, Another Victim of Ongoing Magecart Attacks

The data breach that British Airways said last week to have impacted 380,000 of its users was caused by an attack from Magecart, a threat group known for the use...
Continue reading
0 Comments

Adobe Patches Vulnerabilities in Flash Player, ColdFusion

Adobe’s Patch Tuesday updates for September 2018 address a total of 10 vulnerabilities in Flash Player and ColdFusion, but none of the flaws appear too serious. Only one security hole...
Continue reading
0 Comments

Trend Micro Admits That Its Mac Apps Collect User Data

Trend Micro on Monday confirmed that some of its applications for Mac collect browser history and send it to the security firm’s servers.  Recent reports revealed that so-called security applications...
Continue reading
0 Comments

Hackers Can Clone Tesla Key Fobs in Seconds

Tesla key fob can be cloned in seconds
Researchers claim to have discovered a new attack method that can be used to quickly clone the wireless key fob of Tesla Model S and possibly other vehicles. The Passive...
Continue reading
0 Comments

Zerodium Discloses Flaw That Allows Code Execution in Tor Browser

Zerodium discloses Tor Browser zero-day exploit
Exploit acquisition firm Zerodium has disclosed a NoScript vulnerability that can be exploited to execute arbitrary JavaScript code in the Tor Browser even if the maximum security level is used....
Continue reading
0 Comments

Google Case Set to Examine if EU Data Rules Extend Globally

Google is going to Europe's top court in its legal fight against an order requiring it to extend "right to be forgotten" rules to its search engines globally. The technology...
Continue reading
0 Comments

China-linked Hackers Use Signed Network Filtering Driver in Recent Attacks

A cyber-espionage group believed to be operating out of China has been using a digitally signed network filtering driver as part of recent attacks, Kaspersky Lab reports. Tracked as LuckyMouse,...
Continue reading
0 Comments

Mac Apps From Apple's App Store Steal User Data, Researchers Say

Mac applications distributed via Apple’s official App Store marketplace are collecting and exfiltrating sensitive user data, security researchers have discovered.  The multiple programs exhibiting such behavior send the collected data...
Continue reading
0 Comments

Google Launches Alert Center for G Suite

Google is making it easier for G Suite administrators to access notifications, alerts, and actions by bringing them all together in a single place with the launch of a new...
Continue reading
0 Comments

How Automation Helps Security Managers

It’s the nature of security operations: the worse the situation, the more you need everything to be working perfectly. Any issues with your program need to be figured out ahead...
Continue reading
0 Comments

VPN Firms Release New Patches for Privilege Escalation Flaw

Virtual private network (VPN) service providers ProtonVPN and NordVPN have made another attempt to patch a potentially serious privilege escalation vulnerability that they first tried to address a few months...
Continue reading
0 Comments

Professionalizing Cybersecurity Practitioners

CyBOK
The formation of a professional body to provide standards of excellence within cybersecurity practitioners has been mooted for many years. Now the UK government has proposed the development of an...
Continue reading
0 Comments

IoT Botnets Target Apache Struts, SonicWall GMS

The infamous Mirai and Gafgyt Internet of Things (IoT) botnets are targeting vulnerabilities in Apache Struts and the SonicWall Global Management System (GMS), Palo Alto Networks has discovered. The Mirai...
Continue reading
0 Comments

Attackers Made 9,000 Unauthorized Database Queries in Equifax Hack: Report

It took Equifax 76 days to detect the massive 2017 data breach, despite the fact that attackers had conducted roughly 9,000 unauthorized queries on its databases, according to a new...
Continue reading
0 Comments

Russian Charged in JPMorgan Chase Hack Extradited to US

Russian Charged in JPMorgan Chase Hack Extradited to US
image
Cybercrime , Data Breach , Data Loss Andrei Tyurin Perpetrated Biggest Bank Customer-Data Heist in History, Feds Say( jeremy_kirk ) • September 10, 2018     A Russian national who's...
Continue reading
0 Comments

Android September 2018 Patches Fix Critical Flaws

Google has released its September 2018 security patches for Android, which resolves more than 50 vulnerabilities in the operating system. The September 2018 Android Security Bulletin is split into two...
Continue reading
0 Comments