Joomla is believed to still contain an old remote code execution (RCE) flaw in its platform. An attacker exploited this flaw and used malicious PHP code to compromise websites as well as bypassed the CMS’ mail service. Popular content management system (CMS) Joomla has been hit with new spam campaigns recently. As per a report by Check Point Research, a ...
Read More »Cyber Security News
Google revealed yesterday that a patch for Chrome last week was actually a fix for a zero-day that was under active attacks.
The attacks exploited CVE-2019-5786, a security flaw and the only patch included in the Chrome 72.0.3626.121 version, released last Friday, March 1, 2019. According to an update to its original announcement and a tweet from Google Chrome’s security lead, the patched bug was under active attacks at the time of the patch. Google described the security flaw as a memory management error in Google ...
Read More »Police warn of fake anti-virus alert scam
WINCHESTER, Va. (WHSV) — A scam involving fake anti-virus alerts on computers is becoming increasing popular in the Winchester area, prompting the Winchester Police Department to issue a warning to citizens. In one recent case, a woman lost $350 to the scam, while another man lost $250. This is not a new scam by any means, but it remains a dangerous ...
Read More »Adwind RAT resurfaces again, relies on another malware for infection
It now comes as a variant that uses different payloads and spreads mainly through JAR files. In this camapign, the VBS-based infamous worm Houdini is leveraged to infect computer systems. Adwind, a well-known multifunctional malware program which made news in late 2017 has sprung back. A report by McAfee Labs indicated that the remote access tool (RAT) now relies on another malware ...
Read More »Most Firms in India Lack Adequate Cyber Security: Report
The ‘EY Global Information Security Survey 2018-19 – India Edition’ suggested that companies should invest in analytical capabilities as they would enhance threat detection and improve awareness in company board rooms. Cyber security operations at most companies in India are inadequate and do not meet the security needs, a report by Ernst & Young said, here on Thursday. The ‘EY ...
Read More »Rush University Medical Center data breach, 45,000 patients affected
About 45,000 Rush University Medical Center patients had their data exposed when a third-party employee mistakenly exposed a file containing the data to an unauthorized individual. The Chicago hospital said the data breach most likely happened in May 2018 when a worker at the hospital system’s billing processing vendors disclosed a file containing the patient information to an unauthorized individual, ...
Read More »Students from Carnegie Mellon University Win 2019 Deloitte Foundation Cyber Threat Competition
College students representing 15 universities compete at Deloitte University for a real-world challenge of cyber and business complexity. Four students from Carnegie Mellon University won the 2019 Deloitte Foundation Cyber Threat Competition. Team members Karttik Panda, Veera Nandiraju, Sanika Suwant and Nishith Yadav each received $2,000 in scholarship money. Carnegie Mellon University teams have competed since the competition began five ...
Read More »Experian: More Than a Third of Companies are Unprepared to Respond to a Data Breach
Sixth annual corporate preparedness study also reveals that businesses lack confidence in preventing an attack. Are companies ready for today’s sophisticated cybercriminals and impact of data breaches? Experian’s annual corporate preparedness study, Is Your Company Ready for a Big Data Breach?, reveals that progress has been made, but companies need to do better. Conducted by the Ponemon Institute, the findings reveal ...
Read More »Data leaks, default passwords exposed in visitor management systems
Researchers have uncovered a swathe of vulnerabilities which impact visitor management systems in which automation has replaced human assistants. Automation, artificial intelligence (AI), machine learning (ML), the Internet of Things (IoT), and mobility have begun to permeate every aspect of our daily lives. In the hospitality industry, these technologies have presented an opportunity to improve the security of visitors and ...
Read More »Attackers continue to enhance their performance, apply smart business techniques
During the second half of 2018, attackers bulked up existing tactics, rapidly evolvied new performance enhancements, and applied smart business techniques to vastly accelerate attack growth rate, according to the latest Threat Landscape Report by Netscout. IoT’s countdown to attack Constant targets of DDoS malware, IoT devices come under attack within five minutes of being plugged in and targeted by specific exploits ...
Read More »