Most Of The Fortune 100 Still Use The Flawed Software That Led To The Equifax Breach

It has been reported that almost two years after Equifax’s  massive hack, the majority of Fortune 100 companies still aren’t learning the lessons of using vulnerable software. In the last six months of 2018, two-thirds of the Fortune 100 companies downloaded a vulnerable version of Apache Struts, the same vulnerable server software that was used by hackers to steal the personal data on […]

Credit Card Info Sold On The Dark Web From City Of St. John’s Parking System Hack

Credit card information from about 6,000 people was sold on the dark web after The City of St. John discovered that it’s parking system had been hacked with a malware that collected credit card information for the previous 18 months from those paying parking tickets. Ryan Wilk, VP of Customer Success at NuData Security: “Once […]

YouTube Impersonation Scam Tricks 70,000

In light of the news that around 70,000 people have been tricked by a scam that encourages users to click on malicious links by personating popular YouTubers. Don’t be fooled: Scammers are pretending to be top YouTube stars and offering ‘gifts’ (GOOG, GOOGL) A YouTube scam reported this week is upholding the age-old adage —if […]

Formbook Information Stealing Malware

A file-hosting service is passing around Formbook, an information stealing malware that all starts with a phishing campaign according to researchers at Deep Instinct. Mike Bittner, Digital Security and Operations Manager at The Media Trust: “Data breaches happen only to other people until they don’t. FormBook illustrates why there are many parties to share the […]

Microsoft Exchange Vuln Enables Attackers To Gain Domain Admin Privileges

Microsoft Exchange 2013 and newer versions are vulnerable to a privilege escalation attack that gives anyone with a mailbox a way to gain domain administrator rights at potentially 90% of organisations running Active Directory and Exchange, according to a security researcher. The attack is possible because of the extensive privileges available by default in Exchange and therefore cannot […]

Rubrik Massive Database Leak

Following the server security lapse that has exposed a massive database of customer information belonging to Rubrik, Terry Ray, SVP and Imperva Fellow, stresses the catastrophic impact that the interconnectedness of security programs is creating. Terry Ray, SVP and Imperva Fellow: “Today’s Rubrik data exposure once again highlights the interconnectedness of all security programs, and how one breakdown – and in this […]

Experts Reaction On State Bank Of India Exposes Millions Of Customers’ Data….More Leaks Trading On The Dark Web

Earlier today, TechCrunch has reported that the government-owned State Bank of India (SBI), India’s largest bank and the number four company in the Fortune India 500, left a server unprotected, allowing anyone to access the financial information of millions of customers including partial bank account numbers, phone numbers, balances and recent transactions. The server stored two months of […]

The State Of Web Application Vulnerabilities In 2018

Web application vulnerabilities have been around for years and are often caused by application design flaws and misconfigured web servers. These vulnerabilities can be easy targets for hackers looking to capitalise on security flaws. With more and more web application security solutions available on the market, organisations are increasingly placing more importance on ensuring the […]

Apple Fixes Grouop FaceTime ‘Eavesdropping’ Bug

Following the news that Apple has temporarily disabled the group FaceTime functionality while it fixes a bug which let users eavesdrop on those they were calling, security experts commented below. How a high school student ‘stumbled upon’ Apple’s FaceTime bug and tried to report it — Trade For Profit 📈 (@TFPdaily) January 30, 2019 Jake […]

Discover Card Breach

Cybersecurity executives commented on the early news of a Discover Card customer data breach, including fraud and compliance concerns: Discover Card Users Affected by Data Breach, New Credit Cards Issued — Buddahfan (@Buddahfan) January 30, 2019 Expert Comments below: Anthony James, Chief Strategy Officer at CipherCloud: “Discover’s breach is very typical of the news we hear […]