It is masquerading as an ESET AV Remover Installer to trick users into downloading it. The new variant is distributed via spam emails. A new variant of Dharma ransomware has been found that uses a new technique to hide its malicious activities. It is masquerading as an ESET AV Remover Installer to trick users into downloading it. How does it ...
Read More »Blog
Latest versions of UC Browser and UC Browser Mini Android apps vulnerable to URL spoofing attacks
These browsers have over 600 million installs across the world. The flaw affects UC Browser 12.11.2.1184 and UC Browser Mini 12.10.1.1192. The latest versions of UC Browser and UC Browser Mini Android apps have been found to be vulnerable to URL spoofing attacks. These browsers have over 600 million installs across the world. What is URL spoofing attack? URL spoofing ...
Read More »Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover
Cisco has patched a critical flaw in its virtualized function automation tool, Cisco Elastic Services Controller. A critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request. Cisco Elastic Services Controller is a virtual network functions manager, which enables businesses to automate the ...
Read More »Physical and Cyber Convergence—At Last?
We have been hearing about the “convergence” of physical and cyber security for years, but even today there are still debates about whether it has happened yet (spoiler alert: it hasn’t). Part of the challenge might be that the word convergence itself can apply to more than one kind of activity – for example, some believe it applies to the ...
Read More »Wyzant suffered a data breach compromising users’ personal information
The compromised information includes names, email addresses, zip codes, and Facebook profile images. However, no passwords or payment details were compromised. What is the issue? Wyzant, an online tutoring marketplace has suffered a data breach compromising users’ personal information. What happened? On April 27, 2019, an unauthorized third-party gained access to Wyzant’s database, which led to the compromise of users’ ...
Read More »Buena Vista Horace Mann student data accidentally shared with BVHM community members
The exposed information includes students’ names, identification numbers, usernames and default passwords for SFUSD systems and tools. The school has requested the students’ parents to educate their children about the importance of securing their passwords. A Buena Vista Horace Mann staff member accidentally shared current and former student data with some of the BVHM community members. This led to BVHM ...
Read More »Cisco patches two critical vulnerabilities that could lead to DoS attacks
The flaws are detected as CVE-2019-1721 and CVE-2019-1694. The flaws impact Cisco’s TelePresence Video Communication Server and ASA 5500-X Series Firewalls. Cisco has released security patches for two high-severity flaws that can allow attackers to launch Denial of Service (DoS) attacks. The flaws are detected as CVE-2019-1721 and CVE-2019-1694. The flaws impact Cisco’s TelePresence Video Communication Server and ASA 5500-X ...
Read More »Attackers delete GitHub, GitLab, and Bitbucket repositories and replace with ransom notes
A GitHub search revealed almost 400 Github repositories that have been targeted in this manner. According to BitcoinAbuse.com, there have been 27 abuse reports and all the abuse reports include the same ransom note. What is the issue? Attackers have targeted GitHub, GitLab, and Bitbucket users by replacing the code and commits from the victims’ Git repositories and leaving a ...
Read More »New ransomware called MegaCortex infects corporate computer networks
It is reported that the attackers spread this ransomware mainly using Windows domain controllers in the victim’s network. Furthermore, the group used a mix of automation tools and manual components in order to deploy the ransomware to a large number of victims. A new ransomware has been discovered this past week. Known as ‘MegaCortex’, the ransomware targeted victims across the ...
Read More »Watertown Daily Times again gets hit with Ryuk ransomware attack
The ransomware spread throughout Johnson Newspaper Corp., infecting servers used for internal sharing of content used to produce newspapers in Watertown, Hudson, and Massena. The ransomware attack also impacted the media firm’s emails server and Internet-based phones. Watertown Daily Times, which was initially targeted with a cyber attack on April 27, 2019, was again targeted with a ransomware infection on ...
Read More »