Vulnerability

You listen to the shared security podcast and discover the confidence you place in people, applications and technology… with your host, Tom Eston. Facebook announces new off-Facebook privacy controls, how Apple made everybody’s iOS system vulnerable and details of the massive MoviePass data breach in episode 83 of August 26, 2019. This week I read

Small organizations still face a long list of threats to security. These threats and vulnerabilities should take precedence. Increasingly, cyber criminals are targeting smaller organisations. This makes small and medium-sized enterprises (SMBs) hard to find. They are also working with smaller budgets and staff constraints in the face of a long list of cyber threats,

Banks have begun to warn customers of a new PayID data breach, which was reported late Friday to the NPP Australia new payment platform supervision. NPP Australia said that an unrevealed number of PayID records “and associated data in the Addressing Service were exposed by a vulnerability in one of the financial institutions sponsored into

The indoor security device was vulnerable to user privacy bugs. The indoor camera of Google Nest Cam IQ contained a wealth of security vulnerabilities that could be used to hide or disrupt the device. Lilith Wyatt and Claudio Bozzato from the Cisco Talos research team said on Monday that a number of major vulnerabilities existed in

As a professional services consultant, I am pleased to meet customers around the world and talk to a wide range of IT security experts who are at the forefront of malware defence. One of my favorite topics is how people have started their IT careers, but I am frequently surprised by the number of people

Work efficiency cannot be improved without an internal/external network environment these days; successful organizations are all data-driven entities. However, while the Internet comes with convenience, there is a risk of leaking personal information. There are various causes of identity theft, but one is sophisticated of malware such as targeted attack emails. Targeted attack emails are

Who can ever forget of Avaya phones and its near-monopoly of the corporate communication equipment market for Fortune 100 companies pre-Skype? As software VOIP solutions matured, companies are slowly but surely migrating away from hardware-based VOIP phones, including Avaya. For the last 10 years that Avaya ruled the offices, it harbored a remote code execution

Security researchers from Gemini Advisory, a cyber threat intelligence firm, disclosed a huge sale campaign for credit/debit cards in hacker forums belonging to South Korean cardholders. The first batch of stolen card credentials was numbered to 890,000, while the second batch reached 230,000 units, all in all, the number of cards “for sale” in the

CERT-Bund has issued a critical advisory regarding an alleged persistent vulnerability in all versions of VLC Player from version 3.0.7.1 and older. VLC Player is a very popular cross platform open source media player with versions available in Windows, Linux, MacOS, iOS, Android and Unix. The bug has something to do with buffer over-read, connected

Records show that K12.com, a web-based educational firm has suffered a massive 7-million student records breach due to an insecure version of MongoDB database server. Bob Dianchenko a security researcher at Comparitech has witnessed student data from K12.com was made public on June 25, 2019. According to his discovery, it took K12.com more than a