Vulnerabilities

GandCrab attackers exploit recently patched Confluence vulnerability

If your company uses Confluence, make sure you have the latest available patches for this vulnerability.

What is "reasonable security"? And how to meet the requirement

Privacy regulations such as the GDPR and CCPA require companies to provide "reasonable security" to protect customers' personal information. Here's how you might best achieve that standard.

Cisco warns WLAN controller, 9000 series router and IOS/XE users to patch urgent security holes

Cisco says unpatched vulnerabilities could lead to DoS attacks, arbitrary code execution, take-over of devices.

Cisco Talos details exceptionally dangerous DNS hijacking attack

Cisco Talos says state-sponsored attackers are battering DNS to gain access to sensitive networks and systems.

Security investigator confronts Wipro on breach incident during investors’ call

Cybersecurity investigator Brian Krebs put Wipro in a tough spot by bringing up a critical data breach in the midst of a quarterly earnings call. Wipro called the incident a zero-day attack and has employed a forensic investigator to probe the incident.

Over 7.8 crore of Aadhaar data could be stolen: UIDAI acknowledges breach

The comprised digital records include Aadhaar number, Aadhaar enrolment ID, name, guardian’s name, address and contact details. 

Your Outlook may be hacked; Microsoft confirms breach

Around late Friday evening, Microsoft announced a data breach that resulted from a Microsoft technical support agent’s credentials being compromised.

2FA and telco vulnerability allows criminals to hack email accounts, reveals security researcher

When you forget your Gmail password, and have two factor authentication (2FA) enabled, Google will SMS or call you with a six to eight digit code. You enter the code (Google calls this 2-step verification) and gain access to your account.

Cyber espionage shows no signs of slowing down: Michael Sentonas, CrowdStrike

The bears, pandas, kittens and chollimas are out in the open, and the military top-brass is apprehensive. Michael Sentonas, VP of Technology Strategy at CrowdStrike, gives us a dekko at the cyber espionage threat landscape.

The 6 biggest ransomware attacks of the last 5 years

The biggest ransomware attacks illustrate how this particularly nasty genre of attack software has grown from a curiosity and an annoyance to a major crisis.

What is a honeypot? A trap for catching hackers in the act

A honeypot is a system designed to lure hackers into revealing their origins and techniques, and they're used by security researchers and corporate IT alike.

Toyota reports yet another data breach; 3.1 million customer accounts exposed

Japanese automaker, Toyota, announced on Saturday that a data breach resulted in the data of 3.1 million customers being compromised. This is in fact the second data breach the company faced in the last five weeks.