article thumbnail

2018 Retrospective

Troy Hunt

Here's my 2018 highlights, starting with travel: Travel "Oh yeah, I'm totally gonna travel less this year" - me every single year In reality, my travel ended up looking like this: That's the same number as last year, 4 more days and another 8,000km. Probably with my 2018 events page which lists everything I did of a public nature.

Passwords 203
article thumbnail

Patch Tuesday, December 2018 Edition

Krebs on Security

Microsoft patched a zero-day flaw that is already being exploited ( CVE-2018-8611 ) and allows an attacker to elevate their privileges on a host system. Similarly, CVE-2018-8628 is flaw in all supported versions of PowerPoint which is also likely to be used by attackers. Ghacks writeup on December 2018 Patch Tuesday.

Malware 172
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Zales.com Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018

Krebs on Security

In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure.

Scams 242
article thumbnail

Patch Tuesday, October 2018 Edition

Krebs on Security

The zero-day bug — CVE-2018-8453 — affects Windows versions 7, 8.1, Another vulnerability patched on Tuesday — CVE-2018-8423 — was publicly disclosed last month along with sample exploit code. 10 and Server 2008, 2012, 2016 and 2019.

Software 189
article thumbnail

Patch Tuesday, November 2018 Edition

Krebs on Security

This week’s patch batch addresses two flaws of particular urgency: One is a zero-day vulnerability ( CVE-2018-8589 ) that is already being exploited to compromise Windows 7 and Server 2008 systems.

article thumbnail

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Hacking 138
article thumbnail

Patch Tuesday, September 2018 Edition

Krebs on Security

The zero-day flaw, CVE-2018-8440 , affects Microsoft operating systems from Windows 7 through Windows 10 and allows a program launched by a restricted Windows user to gain more powerful administrative access on the system. The sole non-Microsoft update pushed by Redmond today fixes a single vulnerability in Adobe Flash Player, CVE-2018-15967.

Internet 120