Posts From CCME

Mexico’s state-owned petroleum giant Petroleos Mexicanos (Pemex) is insisting all operations are running normally after a suspected ransomware attack, despite reports to the contrary. The firm claimed that operation and production systems remain unaffected and supply of fuel remains guaranteed.

Microsoft released fixes for 75 vulnerabilities during this month’s patch update round, including one zero-day flaw in Internet Explorer. The bug in question, CVE-2019-1429, exists in the way the scripting engine handles objects in memory in the browser, corrupting memory

McAfee patched a Privilege Escalation vulnerability in Microsoft Windows client versions of all McAfee Antivirus versions that allow administrators to execute arbitrary code and escalate to SYSTEM privileges. The system account is the internal account used by the Windows operating

Microsoft released a security update for November 2019 under patch Tuesday and fixed 74 security vulnerabilities that affected various Microsoft products. Out of 74 vulnerabilities, 13 are marked as “Critical” severity, 61 vulnerabilities categorized as “Important” severity. The November security

PortSwigger has launched a free interactive training platform in an attempt to address the global shortage of cybersecurity talent. The makers of Burp Suite cut the ribbon on the new Web Security Academy last month following a soft launch of

Internal passwords belonging to American retailer Orvis were twice leaked online in a double data breach. Credentials belonging to the luxury fishing equipment purveyor were posted on the website Pastebin.com last month, according to investigative reporter Brian Krebs. A swathe

CloudSploit has been acquired by Aqua Security for an undisclosed sum. Aqua Security, the leading platform provider for securing container-based, serverless, and cloud native applications, announced the acquisition of security auditing and monitoring tool CloudSploit today. The American company said

The recently discovered ransomware-as-a-service (RaaS) Buran attempts to gain popularity by offering discounted licenses. In May, researchers from McAfee’s Advanced Threat Research Team discovered a new piece of ransomware named ‘Buran.’ Buran is offered as a RaaS model, but unlike

The UK Labour Party has stated that it has been hit by a “sophisticated and large-scale cyber-attack” on its digital platforms. As report by Sky News, a party spokesperson said that the attack failed to breach any data because of

Researchers uncovered a new ransomware family named “Buran” ransomware that works as a Ransomware-as-a-Service(RaaS) model and actively selling in a well-known Russian forum. Ransomware authors advertising in well known Russian underground forums and the Buran Ransomware compatible with all versions

A new wave of BitPaymer Ransomware attack several MSSP based companies in Spain through compromised websites, and it’s using various other malware interaction before infecting the company network. Before the original BitPaymer ransomware attack takes place, threat actors initially infect

Two new carding bots that pose a threat to e-commerce platforms have been detected at the start of the busiest shopping period of the year. The discovery was made by an eagle-eyed PerimeterX research team, which launched an investigation after

A fine of $1.6m has been meted out to the Texas Health and Human Services Commission for unintentionally exposing the personal health information of thousands of vulnerable people online. The Texan commission inadvertently made the names, addresses, Social Security numbers,

A major US hosting provider has been hit by a serious ransomware attack, impacting hundreds of thousands of customers. SmarterASP.NET claims to operate three ‘world-class’ data centers “delivering the reliability and flexibility necessary to support your mission-critical internet operations.” However,

Researchers discovered nearly 49 malicious Android Adware Apps from Google play store related to games & stylized cameras, and these apps were downloaded by 3 million Android users around the globe. Adware is a trending threat in 2019, especially targeting

This past quarter we observed a new DDoS attack that confirmed our earlier hypothesis regarding attacks through the Memcached protocol. As we surmised, the attackers attempted to use another, rather exotic protocol to amplify DDoS attacks. Experts at Akamai Technologies