Posts From CCME

Security researchers have uncovered a massive 890GB database containing over one million highly sensitive web browsing records leaked by a South African IT company. The Elasticsearch database, which was left online without any password protection, belonged to Conor, which has

vpnMentor researchers discovered an unsecured server belonging to the Chinese e-store LightInTheBox.com containing 1.3TB of web server logs. Infosec researchers have uncovered an unsecured Elasticsearch database containing 1.3TB of web server log entries held by Chinese e-commerce website LightInTheBox.com. LightInTheBox

Security researchers from Trend Micro observed a new malware activity targeting devices running the Linux platform, the malware samples found to be connected with Momentum Botnet. The malware campaign targets to install a backdoor on the Linux platform that accepts

The security of RSA certificates has come under scrutiny after researchers revealed that they were able to break nearly a quarter of a million currently active keys. Security vendor Keyfactor announced its findings in a paper published at the First

Funds advised by global private equity advisors Apax Partners are to acquire cybersecurity assessment and consulting services provider Coalfire. The long-established cybersecurity firm, which has 730 employees operating from 11 locations in the United States and the United Kingdom, is

A new malware campaign dubbed Krampus-3PC targets iPhone users has impacted more than 100 UK news publisher and magazine websites. The users who visited those infected publication websites are redirected to fake grocery ads page. The malware campaigns mount up

The office of Pennsylvania attorney general Josh Shapiro has reached a settlement with travel websites Orbitz and Expedia following an investigation into a 2018 data breach. The cybersecurity incident, disclosed by Orbitz in March 2018, may have exposed the personal

Thousands of Metropolitan Police officers have attended online training courses to teach them crucial digital policing skills over the past two years, according to newly released information. UK-based cloud hoster Nimbus Hosting submitted Freedom of Information (FOI) requests to the

The City of New Orleans has become the latest major US municipality to suffer a crippling ransomware attack, with a string of public services affected over the weekend. City workers were ordered to unplug their machines on Friday morning after

A US entertainment company has become the latest brand to have its e-commerce store attacked in a data harvesting raid using malicious JavaScript and phishing techniques. Texas-based Rooster Teeth makes podcasts, animated shows and short-form content for distribution, but also

The adware programs will tend to serve unwanted advertisements on your mobile phone and computer. The adware can be included with some apps in a legitimate way to generate revenue. By clicking the ads it directs the users to the

Researchers observed a new crypto-mining malware campaign that uses a process hollowing method and a dropper component to deploy Monero miner on windows installations. Process hollowing is a method to hide the presence of the process by replacing it with

Visa Payment Fraud Disruption (PFD) observed that hackers attack point-of-sale merchants by injecting POS malware across North American fuel dispenser merchants to steal the cardholder data. Sophisticated hackers groups breach the internal network of the POS Merchants to infect the

A malvertising campaign that involved more than 100 publisher websites targeted iPhone users to deliver the Smart Krampus-3PC Malware. According to The Media Trust’s Digital Security & Operations (DSO) team, iPhone users have been targeted by a malvertising campaign that

WordPress 5.3.1 released with security and maintenance based updates with 46 fixes and enhancements. There are 4 security vulnerabilities fixed in this update that affects WordPress versions 5.3 and earlier. The first one is a privilege escalation vulnerability that allows

Experts discovered tens of flaws in the Siemens SPPA-T3000 control systems that could be exploited to attackfossil and renewable power plants. Siemens informed customers that the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server