Posts From CCME
Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S. border point have been stolen by hackers. Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at
FTSE 250+ organizations leave an average of 35 servers and devices exposed to the open internet, while 231 have “weak or non-existent” phishing defenses. According to research by Rapid7, many companies in the FTSE 250+ indicate how many and which
The CVE-2019-2725 vulnerability in Oracle WebLogic recently, addressed by the company, is being exploited in cryptojacking attacks, Trend Micro reports. Experts at Trend Micro reported that the recently patched CVE-2019-2725 vulnerability in Oracle WebLogic is being exploited in cryptojacking attacks.
FBI Warns that Hackers use Secure HTTPS Websites to Trick Users and to Steal Sensitive Logins
FBI issued a warning that threat actors use secure HTTPS websites to trick the users and to acquire sensitive login credentials, banking information and other personal details. Internet users tend to believe that if the padlock is present “look for
CVE-2019-12735 – Opening a Specially Crafted File in Vim or Neovim Editor Could Compromise Your Linux System
Bad news for Linux users, a flaw tracked as CVE-2019-12735 allows to hack their systems by tricking them into opening a specially crafted file in Vim or Neovim Editor. Security expert Armin Razmjou has recently found a high-severity vulnerability (CVE-2019-12735)
Data of 1m Users Lost in EmuParadise Breach
Community members have taken to social media to share the news that the accounts of more than 1 million gamers were reportedly leaked after EmuParadise suffered a data breach, according to multiple reports. Some of those impacted by the data
Vectra Raises $100m in Series E Funding
After having experienced 104% growth in annual recurring revenue in 2018 over 2017, Vectra has today announced that it closed a $100 million funding round led by TCV, bringing the company’s total funding to date to more than $200 million,
An intrusion detection system (IDS) is a type of security software designed to automatically alert administrators when someone or something is trying to compromise information system through malicious activities such as DDOS Attacks or through security policy violations. An IDS
Android is the biggest organized base of any mobile platform and developing fast–every day. Besides, Android is rising as the most extended operating system in this viewpoint because of different reasons. However, as far as security, no data related to
Security expert discovered an exposed database belonging to Shanghai Jiao Tong University containing 8.4TB in email metadata. Cloudflare Director of Trust & Safety Justin Paine discovered an unprotected database owned by Shanghai Jiao Tong University that was exposed online. The
Email Header Analysis highly required process to prevent malicious threats since Email is a business critical asset. Altering email header to make the message appear to come from somewhere other than the actual source is a fraudulent email. If the
Retro video game website Emuparadise revealed to have suffered a data breach that exposed 1.1 Million accounts back in April 2018. Emuparadise is a website that offers tons of roms, isos and retro video games, users can download and play
Hackers Exploit Critical Oracle WebLogic Server Vulnerability by Hiding Malware in Certificate Files (.cer)
Hackers abuse Oracle WebLogic Server Vulnerability CVE-2019-2725 to deliver Monero Miner. The vulnerability is easily exploitable, any unauthenticated attacker with HTTP access to the server can attack without authentication. Trend Micro observed a new cryptocurrency-mining activity involving the vulnerability and
UK Taxpayers Overwhelmed with Phishing Scams
HMRC has received over 2.6m reports of phishing attempts over the past three financial years, according to a new Freedom of Information (FOI) request from a think tank. The tax office processed a total of 2,602,528 reports of phishing emails
Microsoft Warns of Campaign Exploiting 2017 Bug
Microsoft has alerted users to a new campaign utilizing a vulnerability which was discovered and patched back in 2017 to download a backdoor Trojan to victim machines. Spam emails have been detected in various European languages carrying malicious RTF attachments
GoldBrute Campaign Brute Forces 1.6m RDP Servers
Researchers have uncovered a large brute forcing campaign targeting upwards of 1.5 million remote desktop protocol (RDP) servers. Renato Marinho, chief research officer at Morphus Labs, revealed the so-called “GoldBrute” campaign is controlled by a single C&C server, with which