11 Mar 2020

Microsoft March 2020 Patch Tuesday Fixes 115 Vulnerabilities

Today Microsoft released its monthly Patch Tuesday security update, publishing fixes for 115 vulnerabilities in Microsoft products. Of the 115, 24 of the vulnerabilities are classified as Critical while 88 are classified as Important. Experts advise users to install these security updates as soon as possible to mitigate possible security

Read More
11 Mar 2020

Critical Bugs in Rockwell, Johnson Controls ICS Gear

A set of critical vulnerabilities in Rockwell Automation gear was discovered recently, and the bugs affect MicroLogix 1400 Controllers as well as MicroLogix 1100 Controllers and RSLogix 500 Software. The vulnerabilities are known to require very little skill to exploit and have been discovered in both Rockwell Automation and Johnson

Read More
11 Mar 2020

Phishers Use Fake HIV Test Results as Bait

Cybersecurity researchers have discovered a new phishing campaign that uses fake HIV test results to gather information from victims after clicking a malicious link, targeting insurance, healthcare and pharmaceutical companies around the world. Researchers at Proofpoint uncovered the campaign, stating that the cybercriminals were impersonating Vanderbilt University Medical Center and

Read More
10 Mar 2020

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

AMD has disclosed side-channel attacks in CPUs, and stated that they are not new. The company has been significantly downplaying the side-channel attacks that are capable of leaking potentially sensitive data from its processors released between 2011 and 2019. Researchers stated that these side-channel attacks extract sensitive information through signals

Read More
09 Mar 2020

T-Mobile Suffers Another Breach as Staff Emails Targeted

The phone carrier T-Mobile recently suffered a malicious cybersecurity attack that allowed the attacker access to T-Mobile customer account information. This is not the first time that T-Mobile has been the subject of such an attack; in 2018, 2 million customers had their information illegally accessed. T-Mobile is in the

Read More
09 Mar 2020

Critical Zoho Zero-Day Flaw Disclosed

The IT help desk ManageEngine software made by Zoho Corp has been compromised by a zero-day vulnerability that enables unauthenticated access to systems, allowing a remote attacker to launch attacks. Zoho has since released an update that addresses the vulnerability after it was discovered by Steven Seeley of Source Incite

Read More
09 Mar 2020

Ryuk Ransomware Behind Durham, North Carolina Cyberattack

The city of Durham, North Carolina recently shut down its network due to an attack by the Ryuk Ransomware. Ryuk is a ransomware developed by a Russian hacker that gains access to a network when someone opens a malicious email attachment. Upon gaining access, Ryuk is able to permeate network

Read More
06 Mar 2020

Transit Apps With 600,000 Installs Compromised To Target Military And Political Data

The most recent McAfee Mobile Threat Report has revealed that four Korean transit apps were compromised in what has been deemed a “MalBus” attack. The applications had been available for over five years and had been downloaded hundreds of thousands of times, but have since been removed from the Google

Read More
06 Mar 2020

54% of healthcare vendors have experienced a data breach of protected health information

According to data released by Ponemon Institute and Censinet, over half of all healthcare vendors have experienced a data breach in which protected health information was exposed. This is a costly problem that points to a flawed third party risk assessment processes. The report shows that 54% of healthcare vendors

Read More
06 Mar 2020

3 Data Breaches Disclosed This Week: J.Crew, T-Mobile, and Carnival

This week, a series of enterprise data breached were disclosed, effecting the companies T-Mobile, J.Crew, and Carnival Corp. The high toll this week underscored how cybercriminals have been targeting companies recently. J.Crew stated that its customers’ information was compromised, and email addresses and passwords were obtained by an unauthorized third

Read More