Security

0 Comments
Two different WordPress plugins have caused a few headaches this week. Hackers reportedly exploited an old vulnerability found in the WordPress plugin WP Cost Estimation & Payment Forms Builder, according to Wordfence. A second and critical vulnerability was also found in the Simple Social Buttons plugin, according to WebARX. The flaw in the WP Cost Estimation plugin, which is
0 Comments
In the aftermath of multiple reports that millions of stolen records were dumped on the dark web, the dating app Coffee Meets Bagel confirmed that the accounts of approximately six million users were compromised in a breach, according to a Coffee Meets Bagel (CMB) spokesperson. The company also said that the stolen data was indeed part of
0 Comments
Only days after Infosecurity reported that OkCupid users said their accounts had been hacked, Checkmarx disclosed that the OkCupid Android App actually posed risks because of security failures in MagicLinks. It’s well known that malicious actors love to exploit a good holiday, which puts users at risk on Valentine’s Day. To identify any potential vulnerabilities,
0 Comments
The dark web seller identified as gnosticplayers on Dream Market has removed all listings that were previously up for sale, which reportedly included upwards of 620 million account records. “All my listings have been removed, to avoid them being bought so many times and being leaked, as a respect for my buyers. But don’t worry, next
0 Comments
Across healthcare organizations in the US, malicious actors are successfully leveraging phishing attacks to initially gain access to networks, according to findings from the 2019 HIMSS Cybersecurity Survey published by the Healthcare Information and Management Systems Society (HIMSS). The study, which surveyed 166 qualified information security leaders from November to December 2018, found that there
0 Comments
A security issue that affects several open source container management systems, including Amazon Linux and Amazon Elastic Container Service, has been disclosed by AWS. The vulnerabilities (CVE-2019-5736) were reportedly discovered by security researchers Adam Iwaniuk, Borys Poplawski and Aleksa Sarai and would allow an attacker with minimal user interaction to “overwrite the host runc binary and thus gain
0 Comments
Researchers have warned users of a new phishing technique which uses Google Translate to add authenticity to scams. Akamai security researcher Larry Cashdollar explained in a blog post that he was targeted by this tactic early in the new year, receiving an email telling him his Google account had been accessed from a new Windows
0 Comments
The Metropolitan Police force has been ‘trialing’ its controversial facial recognition cameras again and the latest deployment resulted in just one individual being charged. The capital’s police have been using these cameras for several years but FOI responses from several forces sent to rights group Big Brother Watch last year revealed the technology is 98-100%
0 Comments
News has surfaced of an attempted cyber-attack on the Australian government. As reported by the BBC, authorities in Australia are said to be investigating an effort that was made to hack into its parliament computer network. It is believed that information was not accessed and that the passwords of politicians were reset as a precaution.
0 Comments
Graphic novel fans, particularly those Kindle readers who adore the popular John Wick series, may have unknowingly downloaded fake ebooks promising them the opportunity to stream the third film installment prior to its release in May, according to Malwarebytes. The empty promise could do more than disappoint fans, though. According to researchers, the ebooks, which
0 Comments
A UK bank fell victim to a malicious SS7 attack that led to cyber-criminals emptying bank accounts at the UK’s Metro Bank, according to Motherboard. Though malicious actors have been able to exploit flaws in telecommunication infrastructure for years, it’s not being reported that attacks are able to intercept codes used for banking using Signaling
0 Comments
February 1 is change your password day, an annual “holiday” established back in 2012, according to a blog post from Gizmodo, as a way to get a wide collection of end users to change their passwords together. Over the course of the past seven years, though, passwords have continued to create enormous risks to enterprise
0 Comments
Two years after President Trump taking office, the Foundation for Defense of Democracies has issued its midterm assessment, The Trump Administration’s Foreign and National Security Policies, which looks in part at the administration’s cyber policies and the advances therein. Authored by Annie Fixler, deputy director for the Center on Cyber and Technology Innovation (CCTI), and David Maxwell,