Author Archives: Lucian Constantin

Equifax’s Servers Reportedly Had Glaring Holes Long Before Data Breach

Posted on by

Equifax reportedly took six months to take down a publicly exposed web application that could have allowed anyone on the internet to search and download sensitive personal consumer data. VICE Motherboard reported Thursday that an unnamed security researcher alerted Equifax about the exposed application in December 2016, but the company didn’t take steps to secure..

The post Equifax’s Servers Reportedly Had Glaring Holes Long Before Data Breach appeared first on Security Boulevard.

Continue reading Equifax’s Servers Reportedly Had Glaring Holes Long Before Data Breach

Bad Rabbit Ransomware Highlights Perils of Poor Network Management

Posted on by

Companies in Russia and Eastern Europe have been battling a new ransomware outbreak since Tuesday that security researchers have dubbed Bad Rabbit. The malware can spread to Windows systems over local networks by using weak or stolen credentials for SM… Continue reading Bad Rabbit Ransomware Highlights Perils of Poor Network Management

PRNG Weakness Reflects Poorly on Government Crypto Certification

Posted on by

Security researchers discovered that the pseudorandom number generator that underpins cryptographic operations in Fortinet appliances and products from other 11 other vendors rendered encrypted traffic vulnerable to snooping for years. The affected pro… Continue reading PRNG Weakness Reflects Poorly on Government Crypto Certification

Supply Chain Attack Hits Maker of Popular MacOS Apps

Posted on by

Eltima Software, a maker of popular applications for macOS, had its website compromised by hackers who replaced the installers for two of its applications with trojanized versions. This is the latest in a string of software supply chain attacks that ha… Continue reading Supply Chain Attack Hits Maker of Popular MacOS Apps

Three Thirds of Enterprise Applications Have at Least One Vulnerability

Posted on by

Security firm Veracode has released its annual report on the state of software security and it paints a bleak picture: 77 percent of enterprise applications assessed for the first time had at least one vulnerability and 88 percent of Java applications had at least one vulnerability inherited from a third-party open source component. The report’s..

The post Three Thirds of Enterprise Applications Have at Least One Vulnerability appeared first on Security Boulevard.

Continue reading Three Thirds of Enterprise Applications Have at Least One Vulnerability

Adobe Fixes Critical Flash Player Vulnerability Exploited in the Wild

Posted on by

Adobe Systems released an emergency patch for a critical vulnerability in Flash Player that was being exploited in the wild through Microsoft Word documents to infect computers with a known surveillance tool. The vulnerability, tracked as CVE-2017-1129… Continue reading Adobe Fixes Critical Flash Player Vulnerability Exploited in the Wild

Dangerous KRACKs in Wi-Fi Security Puts Most Devices at Risk

Posted on by

WPA2, the most widely used Wi-Fi security standard, has a number of flaws that could allow hackers to snoop on users’ internet traffic or, worse, to inject malware into it. The vulnerabilities are in the protocol itself, more precisely in the four-way handshake between clients and access points. It allows attackers to mount an evil..

The post Dangerous KRACKs in Wi-Fi Security Puts Most Devices at Risk appeared first on Security Boulevard.

Continue reading Dangerous KRACKs in Wi-Fi Security Puts Most Devices at Risk

Hyatt Hotels hit with credit card breach in 11 Countries

Posted on by

Hyatt Hotels Corporation is warning customers that hackers gained access to payment card information at 41 hotels managed by the company in 11 countries. This is the second credit card breach suffered by the company in the past two years. The new incid… Continue reading Hyatt Hotels hit with credit card breach in 11 Countries