American healthcare provider Universal Health Services (UHS) is facing a lawsuit filed in 2020 over a data breach. The suit will proceed, but only for one of the affected patients, Stephen Motkowicz, …
Android apps exposed data of millions of users through cloud authentication failures
Check Point Research published a report on Thursday detailing Android apps that contain critical cloud misconfiguration that allow for the potential exposure of data belonging to 100 million users. …
Cybercriminals scanned for vulnerable Microsoft Exchange servers within five minutes of news going public
According to a review of threat data from enterprise companies that was compiled between January and March this year and included in Palo Alto Networks' 2021 Cortex Xpanse Attack Surface Threat …
Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents
Website Planet researchers recently uncovered an AWS S3 web bucket left unsecured by FastTrack Reflex Recruitment, which has been renamed to TeamBMS. The database included personal information …
Continue Reading about Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents
RDP Hijacked for Lateral Movement in 69% of Attacks
According to a new report called the Active Adversary Playbook 2021, 90% of cyberattacks investigated by Sophos last year involved abuse of the Remote Desktop Protocol (RDP). Sophos states that 81% of …
Continue Reading about RDP Hijacked for Lateral Movement in 69% of Attacks
Bizarro Banking Trojan Sports Sophisticated Backdoor
Bizarro, a new Brazilian banking trojan, has launched a campaign targeting customers of roughly 70 known banks located throughout Europe and South America, according to researchers. The advanced …
Continue Reading about Bizarro Banking Trojan Sports Sophisticated Backdoor
Consumers Warned About Surge in Meal Kit Delivery Scams
Cybersecurity firm Tessain has warned consumers to be vigilant about a surge in meal kit delivery scams after uncovering SMS scams impersonating popular companies such as Gousto and HelloFresh. The …
Continue Reading about Consumers Warned About Surge in Meal Kit Delivery Scams
Cisco Patches Code Execution Flaw in VPN Product 6 Months After Disclosure
Earlier this week, Cisco announced that it had released patches for a high-severity vulnerability that lies in its AnyConnect Secure Mobility Client that can be exploited for remote code execution. …
Continue Reading about Cisco Patches Code Execution Flaw in VPN Product 6 Months After Disclosure
Impacted Vendors Release Advisories for FragAttacks Vulnerabilities
Vendors impacted in the FragAttacks, a series of recently disclosed Wi-Fi vulnerabilities, have released security advisories in response. A dozen CVE identifiers have been assigned to the set of …
Continue Reading about Impacted Vendors Release Advisories for FragAttacks Vulnerabilities
‘Scheme Flooding’ Allows Websites to Track Users Across Browsers
Security researchers have discovered a new vulnerability that allows browsers to enumerate applications on a machine, threatening cross-browser anonymity in popular search engines such as Chrome, …
Continue Reading about ‘Scheme Flooding’ Allows Websites to Track Users Across Browsers