Critical Vulnerability In IBM Cloud Functions Serverless Platform

It has been reported that IBM has patched a critical vulnerability in Apache OpenWhisk, the open source serverless platform that IBM uses to run its cloud functions. This vulnerability allowed an attacker to replace a company’s serverless code with their own malicious code instead. Tim Mackey, Senior Technical Evangelist at BlackDuckbySynopsys: “OpenWhisk is an Apache Software Foundation project which provides a framework […]

F5 Security Product Rollout

data_security

Sharing that today, F5 Networks released its 2018 Application Protection Report, which delves into the major application-based threats modern enterprises face while revealing how little these enterprises and their executives understand about how cyberattacks access their applications and data. In addition to offering data points on cyber-threat issues like the recent uptick in injections attacks and […]

Gift Card Fraud – Digital ‘Bait & Switch’ (Recent Kaspersky Findings)

In response to recent Kaspersky findings on a new online bait & switch gift card scam where fraudsters promise a gift card code when the user goes through several steps and enters their PII, and then (of course!) gives them nothing in return, NuData offers perspective on the larger implications for organizations and individuals of purloined PII. […]

Swann’s Home Security Camera Recordings Could Be Hijacked

News is breaking that popular wireless security camera designed to safeguard businesses and homes was vulnerable to a spying hack.The flaw meant it was possible to hijack video and audio streamed from other people’s properties by making a minor tweak to Swann Security’s app. Researchers found the problem after the BBC reported a case where one customer […]

Shipping Giant COSCO Hit By Ransomware Attack

A ransomware infection has crippled the US network of one of the world’s largest shipping giants —COSCO (China Ocean Shipping Company). IT security experts commented below. Javvad Malik,  Security Advocate at AlienVault: “Ransomware continues to wreak havoc within companies. It’s unclear whether this was a targeted or casual attack, but employees should be trained to be able […]

“Death” Botnet Exploits Old AVTech Flaw

It’s being reported that a malware author by the name of EliteLands is currently building a botnet named “Death” by targeting unpatched AVTech devices. The hacker is using an exploit for these devices that was published back in late 2016. The exploit targets 14 well-known vulnerabilities in the firmware shared by several AVTech device types, such as DVRs, NVRs, IP […]

Identity Assurance By Our Own Volition And Memory

Summary In an earlier article we briefly referred to Expanded Password System (EPS) that accepts both images and texts as the shared secrets. The proposition of EPS is now acknowledged as a ‘Draft Proposal’ for OASIS Open Projects that OASIS has recently launched as a new standardization program. We have publicized an EPS draft specification […]