Vulnerability

Apple iOS patching error, MoviePass data breach New Facebook privacy controls

You listen to the shared security podcast and discover the confidence you place in people, applications and technology… with your host, Tom Eston. Facebook announces new off-Facebook privacy controls, how Apple made everybody’s iOS system vulnerable and details of the massive MoviePass data breach in episode 83 of August 26, 2019. This week I read

[ Read More ]

7 Big Factors that makes Small Business at Risk

Small organizations still face a long list of threats to security. These threats and vulnerabilities should take precedence. Increasingly, cyber criminals are targeting smaller organisations. This makes small and medium-sized enterprises (SMBs) hard to find. They are also working with smaller budgets and staff constraints in the face of a long list of cyber threats,

[ Read More ]

Australia Banks warn Customers of a fresh PayID data violation

Banks have begun to warn customers of a new PayID data breach, which was reported late Friday to the NPP Australia new payment platform supervision. NPP Australia said that an unrevealed number of PayID records “and associated data in the Addressing Service were exposed by a vulnerability in one of the financial institutions sponsored into

[ Read More ]

All about Malware Trade and it’s Psychological Tricks

As a professional services consultant, I am pleased to meet customers around the world and talk to a wide range of IT security experts who are at the forefront of malware defence. One of my favorite topics is how people have started their IT careers, but I am frequently surprised by the number of people

[ Read More ]

Common Ways For Countering Privileged Identity Theft Attacks

Work efficiency cannot be improved without an internal/external network environment these days; successful organizations are all data-driven entities. However, while the Internet comes with convenience, there is a risk of leaking personal information. There are various causes of identity theft, but one is sophisticated of malware such as targeted attack emails. Targeted attack emails are

[ Read More ]

Decade-old Avaya Phone Security Flaw, Patched At Last

Who can ever forget of Avaya phones and its near-monopoly of the corporate communication equipment market for Fortune 100 companies pre-Skype? As software VOIP solutions matured, companies are slowly but surely migrating away from hardware-based VOIP phones, including Avaya. For the last 10 years that Avaya ruled the offices, it harbored a remote code execution

[ Read More ]

South Korean Debit/Credit Card Theft, At Alarming Levels

Security researchers from Gemini Advisory, a cyber threat intelligence firm, disclosed a huge sale campaign for credit/debit cards in hacker forums belonging to South Korean cardholders. The first batch of stolen card credentials was numbered to 890,000, while the second batch reached 230,000 units, all in all, the number of cards “for sale” in the

[ Read More ]

Mitrecorp Issues Fake Vulnerability Bug Report For VLC Player

CERT-Bund has issued a critical advisory regarding an alleged persistent vulnerability in all versions of VLC Player from version 3.0.7.1 and older. VLC Player is a very popular cross platform open source media player with versions available in Windows, Linux, MacOS, iOS, Android and Unix. The bug has something to do with buffer over-read, connected

[ Read More ]

K12.com – 7Million Student’s Record Data Breach Exposed

Records show that K12.com, a web-based educational firm has suffered a massive 7-million student records breach due to an insecure version of MongoDB database server. Bob Dianchenko a security researcher at Comparitech has witnessed student data from K12.com was made public on June 25, 2019. According to his discovery, it took K12.com more than a

[ Read More ]