Optionsbleed: Heartbleed’s Less Threatening Cousin
Heartbleed is a vulnerability with a feature in OpenSSL, a software application used to establish secure communications over computer networks, known as heartbeat in 2014. This vulnerability ...
On 18 August 2017, President Trump announced that the United Stated Cyber Command will be elevated to Unified Combatant Command status. Read the official White House statement. Source: The ...
ICS Alerts and Advisories for Week of September 22, 2017
ICS-CERT Advisories: ICSA-17-264-01 : Schneider Electric InduSoft Web Studio, InTouch Machine Edition ICSA-17-264-02 : Ctek, Inc. SkyRouter ICSA-17-264-03 : Digium Asterisk GUI ...
ICS Summary for Week of September 22, 2017
SCADA Webserver Found Lacking Proper Authentication A SCADA webserver made by Swiss-based company, iniNet Solutions GmbH, was found to have a critical vulnerability that may allow a malicious ...
Weekly Executive Summary for Week September 22, 2017
What is it? Supply-Chain Malware What has been affected? CCleaner v5.33.6162 | CCleaner Cloud v1.07.3191 (32-bit version) | 1 What does it do? CCleaner is an application that allows users to ...
Thousands of ElasticSearch Servers Compromised
Researchers at the Kromtech Security Center have found around 15,000 unsecure Elasticsearch servers with more than 4,000 of those hosting point-of-sale (POS) malware. Among these 4,000 servers, 99% ...
Microsoft .NET and Android Toast Vulnerabilities Patched
Microsoft and Android have recently pushed out updates during this month's Patch Tuesday for their known vulnerabilities on September 12 and September 5, respectively. Both of these operating ...
Equifax Suffers Monumental Data Breach
Equifax, one of the three largest credit agencies in America, has suffered one of the largest data breaches in history, exposing around 143 million people’s personal information. Ironically enough, ...
Weekly Executive Summary for Week September 15, 2017
What is it? Botnet What has it been dubbed? Mirai What does it do? The malware was designed to infect vulnerable IoT devices, which would later be used to launch enormous DDoS attacks. ...
Equifax Megabreach Update: How, who, and more
Last week, we reported that the major credit reporting company Equifax announced a massive data breach affecting up to 143 million US customers last week on 7 September, but the developing story over ...