Health Website Leaks 8 Million COVID-19 Test Results
In India, a teenaged ethical hacker named Sourajeet Majumder uncovered a flawed endpoint associated with a health department in the state of Bengal that exposed eight million Covid-19 test results and personally identifiable information. The data leak, likely a human-related error, has exposed confidential health information for an entire geographic
Cisco Warns of Critical Auth-Bypass Security Flaw
Cisco has allegedly fixed a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches. The vulnerability could allow for a remote attacker to bypass authentication, according to the company. The bug is one of three critical flaws patched by Cisco this past week. The
Microsoft Releases Free Tool for Hunting SolarWinds Malware
Microsoft has released a free tool designed to hunt SolarWinds malware following a devastating espionage campaign in which Russian state hackers compromised SolarWind’s Orion software in a supply-chain attack that affected major US organizations and federal agencies. Organizations who are still investigating whether they are victims of or still infected
VMware patches bug that put many large networks at risk
VMware has patched a critical vulnerability that was found in its vCenter Server VMware utility that could have allowed for remote code execution on a vulnerable server. Positive Technologies discovered the flaw and reported VMware to the bug. In a press release published on Wednesday, the security company explained how
Microsoft Lures Populate Half of Credential-Swiping Phishing Emails
According to a Tuesday report by Cofense, cybercriminals are increasingly using Microsoft services such as Outlook, Teams, and Office to launch themed phishing attacks and steal credentials from their targets. According to Cofense, almost half of phishing attacks in 2020 aimed to steal Microsoft credentials using lures related to the
New APT Group Targets Airline Industry & Immigration
According to researchers at Malwarebytes, a new APT group has been discovered. The group has been named LazyScript and bears some similarities to other known Middle Eastern threat groups, however, due to techniques and tools used, Malwarebytes has designated them to be a distinct operation separate from other known groups.
Solarwinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Due to the recent Russian espionage breach against its Orion software, SolarWinds reportedly spent more than $3 million on cybersecurity costs in the fourth quarter of 2020 and predicts this number will rise to $25 million in 2021. The massive spending includes initiatives to further product defense, remediation for the
Airplane maker Bombardier data posted on ransomware leak site following FTA hack
Bombardier, a Canadian airplane manufacturer, has disclosed that they have suffered from a security breach in which some of its data was subsequently leaked on a dark web portal. The company claims to have been hit by the Clop ransomware gang. The company gave a press release in which they
Finnish IT Giant Hit with Ransomware Cyberattack
Major Finnish IT provider TietoEVRY has been hit with a ransomware attack that has forced some services offline. The attacks have disrupted company operations while it is attempting to mitigate any further risks and ensure that all systems are restored. The ransomware attack created technical problems with several services that
Re-Embrace American S&T
The Potomac Institute for Technology studies has released a new brief outlining key areas in which the organization will focus on implementing with the goal of furthering science and technology efforts in the US. The publication serves as a guide for other cutting-edge-tech-focused companies on how to reinvigorate American science