Subterms
Image: RiskSense A study that analyzed all the vulnerability disclosures between 2010 and 2019 found that around 55% of all the security bugs that have been weaponized and exploited in the wild were for two major application frameworks, namely WordPress and Apache Struts. The Drupal content management system ranked third, followed by Ruby on Rails […] More
Last October, Microsoft won the $10 billion US Department of Defense (DoD) Joint Enterprise Defense Infrastructure (JEDI) contract. The 10-year agreement is part of a larger Pentagon initiative to modernize and unify its IT infrastructure, most of which still exists on technology from the 1980s and 1990s. The Microsoft decision came as a massive shock since many […] More
An open database is the source of a data leak leading to the exposure of 425GB in sensitive documents belonging to financial companies. On Tuesday, vpnMentor researchers led by Noam Rotem said the database appears to be connected to MCA Wizard, a now-defunct app that appears to have been developed by Advantage Capital Funding and […] More
Over the last month, the US and Canadian governments have each announced sweeping travel restrictions amid the novel COVID-19 outbreak. The US Department of State has advised all US citizens to reconsider travel abroad, while travel bans are in place for foreign nationals arriving from China, the UK, Ireland, and Europe. The Canadian government has […] More
Google has been accused of breaching one of the General Data Protection Regulation’s (GDPR) principles surrounding consent that requires companies to provide a specific purpose for collecting and processing user personal data. In a complaint [PDF] filed to the Irish Data Protection Commission (DPC), Chromium-based browser Brave alleges that Google’s privacy policy infringes the […] More
ZDNet has all the latest news on the intersection of cybersecurity and the COVID-19 pandemic. How cyber criminals are trying to exploit coronavirus fears Hackers are trying to take advantage of the COVID-19 outbreak to deliver malware, steal bank details and more — but there are ways to stay safe from these attacks. HHS targeted […] More
The vast majority of ransomware attacks targeting the enterprise sector occur outside normal working hours, during the night or over the weekend. According to a report published today by US cyber-security FireEye, 76% of all ransomware infections in the enterprise sector occur outside working hours, with 49% taking place during nighttime over the weekdays, and […] More
Intel processors are vulnerable to a new attack that can leak data from the CPU’s internal memory — also known as the cache. The attack, described as “Snoop-assisted L1 Data Sampling,” or just Snoop (CVE-2020-0550), has been discovered by Pawel Wieczorkiewicz, a software engineer at Amazon Web Services (AWS). Wieczorkiewicz reported the issue to Intel, […] More
