article thumbnail

National Security Risks of Late-Stage Capitalism

Schneier on Security

The company outsourced much of its software engineering to cheaper programmers overseas, even though that typically increases the risk of security vulnerabilities. For a while, in 2019, the update server’s password for SolarWinds’s network management software was reported to be “solarwinds123.”

Risk 363
article thumbnail

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. Fortunately, there are ways to address the risks.

Software 264
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Windows 7 End of Life Presents Hacking Risk, FBI Warns

Adam Levin

The FBI warned in a private industry notification published August 3 that companies and organizations still using Windows 7 are at risk. According to the FBI notification, continued use of the platform “creates the risk of criminal exploitation.”. Windows 7 users represented 98% of infected systems.

Risk 220
article thumbnail

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

CVE-2019-16278 – is a directory traversal issue in the function http_verify in nostromo nhttpd through 1.9.6 Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.” Versions up to 2.3.6 and unpatched 2.3.7 are affected, with active exploitation reported in October 2024 by PSAUX.

Firewall 127
article thumbnail

Credit Reporting Companies Put Customer Data at Risk

Adam Levin

TransUnion, 2019: The credit reporting bureau reported the data compromise of 37,000 Canadians, however the nature and content of that compromise are not clear. . The post Credit Reporting Companies Put Customer Data at Risk appeared first on Adam Levin.

Risk 218
article thumbnail

First American Financial Pays Farcical $500K Fine

Krebs on Security

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. “The [employee] did not request a waiver or risk acceptance from the CISO.” ” Rasch said First American’s first problem was labeling the weakness as a medium risk. This week, the U.S.

Insurance 333
article thumbnail

Patch Tuesday, Good Riddance 2020 Edition

Krebs on Security

Additionally, Microsoft released an advisory on how to minimize the risk from a DNS spoofing weakness in Windows Server 2008 through 2019. These vulnerabilities affect Microsoft Excel 2013 through 2019, Microsoft 365 32 and 64 bit versions, Microsoft Office 2019 32 and 64 bit versions, and Microsoft Excel for Mac 2019.”

DNS 345