Chris Brook – Page 6 – WindowsTechs.com

Threatpost News Wrap, August 4, 2017

Posted on August 4, 2017 by Chris Brook

The news of the week is discussed, including how Marcus Hutchins, aka MalwareTech was arrested in Las Vegas, Alex Stamos’ Black Hat keynote, and this week’s proposed IoT legislation.

Continue reading Threatpost News Wrap, August 4, 2017→

Cisco Fixes DoS, Authentication Bypass Vulnerabilities, OSPF Bug

Posted on August 3, 2017 by Chris Brook

Cisco fixed two high severity vulnerabilities in two products this week that could have let an attacker trigger a denial of service condition or bypass local authentication. Continue reading Cisco Fixes DoS, Authentication Bypass Vulnerabilities, OSPF Bug→

IBM Patches Reflected XSS in Worklight, MobileFirst

Posted on August 2, 2017 by Chris Brook

IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information. Continue reading IBM Patches Reflected XSS in Worklight, MobileFirst→

Breach at Third Party Contractor Affects 18,000 Anthem Members

Posted on August 1, 2017 by Chris Brook

Anthem last week began notifying 18,000 members affected by a data breach unrelated to 2015’s.

Continue reading Breach at Third Party Contractor Affects 18,000 Anthem Members→

Android Banking Trojan Svpeng Adds Keylogger

Posted on July 31, 2017 by Chris Brook

The authors behind the Android banking malware family Svpeng have added a keylogger to a recent strain, giving attackers yet another way to steal sensitive data. Continue reading Android Banking Trojan Svpeng Adds Keylogger→

Threatpost News Wrap, July 14, 2017

Posted on July 14, 2017 by Chris Brook

Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner. Continue reading Threatpost News Wrap, July 14, 2017→

Attackers Using Automated Scans to Takeover WordPress Installs

Posted on July 13, 2017 by Chris Brook

Attackers have been carrying out WPSetup attacks, taking advantage of users who have installed WordPress but not yet configured it. Continue reading Attackers Using Automated Scans to Takeover WordPress Installs→

SAP Patches High-Risk Flaws in SAP POS, Host Agent

Posted on July 12, 2017 by Chris Brook

SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws in SAP POS and SAP Host Agent.

Continue reading SAP Patches High-Risk Flaws in SAP POS, Host Agent→

Vulnerabilities Expose Oracle OAM 10g to Remote Session Hijacking

Posted on July 12, 2017 by Chris Brook

Version 10g of Oracle Access Manager suffers from vulnerabilities that could allow an attacker to hijack sessions. Continue reading Vulnerabilities Expose Oracle OAM 10g to Remote Session Hijacking→

Adobe Fixes Six Vulnerabilities in Flash, Connect with July Update

Posted on July 11, 2017 by Chris Brook

Adobe only fixed six vulnerabilities in two products, making it the company’s smallest security bulletin of the year. Continue reading Adobe Fixes Six Vulnerabilities in Flash, Connect with July Update→