Posts From CCME
Security researchers have uncovered a massive 890GB database containing over one million highly sensitive web browsing records leaked by a South African IT company. The Elasticsearch database, which was left online without any password protection, belonged to Conor, which has
vpnMentor researchers discovered an unsecured server belonging to the Chinese e-store LightInTheBox.com containing 1.3TB of web server logs. Infosec researchers have uncovered an unsecured Elasticsearch database containing 1.3TB of web server log entries held by Chinese e-commerce website LightInTheBox.com. LightInTheBox
Security researchers from Trend Micro observed a new malware activity targeting devices running the Linux platform, the malware samples found to be connected with Momentum Botnet. The malware campaign targets to install a backdoor on the Linux platform that accepts
One in 172 RSA Keys Vulnerable to Attack: Report
The security of RSA certificates has come under scrutiny after researchers revealed that they were able to break nearly a quarter of a million currently active keys. Security vendor Keyfactor announced its findings in a paper published at the First
Apax Funds to Acquire Coalfire
Funds advised by global private equity advisors Apax Partners are to acquire cybersecurity assessment and consulting services provider Coalfire. The long-established cybersecurity firm, which has 730 employees operating from 11 locations in the United States and the United Kingdom, is
New Krampus-3PC Malware Attacks iPhone Users to Steal Cookies and Redirects to Malicious Websites
A new malware campaign dubbed Krampus-3PC targets iPhone users has impacted more than 100 UK news publisher and magazine websites. The users who visited those infected publication websites are redirected to fake grocery ads page. The malware campaigns mount up
The office of Pennsylvania attorney general Josh Shapiro has reached a settlement with travel websites Orbitz and Expedia following an investigation into a 2018 data breach. The cybersecurity incident, disclosed by Orbitz in March 2018, may have exposed the personal
Thousands of Met Police Get Cyber Training
Thousands of Metropolitan Police officers have attended online training courses to teach them crucial digital policing skills over the past two years, according to newly released information. UK-based cloud hoster Nimbus Hosting submitted Freedom of Information (FOI) requests to the
The City of New Orleans has become the latest major US municipality to suffer a crippling ransomware attack, with a string of public services affected over the weekend. City workers were ordered to unplug their machines on Friday morning after
Fake Payment Page Tricks Rooster Teeth Customers
A US entertainment company has become the latest brand to have its e-commerce store attacked in a data harvesting raid using malicious JavaScript and phishing techniques. Texas-based Rooster Teeth makes podcasts, animated shows and short-form content for distribution, but also
The adware programs will tend to serve unwanted advertisements on your mobile phone and computer. The adware can be included with some apps in a legitimate way to generate revenue. By clicking the ads it directs the users to the
Researchers observed a new crypto-mining malware campaign that uses a process hollowing method and a dropper component to deploy Monero miner on windows installations. Process hollowing is a method to hide the presence of the process by replacing it with
VISA Warning that Hackers Injecting POS Malware in Fuel Dispenser Merchants To Steal Payment Card Data
Visa Payment Fraud Disruption (PFD) observed that hackers attack point-of-sale merchants by injecting POS malware across North American fuel dispenser merchants to steal the cardholder data. Sophisticated hackers groups breach the internal network of the POS Merchants to infect the
A malvertising campaign that involved more than 100 publisher websites targeted iPhone users to deliver the Smart Krampus-3PC Malware. According to The Media Trust’s Digital Security & Operations (DSO) team, iPhone users have been targeted by a malvertising campaign that
WordPress 5.3.1 released with security and maintenance based updates with 46 fixes and enhancements. There are 4 security vulnerabilities fixed in this update that affects WordPress versions 5.3 and earlier. The first one is a privilege escalation vulnerability that allows
Experts discovered tens of flaws in the Siemens SPPA-T3000 control systems that could be exploited to attackfossil and renewable power plants. Siemens informed customers that the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server