UK NHS Database Exposes Over 1 Million Patient Records During the past week, a breach was discovered in patient booking system SwiftQueue, which is widely used by several National Health Service (NHS) facilities. The database may have contained patient information for up to 1.2 million UK citizens, though the actual data has yet to… Continue reading Cyber News Rundown: Edition 8/25/17
Author: admin
PoS Flaws Allow Hackers to Steal Card Data, Change Prices
By Eduard Kovacs on August 25, 2017 Point-of-sale (PoS) systems developed by SAP and other vendors have serious vulnerabilities that can be exploited by hackers to steal payment card data from the targeted organization’s network and change the price of items they want to purchase. Researchers at ERPScan discovered that SAP’s POS product,… Continue reading PoS Flaws Allow Hackers to Steal Card Data, Change Prices
Researcher Releases Fully Working Exploit Code for iOS Kernel Vulnerability
August 24th, 2017 By Catalin Cimpanu Adam Donenfeld, a researcher with mobile security firm Zimperium, has published today proof-of-concept code for zIVA — a kernel exploit that affects iOS 10.3.1 and previous versions. The zIVA exploit code allows an attacker to gain arbitrary RW (Read Write) and root access. Apple patched flaws… Continue reading Researcher Releases Fully Working Exploit Code for iOS Kernel Vulnerability
DreamHost smashed in DDoS attack: Who’s to blame? Take a guess…
See Also – Government Demands 1.3 Million IP Addresses of Anti-Trump Website Visitors Is it the alt-right or anti-fascists? Most likely the latter By Iain Thomson in San Francisco 24 Aug 2017 Web hosting biz DreamHost has been largely crippled today by a distributed denial of service attack, bringing down most… Continue reading DreamHost smashed in DDoS attack: Who’s to blame? Take a guess…
A blast from the past: Mobile trojans abusing WAP-billing services
Fraudsters now piggybacking on 2.5G mobile tech By John Leyden 24 Aug 2017 mikeledray/Shutterstock Crooks slinging mobile trojans have reverted to old techniques by stealing users’ money through WAP-billing services. The “unusual” rise in mobile trojan clickers that steal money from Android users through Wireless Application Protocol (WAP) billing has been tracked… Continue reading A blast from the past: Mobile trojans abusing WAP-billing services
Google Chrome 60.0.3112.113 Stable
Google Chrome 60.0.3112.113 Stable https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop_24.html x86http://redirector.gvt1.com/edgedl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://redirector.gvt1.com/edgedl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://dl.google.com/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://dl.google.com/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://www.google.com/dl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://www.google.com/dl/release2/chrome/JAVJecIqSDQ_60.0.3112.113/60.0.3112.113_chrome_installer.exe x64http://redirector.gvt1.com/edgedl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://redirector.gvt1.com/edgedl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://dl.google.com/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://dl.google.com/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttp://www.google.com/dl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exehttps://www.google.com/dl/release2/chrome/AJmouZ7liMR8_60.0.3112.113/60.0.3112.113_chrome_installer.exe Google Chrome Enterprise x86https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=win32msi x64https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=win64msi MAC https://enterprise.google.com/chrome/chrome-browser/thankyou.html?platform=mac Linux https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.debhttps://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm Take a look at the best antivirus, anti-malware, anti-spy, etc. software Powered by WPeMatico
Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root
August 24th, 2017 by Michael Mimoso A deprecated Apple authorization API, invoked by third-party installers, is still developers’ preferred choice for updating apps and services on macOS. And that’s a problem because of a massive security issue that could be abused by a local attacker to elevate privileges to root with a little… Continue reading Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root
VoIP bods Fuze defuse triple whammy of portal security vulnerabilities
Security researchers using the service found a bunch of flaws By John Leyden 23 Aug 2017 Messaging provider Fuze has resolved a trio of vulnerabilities in its TPN Handset Portal. The access controls and authentication flaws, discovered by security tools firm Rapid7, created a means for hackers to obtain personal data about… Continue reading VoIP bods Fuze defuse triple whammy of portal security vulnerabilities
Business Email Compromise Campaign Harvesting Credentials in Numerous Industries
August 23rd, 2017 by Michael Mimoso A business email compromise campaign emanating out of Western Africa is targeting companies in a wide swathe of industries, bucking a trend of these scams focusing on wire fraud and targeting CEOs. The criminals are using phishing emails with links redirecting victims to sites designed to harvest… Continue reading Business Email Compromise Campaign Harvesting Credentials in Numerous Industries
Microsoft Security Update Minor Revisions Issued: August 23, 2017
—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 ******************************************************************** Title: Microsoft Security Update Minor Revisions Issued: August 23, 2017 ******************************************************************** Summary ======= The following CVEs and Microsoft security bulletin have undergone a minor revision increment * CVE-2016-7292 * CVE-2017-0167 * MS16-149 Revision Information: ===================== CVE-2016-7292 – Title: CVE-2016-7292 | Windows… Continue reading Microsoft Security Update Minor Revisions Issued: August 23, 2017