IT services giant HCL left employee passwords, other sensitive data exposed online
IT services giant HCL left employee passwords exposed online, as well as customer project details, and other sensitive information, all without any form of authentication, research by security consultancy UpGuard reveals. [ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they’re […] more…W97M/Downloader Malware Dropper Served from Compromised Websites
W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a year, which serves as a doorway to Vawtrak and Dridex banking trojans. This malware campaign targets a wide array of users via their operating system and browser to deliver the […] more…How MVISION Mobile can combat the WhatsApp Buffer Overflow Vulnerability
A new WhatsApp vulnerability has attracted the attention of the press and security professionals around the world. We wanted to provide some information and a quick summary. This post will cover vulnerability analysis and how McAfee MVISION Mobile can help. Background On May 13th, Facebook announced a vulnerability associated with all of its WhatsApp products. […] more…Siemens Addresses Vulnerabilities in LOGO, SINAMICS Products
The May 2019 Patch Tuesday advisories from Siemens address over a dozen vulnerabilities, including serious flaws affecting the company’s LOGO and SINAMICS Perfect Harmony products. read more more…Tesla fundraising push blows past $2 billion target
Tesla fundraising push blows past $2 billion target l33tdawg Sat, 05/04/2019 – 09:22 more…Tech Support Scam Employs New Trick by Using Iframe to Freeze Browsers
by: Samuel P Wang (Fraud Researcher) We discovered a new technical support scam (TSS) campaign that makes use of iframe in combination with basic pop-up authentication to freeze a user’s browser. Since this technique is new and unfamiliar, it can potentially evade detection. Like many TSS campaigns, it disguises itself as a legitimate or well-known […] more…Why Getting Followers On Instagram Is Important For A Business
Instagram is a great social media network if you want to market your brand. Apart from letting you showcase products from your Shopify store, using Instagram helps in many ways to promote your business. Let’s look at the different ways by which Instagram can help your business. A Huge User Base One of the best […] more…Atlassian JIRA CVE-2019-3401 Information Disclosure Vulnerability
Type: Vulnerability. Atlassian JIRA is prone to an information-disclosure vulnerability; fixes are available. more…Atlassian JIRA CVE-2019-3403 Information Disclosure Vulnerability
Type: Vulnerability. Atlassian JIRA is prone to an information-disclosure vulnerability; fixes are available. more…Blochainbandit stole $54 million of Ethereum by guessing weak keys
Someone has been quietly pilfering Ethereum (ETH) cryptocurrency worth millions of dollars without anyone noticing or, apparently, caring. more…Rockwell Controller Flaw Allows Hackers to Redirect Users to Malicious Sites
A serious vulnerability affecting some of Rockwell Automation’s MicroLogix and CompactLogix programmable logic controllers (PLCs) can be exploited by a remote attacker to redirect users to malicious websites. read more more…Banking Trojan Drive-by Download Leverages Trust in Google Sites
Brazilian hackers have developed a drive-by download attack leveraging the inherent trust in the Google name. A banking trojan known as LoadPCBanker is deployed using the file cabinets template in Google sites as a delivery vehicle. read more more…Resolved: DIMC, accounts.psu.edu, MyPennState, & other websites are slow
This issue has been resolved, and impacted services have been restored to normal functionality. Alert Information: Penn State IT has confirmed this issue is also impacting GI, IBIS, and eBuy. People and Locations Impacted: Some students, faculty, and staff at all Penn State locations IT Service(s) Impacted: Services and websites that rely on the Central […] more…Update: DIMC, accounts.psu.edu, MyPennState, & other websites are slow
Penn State IT has confirmed this issue is also impacting GI, IBIS, and eBuy. Original Alert: People and Locations Impacted: Some students, faculty, and staff at all Penn State locations IT Service(s) Impacted: Services and websites that rely on the Central Person Registry (CPR) including: DIMC accounts.psu.edu MyPennState Graduate Applications Date and Time: Issue began […] more…Google expands cloud security capabilities, including simpler configuration
Google has announced 30 new features or enhancements of its Google Cloud platform that are designed to improve the ability of organizations to manage security not only for the Google platform, but other cloud-based services and applications as well. “The mission here is to build the most trusted cloud,” said Michael Aiello, product management director […] more…Phishing Attack Uses Browser Extension Tool SingleFile to Obfuscate Malicious Log-in Pages
by Samuel P Wang (Fraud Researcher) The effectiveness of phishing makes it a permanent staple of a cybercrime. The concept behind phishing itself is simple — lure an unsuspecting victim to download a file or click a link by posing as something legitimate — but the strategies used by cybercriminals have become increasingly sophisticated. While […] more…More information
- Varjo and a better approach to VR-based collaboration
- What’s in a typo? More evidence tying North Korea to the Sony hack
- New Zoom Features Tackle Meeting Disruptions
- 7 Top Tools for Single Sign-on
- NATO Exercise Tests Skills of National Cyber Defenders
- Cisco, Juniper Patch Operating System Flaws
- Resolved: Office 365 mailbox provisioning and User Managed Group synchronization to Office 365 will be unavailable.
- FBI Director Says ‘Sloppy’ North Korean Hackers Gave Themselves Away
- vSphere upgrade saga: Fixing VMware View
- ProtonMail Suspects State-Sponsored DDoS Attack