Posts From CCME
IT Decision-Makers Willing to Share Threat Intel
The sharing mentality is starting to take hold across the cybersecurity industry, with the vast majority of security decision-makers confessing that they would be willing to share threat intelligence, according to a new publication by IronNet. The report, Collective Offense
Google discloses security bug that affects Bluetooth Low Energy (BLE) version of the Titan Security Keys, non-Bluetooth security keys are not affected. For the affected users, as an immediate measure, Google offering free replacement key. To check if you are
Customers of Boost Mobile are being urged to change their passwords and PINs after the company announced that it detected unauthorized activity from a third party. “On March 14, 2019, Boost.com experienced unauthorized online account activity in which an unauthorized
Speculators Look to ID AVs Hacked by Russia
Last week Infosecurity Magazine reported on threat intelligence published by Advanced Intelligence (AdvIntel) claiming that three US antivirus companies had been hacked by a top-tier Russian hacking collective. While the original research did not identify the impacted companies, both Gizmodo
Over 460,000 E-Retailer User Accounts Hacked
Fast Retailing Co., Asia’s largest retailer, released a statement acknowledging that hackers likely gained access to the personal information of nearly half a million Uniqlo and GU brand e-commerce portal users. “It was confirmed on May 10, 2019 that an
Twitter confirmed revealed that a bug in its iOS app it the root cause for an inadvertent collection of location data and sharing it with a third-party. A new story of a violation of the user’s privacy made the lines,
Hospitals Failing on Cybersecurity Hygiene
Healthcare organizations (HCOs) are increasingly at risk from legacy operating systems, device complexity and the use of commonly exploited protocols, according to a new study from Forescout. The security vendor analyzed 75 global healthcare deployments running over 1.5 million devices
Wormable Bug Could Enable Another WannaCry
Microsoft released fixes for 79 unique vulnerabilities yesterday, including 22 critical bugs — one of which could be used to spread malware around the globe. Microsoft detailed the potential impact of CVE-2019-0708 in a separate blog post on Tuesday. This
Researchers have discovered a major new set of vulnerabilities in nearly all post-2011 Intel chips which could enable side-channel attacks targeting sensitive information. ZombieLoad is reminiscent of Spectre and Meltdown bugs reported in January 2018 in that it affects not
Security researchers a new malware campaign that delivers Plead malware by abusing legitimate software that developed by ASUS Cloud Corporation. The PLEAD malware found to be active since 2012, and the executables are signed with the stolen certificate. The new
Millions of computers powered by Intel processors are affected by a new class of vulnerabilities (MDS) that can leak potentially sensitive data. Researchers from multiple universities and security firms discovered a new class of speculative execution side-channel vulnerabilities that could
Adobe Released Security Updates for 87 Vulnerabilities with Media Encoder, Flash, Adobe Acrobat and Reader
Adobe released security updates for May that includes the fix for 87 vulnerabilities with Media Encoder, Flash Player and Adobe Reader. Successful exploitation of the vulnerability allows an attacker to run arbitrary code in the context of the current user.
Thrangrycat – Flaws in Millions of Cisco Devices Let Hackers Remotely Bypass Cisco Device Security Future
Two critical vulnerabilities named as Thrangrycat affected millions of Cisco products that deployed in private and government entities allow hackers to bypass Cisco’s secure boot mechanism called Trust Anchor module (TAm). Cisco Trust Anchor module (TAm) proprietary hardware security module
The North Korea-linked APT group ScarCruft (aka APT37 and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. North Korea-linked APT group ScarCruft (aka APT37, Reaper, and Group123) continues to expand its arsenal by adding a Bluetooth Harvester.
Equifax Has Spent Nearly $1.4bn on Breach Costs
Equifax has incurred losses so far of over $1.35bn from a devastating 2017 breach which affected more than half of all Americans and millions of UK consumers, the firm revealed in its latest financials. The credit agency claimed in its
WhatsApp Finds and Fixes Targeted Attack Bug
WhatsApp is urging its global users to update their app after fixing a serious remote code execution (RCE) vulnerability which was being exploited in a highly targeted attack, potentially by a nation state. The Facebook-owned mobile comms giant, which has