Formjacking is a type of cyber attack that can be used by an attacker to steal sensitive information that is entered by website users through forms. Most usually this type of attack targets ecommerce sites to obtain payment card details and personal information that are entered by customers; however, Formjacking attacks can target any website which […]
What are Formjacking attacks ? Read More »
In the eternal arms race between malware creators and security vendors, a novel new tactic has emerged. Trend Micro has recently reported that Windows executables (.EXE files) are being created that target non-windows platforms such as MacOS. Because .EXE files are not supported as an executable on MacOS the built in Gatekeeper protection layer in
Novel application package allows Windows malware to target MacOS and Linux Read More »
The popular Network Attached Storage devices from Taiwanese vendor QNAP are the subject of an active malware attack. QNAP has issued a security advisory warning that the attack is underway and offering an updated version of the QNAP Malware Remover to resolve the issue. The active evidence of the malware includes adding hundreds of entries
Active attack against QNAP NAS devices Read More »
Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allow
Microsoft warns Exchange vulnerable to NTLM relay attacks Read More »
No end of year would be complete without a top ten list and SplashData has just published their 8th Annual Worst Password list. In their announcement, SplashData says: “After evaluating more than 5 million passwords leaked on the Internet, the company found that computer users continue using the same predictable, easily guessable passwords. Using these passwords
2018 Top 25 Worst Passwords Revealed Read More »
Half a billion user accounts stolen over four years On 8th September 2018, Marriott hotels noticed a security alert concerning an attempt to access the Starwood Hotels reservation database which the hotel chain had purchased back in 2016. Recent investigations have revealed that the attackers had access to the Starwood systems and database since 2014,
World’s second largest data breach hits Marriott customers Read More »
A massive security breach in Norway’s Health South-East Regional Health Authority may have exposed the personal health records of 2.9 million people. Covering ten counties, Health South-East RHA is responsible for the health care of 57% of Norway’s population. In 2013, Norway cemented their reputation for excellence in healthcare when they were placed first on
Huge attack on Norway’s health care systems may have exposed half the population Read More »
The global hotel chain Hyatt Hotels informed their customers this week that their credit card details may have been stolen as a direct result of a recent security breach. Chuck Floyd (Global President of Operations for Hyatt Hotels) revealed in a statement that the security breach took place between March 18, 2017 and July 2, 2017
Cardholder Data Stolen in Latest Hyatt Hotels Security Breach Read More »
This week, we saw a new vulnerability surface which affects users of all currently supported Microsoft Office applications. Security researchers at Qihoo 360 Core Security first detected the vulnerability being exploited ‘in-the-wild’ on 28th September, 2017. In a blog post on 10th October, 2017, a representative for Qihoo wrote “The attack only targeted limited customers. The
Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826) Read More »
In this week’s Patch Tuesday update (dated 10th October, 2017), Microsoft have released patch for a vulnerability which affects multiple versions of the Windows operating system and could allow an attacker to execute arbitrary code through specially-crafted DNS responses. The CVE-2017-11779 vulnerability was discovered by Nick Freeman (a security researcher at BishopFox), who identified the
Windows DNSAPI Remote Code Execution Vulnerability (CVE-2017-11779) Read More »