This is a very serious leak as VPN (Virtual Private Network) username and passwords could undoubtedly allow the bad actors to access a network to perform all manner of activities including stealing date (data exfiltration), install hidden malware or perform ransomware attacks to extort money. Although the exploit relates to an already patched loop-whole, you should
The white is pushing companies to adopt defensive measure after an unrepresented rise in ransomware attacks so far this year and in April and May in particular. “The bluntly worded open letter followed a string of escalating ransomware attacks that stopped gasoline and jet fuel from flowing up the East Coast and closed off beef
Microsoft has released an out-of-band security update for a serious and actively used number of exploits on Microsoft Exchange. They named it Hafnium. The following versions of Exchange Server are affected: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 Is this attack connected to the SolarWinds attack?Microsoft has said that it has seen “no
FireEye, a well known cyber security firm has been hacked. The company’s CEO Kevin Mandia has released a statement in a blog post on Tuesday. There is a lot to be known but as the New York Times reported their tools of trade have been taken. These are so called Red Team tools and are used
Late last year Travelex, the currency exchange company suffered a major disruption in its operation after a ransomware attack. I wrote about this story at the time. It now appears a settlement has been reached with the bad actors. A report by The Wall Street Journal suggests that Travelex paid the ransom, to the tune
Yes there has been yet another huge data breach. This time it is Capital One which according to Wikipedia “is a bank holding company specializing in credit cards, auto loans, banking and savings accounts headquartered in McLean, Virginia.” According to their statement posted on their website the person in question has been arrested. Rich Mogull
Security is a jigsaw. It has a lot of pieces (network security, email security, endpoint security etc) but to have the perfect fit, you have to align them correctly. You cannot replace a piece with a different piece even if you have more than one piece! If you are missing a piece you will always
A popular software developed by a subsidiary of Avast were infiltrated. An unknown entity maliciously hid malware in the form of backdoor in Piriform CCleaner, a widely used cleaning utility. Piriform was acquired by Avast back in July 2017. This is the type of application used for those who are more tech-savvy to clean debris
