Democratic Fundraising Firm Leaves Data-Filled NAS Open To Public

A consumer-grade network attached storage (NAS) device owned by Rice Consulting, a fundraising firm working primarily with the Democratic Party, containing client data and passwords giving access to other organizations, was left publicly accessible, a cyber security research firm discovered. The factory-set authentication of the Buffalo TeraStation NAS device was disabled, leaving it open to being […]

Critical Vulnerability Discovered In Popular Cisco WebEx Service

Secunia Vulnerability

A new critical remote code execution vulnerability flaw has been discovered in Cisco’s WebEx online and video collaboration software. The vulnerability can allow malicious attackers to remotely execute commands through a component of the WebEx client even when WebEx does not listen for remote connections. Lane Thames, Senior Security Researcher at Tripwire:  “This is an interesting vulnerability. I […]

Swing State Election Websites Easily Spoofed

20 key swing states have non-.gov domains and can easily be spoofed to spread dis-information according to Steve Grobman, CTO of McAfee. Mike Bittner, Digital Security & Operations Manager at The Media Trust: “Government websites in general are popular targets of malicious campaigns because they make bad actors’ jobs easy. They are too often poorly secured; […]

Newly Discovered FilesLocker Ransomware Targeting Chinese And English Speaking Victims

A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims. This ransomware was first spotted by MalwareHunterTeam who posted about it on Twitter. At the time, it looked like your standard small little C# ransomware with little or no distribution. It turns out, though, that this ransomware is being […]