17 Jan 2020

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Infinite Client and WP Time Capsule, two WordPress plugins, contain vulnerabilities that leave sites open to attack. The bug is a critical authorization complication that allows adversaries access to the backend of a site without a password. The attacker only needs the admin username for the WordPress plugins. Both of

Read More
17 Jan 2020

U.S. Army Hacked By 52 Hackers In Five Weeks

Between October 9 and November 15 of 2019, the US Army was hacked by a total of 52 individual hackers. The ethical hackers participated in the second “Hack the Army” event. A spokesperson at the US Department of Defense Defense Digital Service stated that the Army is analyzing the hacks

Read More
17 Jan 2020

FBI: Nation-state actors have breached two US municipalities

Last year, nation-state hackers breached the networks of two US municipalities according to the FBI. The agency sent out a security alert to private industry partners announcing the breaches last week. Attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach the networks. After the attackers gained advantage over

Read More
17 Jan 2020

Kubernetes bug bounty program open to anyone, rewards up to $10,000

Kubernetes has announced that they plan to launch a bug bounty program with rewards as high as $10,000. The company was originally designed by Google but has since been open-sourced and handed over to the Cloud Native Computing Foundation, becoming a community project. The bounty program will be managed by

Read More
15 Jan 2020

U.N. Weathers Storm of Emotet-TrickBot Malware

Emotet malware operators have recently targeted the United Nations personnel in an attack that aimed to deliver the TrickBot trojan malware. Researchers at Confense stated that a phishing campaign fraudulently representing the Permanent Mission of Norway has taken place over the last several days. The emails were sent to 600

Read More
15 Jan 2020

Google removes WhatsGap from app store

Tech and search engine giant Google recently removed a popular Hong Kong pro-democracy mapping app from its app store. WhatsGap is an app that identifies retailers in support of Hong Kong’s democracy. Google stated that the removal of the app from the store was sparked by a recent influx of

Read More
15 Jan 2020

Chinese man arrested after making $1.6 million from selling VPN services

Chinese authorities have launched a crackdown against sellers and vendors of unauthorized VPN software within the country. China has been particularly focused on catching sellers advertising VPN services that are capable of bypassing China’s Great Firewall technology. The Chinese government and law enforcement agencies have been making arrests since mid-2017,

Read More
15 Jan 2020

2017 Data Breach Will Cost Equifax at Least $1.38 Billion

Equifax has agreed to set aside a minimum of $380.5 million for breach compensation and promises to spend another $1 billion on elevating its information security over the next five years. Customers affected by the breach, almost 147 million US consumers, have one week from today to file a claim.

Read More
15 Jan 2020

Texas School District Loses $2.3m in Phishing Raid

A Texas school district, Manor Independent School, has been hit by a series of phishing attacks that posed a serious financial threat to the district, costing the entity an estimated $2.3 million. The scam is being investigated by the US FBI, who is encouraging anyone with information regarding the incident

Read More
15 Jan 2020

An Israel-U.S. Merger Creates An Apple Hacking Powerhouse For The Feds

Attorney General William Barr has criticized Apple for their disengagement in the FBI investigation of the Pensacola Navy Base Shooter. Apple has refused to unlock iPhones belonging to the perpetrator, claiming that it would set a dangerous precedent of the tech giant. However, a recent merger between two digital forensics

Read More