Sat.Jun 12, 2021

article thumbnail

Security News In Review: REvil Attacks Nuclear Contractor Sol Oriens

Security Boulevard

This week we have good news and bad news. On the one hand, a COO was caught and charged with potentially attacking a rival medical institution. A stolen data marketplace was shut down and bugs were found (all around). However, there has also been an increase in high-profile cyber-attacks. Keep reading to get this week’s top cybernews. The post Security News In Review: REvil Attacks Nuclear Contractor Sol Oriens appeared first on Security Boulevard.

article thumbnail

Intuit notifies customers of hacked TurboTax accounts

Bleeping Computer

Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. [.].

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2021-3560 flaw in polkit auth system service affects most of Linux distros

Security Affairs

An authentication bypass flaw in the polkit auth system service used on most Linux distros can allow to get a root shell. An authentication bypass vulnerability in the polkit auth system service, tracked as CVE-2021-3560 , which is used on most Linux distros can allow an unprivileged attacker to get a root shell. “A flaw was found in polkit. When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a

article thumbnail

Microsoft pushes Windows 10 KB4023057 again to fix update issues

Bleeping Computer

Microsoft is rolling out the KB4023057 update again to all versions of Windows 10 to ensure that devices can successfully install new updates as they are released. [.].

145
145
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

McDonald’s discloses data breach in US, Taiwan and South Korea

Security Affairs

McDonald’s fast-food chain disclosed a data breach, hackers have stolen information belonging to customers and employees from the US, South Korea, and Taiwan. McDonald’s, the world’s largest restaurant chain by revenue, has disclosed a data breach that impacted customers and employees from the US, South Korea, and Taiwan. The hackers compromised the system of the company and have stolen business contact info belonging to US employees and franchises, the company pointed out that

article thumbnail

Audi, Volkswagen data breach affects 3.3 million customers

Bleeping Computer

Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet. [.].

More Trending

article thumbnail

Let the Children’s Day be a Reminder to Make the Internet Safe for All

Security Boulevard

This Children’s Day, Arkose Labs reaffirms its commitment that it will continue to help make the internet safe for our children and youth Children are spending a lot of time online, leading to an increase in screen time. This is a cause of concern not only for their physical and mental health but has also […]. The post Let the Children’s Day be a Reminder to Make the Internet Safe for All appeared first on Security Boulevard.

Internet 110
article thumbnail

COO of Security Vendor Accused of Cyberattack

SecureWorld News

The former cybersecurity sales guy and current Chief Operating Officer of an IoT security company is accused of hacking a customer's devices. And in this case, we're talking about computerized devices inside a hospital. Here is what we know based on the criminal indictment just returned by a grand jury. Third Party Risk: security vendor COO accused of cyberattack.

IoT 98
article thumbnail

How To Drive Value with Security Data – The Full Talk

Security Boulevard

Last week I keynoted LogPoint’s customer conference with a talk about how to extract value from security data. Pretty much every company out there has tried to somehow leverage their log data to manage their infrastructure and protect their assets and information. The solution vendors have initially named the space log management and then security […].

article thumbnail

Codecov ditches Bash Uploader for a NodeJS executable

Bleeping Computer

Codecov has now introduced a new cross-platform uploader meant to replace its former Bash Uploader. The new uploader is available as a static binary executable currently supporting the Windows, Linux, and macOS operating systems. However, some have raised concerns with the new uploader and the many dependencies it contains. [.].

89
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Security BSides Dublin 2021 – Lindsay Kaye’s ‘Egregor Awakens: Taking A Tour Of A Threat Actor’s New Digs’

Security Boulevard

Our thanks to Security BSides Dublin for publishing their outstanding videos on the organization's YouTube channel. Enjoy! Permalink. The post Security BSides Dublin 2021 – Lindsay Kaye’s ‘Egregor Awakens: Taking A Tour Of A Threat Actor’s New Digs’ appeared first on Security Boulevard.

article thumbnail

As Ransomware Demands Boom, Insurance Keeps Paying Out

WIRED Threat Level

While major carriers like AXA have backed away from covering ransoms, don't expect the industry at large to break the vicious cycle.

article thumbnail

Security BSides Dublin 2021 – Caitlin Long’s ‘Hacking The Planet: An Intro To Avionics Security’

Security Boulevard

Our thanks to Security BSides Dublin for publishing their outstanding videos on the organization's YouTube channel. Enjoy! Permalink. The post Security BSides Dublin 2021 – Caitlin Long’s ‘Hacking The Planet: An Intro To Avionics Security’ appeared first on Security Boulevard.

Hacking 71
article thumbnail

What You Should Know About Voilá, the Latest Viral Selfie App

WIRED Threat Level

Before you use it to cartoonify your face, consider the risks to your data.

Risk 101
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

XKCD ‘Product Launch’

Security Boulevard

via the comic delivery system monikered Randall Munroe resident at XKCD ! Permalink. The post XKCD ‘Product Launch’ appeared first on Security Boulevard.

71
article thumbnail

Google Won't Kill the URL After All

WIRED Threat Level

Plus: A Colonial Pipeline update, inside details of the FBI's Anom caper, and more of the week's top security news.

77
article thumbnail

COO of Security Vendor Accused of Cyberattack

SecureWorld News

The former sales guy and current Chief Operating Officer of an IoT cybersecurity company is accused of hacking a customer's devices. And in this case, we're talking about computerized devices inside a hospital. Here is what we know based on the criminal indictment just returned by a U.S. grand jury. Third-party risk: security vendor COO accused of cyberattack.

IoT 52