Canadian financial giant, Scotiabank, has torn down GitHub repositories, which were inadvertently left open to the public and contained sensitive internal source code information, as well as some private login keys to backend systems. https://twitter.com/adamnanjee/status/1030070109946224640
ISBuzz Team
As part of our experts’ comment series, please find below comments from security experts on Linux malware (Skidmap) disguising itself on infected machines for the purpose of unlawful cryptocurrency mining, https://twitter.com/CoinBeatCrypto/status/1173996393209315333
It has been reported that scientists have developed new machine learning algorithms which can successfully identify bullies and aggressors on Twitter with 90 per cent accuracy. https://twitter.com/SkyNews/status/1173933189825478656
Research finds implementing RMM solution saves IT professionals ~$50,000 per year Central by LogMeIn today released its findings of a new global report, “Uncovering the Latest IT Trends, Threats, & ROI Solutions Deliver” revealing current market trends, security concerns, and quantification of the value IT solutions deliver. In addition, the report uncovers best practices to keep companies secure and breaks down the average ROI of implementing a Remote Monitoring and Management (RMM) solution for small and medium sized businesses. “Staying ahead of ever-changing security threats is one of the biggest challenges IT teams face today. For a SMB who is tasked to…
Greenbone Networks has released details of new research in to the security of the servers used by health providers across the world to store images of X-rays as well as CT, MRI and other medical scans. Of the 2,300 medical image archive systems worldwide that Greenbone analysed between mid-July and early September 2019, 590 of them were freely accessible on the internet, together containing 24.3 million data records from patients located in 52 different countries. Available data included patient names, dates of birth, dates of examination and some medical information about the reason for examination. For US patients (which make up…
LastPass has patched a bug that would have allowed a malicious website to extract a previous password entered by the service’s browser extension. It was reported that that the bug was discovered by Tavis Ormandy, a researcher in Google’s Project Zero team, and was disclosed in a bug report dated August 29th.
Police officers have raised concerns about using “biased” artificial-intelligence tools, a report commissioned by one of the UK government’s advisory bodies reveals. The study warns such software may “amplify” prejudices, meaning some groups could become more likely to be stopped in the street and searched.
In its latest study titled “SOHOpelessly Broken 2.0,” Independent Security Evaluators (ISE) discovered a total of 125 different security vulnerabilities across 13 small office/home office (SOHO) routers and Network Attached Storage (NAS) devices, likely affecting millions, The Hacker News reported.
Security researcher has discovered that 15,000 private webcams around the globe are exposed and accessible by anyone with an internet connection. They appear to have been installed by both home users and businesses in multiple countries across Europe, the Americas and Asia. They include devices from major manufacturers, including: AXIS net cameras; Cisco Linksys webcam; IP Camera Logo Server; IP WebCam; IQ Invision web camera; Mega-Pixel IP Camera; Mobotix; WebCamXP 5 and Yawcam. More info here: https://www.infosecurity-magazine.com/news/webcam-security-snafus-expose/
Researchers on Thursday disclosed what they said is a widespread, ongoing exploit of a SIM card-based vulnerability, dubbed “SimJacker.” The glitch has been exploited for the past two years by “a specific private company that works with governments to monitor individuals,” and impacts several mobile operators – with the potential to impact over a billion mobile phone users globally, according to by researchers with AdaptiveMobile Security. Simjacker has been further exploited to perform many other types of attacks against individuals and mobile operators such as fraud, scam calls, information leakage, denial of service and espionage,” said researchers with AdaptiveMobile Security…