Privilege Escalation Vulnerability Found in Honeywell Android Computers

Privilege Escalation Vulnerability Found in Honeywell Android Computers

A total of 17 Honeywell handheld computers were recently found vulnerable to a privilege escalation bug that could enable attackers to fully compromise the device and its stored data. The remotely exploitable vulnerability (CVE-2018-14825) has been tagged as “Improper Privilege Management,” and exploitation involves a tampered third-party app that elevates ... Read More
UK Airport Won’t Negotiate With Ransomware Attackers; Falls Back to Whiteboards

UK Airport Won’t Negotiate With Ransomware Attackers; Falls Back to Whiteboards

UK’s Bristol Airport computers that displayed flight departure and arrival information were taken offline by a ransomware infection, causing officials to fall back to whiteboards and paper posters. The airport’s TV screens started displaying a ransom note early Friday morning, prompting airport officials to issue a warning over the weekend ... Read More
Veeam Leaks 200 GB Customer Database, Goldmine for Phishers

Veeam Leaks 200 GB Customer Database, Goldmine for Phishers

A database containing 200 gigabytes of customer data, estimated to harbor around 445 million records, has been exposed online by backup and recovery company Veeam, thanks to an improperly secured server hosted on Amazon. The database apparently contained names, email address, IP addresses, referrer URL addresses, customer organization size, and ... Read More
Six Critical Vulnerabilities in Adobe ColdFusion Get Patches

Six Critical Vulnerabilities in Adobe ColdFusion Get Patches

Adobe recently released a series of 11 security patches, including six rated critical, and urged Adobe ColdFusion users to start applying the updates ASAP. The security advisory mentions that the 2018 and 2016 versions of ColdFusion, as well as version 11, have critical vulnerabilities that could be exploited to enable ... Read More
Critical RCE Vulnerability in Facebook Server Patched, Researcher Nabs $5,000 Bounty

Critical RCE Vulnerability in Facebook Server Patched, Researcher Nabs $5,000 Bounty

A critical remote code execution vulnerability in a Facebook server was recently patched after security researcher Daniel ‘Blaklis’ Le Gall reported it using a proof-of-concept. The vulnerability was found in an unstable Sentry service – a cross-platform application capable of collecting logs and debugging Python apps – written in Python ... Read More
Windows Zero-Day Vulnerability Comes With PoC on GitHub

Windows Zero-Day Vulnerability Comes With PoC on GitHub

A new zero-day vulnerability was recently made public following a Tweet from @SandboxEscaper, who claimed to be frustrated with Microsoft and, apparently, their bug submission process. The tweet included a link to the proof-of-concept for the alleged zero-day vulnerability on GitHub, prompting security researchers to download and test @SandboxEscaper’s claims ... Read More
2.3 Million T-Mobile Customers Exposed Following Data Breach

2.3 Million T-Mobile Customers Exposed Following Data Breach

The personal data of 2.3 million T-Mobile customers may have been exposed and could be up for sale following a data breach on Aug. 20. While the company did say it successfully blocked the attack and no credit card information, social security numbers, or passwords were compromised, other personal data ... Read More
Remote Access Phone Scams Bilk Australians of AU$4.4 Million Stolen So Far in 2018

Remote Access Phone Scams Bilk Australians of AU$4.4 Million Stolen So Far in 2018

The Australian Competition and Consumer Commission (ACCC) reported that 8,000 scam attempts that have taken place by mid-2018 have resulted in AU$4.4 million being lost to scammers. While traditional phone scams trick victims into believing their computers are riddled with malware and promise to clean them by instructing them to ... Read More
Triout – Spyware Framework for Android with Extensive Surveillance Capabilities

Triout – Spyware Framework for Android with Extensive Surveillance Capabilities

No operating system is safe from malware, as cyber criminals will always want to steal, spy or tamper with your data. The proliferation of Android devices – from smartphones to tablets and smart TVs – has opened up new possibilities for malware developers, as all these devices pack microphones, cameras ... Read More

Top 4 Things MSPs Must Do in a Security Breach

|
Data breaches have become the new norm, presenting a major security concern for organizations, as both customer personal data and a company’s intellectual property have become high value targets for cybercriminals ... Read More
Loading...