Tag: Web Security

Einstein is in violation of the the HHS 60-day breach notification rule, but unlikely to face penalty. Source link

SQL Server Malware Tied to Iranian Software Firm, Researchers Allege

Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian ...

Google Forms Set Baseline For Widespread BEC Attacks

Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms. Source link

Google Searches Expose Stolen Corporate Credentials

A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments. Source link

Critical Cisco SD-WAN Bugs Allow RCE Attacks

January 20, 2021

Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite. Source link

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms

January 20, 2021

Mystery of spying using popular chat apps uncovered by Google Project Zero researcher. Source link

DNSpooq Flaws Allow DNS Hijacking of Millions of Devices

January 19, 2021

Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution. Source link

SolarWinds Malware Arsenal Widens with Raindrop

January 19, 2021

The post-compromise backdoor installs Cobalt Strike to help attackers more laterally through victim networks. Source link

Medical Device Security: Diagnosis Critical

January 18, 2021