Database security, Security News
Chinese threat actors extract big data and sell it on the dark web
The stolen data ranges from lottery and stock data to commercial databases of Canadian and U.S. businesses.
About SC Media
Your search for aws/ returned 71 results
Security News
Prioritize updates based on risk, not vendor ratings, experts warn
Security teams might want to take a close look at their own risks for a particular flaw noted Microsoft, despite the decision by the security giant to forgo the “critical" rating.
Patch Management, Security News, Vulnerabilities
Exploit for critical Windows flaw allows access to admin rights
A Windows vulnerability recently patched by Microsoft, registering a CVSS score of 10, could allow attackers instant access to Active Directory. The vulnerability (CVE-2020-1472) subverts Netlogon cryptography, providing a gateway to an enterprise’s internal network for an intruder to gain Domain Admin status with one click, according to a Secura blog post. “This flaw allows…
Firewalls, IPsec VPNs, Security News, Vulnerabilities
Critical VPN vulnerabilities pose danger to OT networks
The VPN approach for remote security may not be as secure as previously believed, new research has found. That’s particularly troubling, which is especially unfortunate given on the work-at-home reality brought on by COVID-19, according to a blog post from Claroty. Remote code execution (RCE) vulnerabilities affecting VPN implementations primarily used to provide remote access…
Network Security, Security News, Vulnerabilities
Adobe fixes 12 critical bugs in second round of July patches
Just one week after issuing its last batch of patches, Adobe Systems has issued additional security updates fixing 13 vulnerabilities, 12 of them critical out-of-bounds read or write flaws that can lead to arbitrary code execution in either Prelude, Photoshop or Bridge. One additional bug of “important” severity was all located in Mobile Reader, for…
Security News
#WatchOut children’s watch vulnerabilities have gotten
More than a year after announcing the #WatchOut vulnerabilities in Gator brand children’s smartwatches, researchers revisited the platform and found even greater vulnerabilities in Gator and other children’s smartwatch manufacturers. While the initial vulnerabilities spotted in October 2017 allowed unauthorized access, remote audio surveillance, location spoofing, and SOS compromise, recent tests conducted by the Pen…
Security News, Vulnerabilities
Children’s smartwatches once again found vulnerable
China-based company MiSafe is once again making headlines with its unsecured products after a pen tester found that its child tracking smartwatches were found to be highly insecure. MiSafe previously made controversy after firm’s Mi-Cam baby monitors were found to be susceptible to unauthenticated access and hijacking of arbitrary baby monitors. Pen Test Partners researchers…
Election Coverage, Government/Defense, Network Security, Security News, States of Security
State of security: Washington
Who’s in Charge: Secretary of State Kim Wyman, Director of Elections Lori Augino In March 2018, Washington State Governor Jay Inslee signed into law House Bill 2406, which aims to improve election security by mandating the adoption of recognized best auditing practices, requiring voting system vendors to disclose data breaches, and authorizing the secretary of state to…
Cloud Security
Social media aggregator LocalBlox leaves 48M records exposed
Social media data aggregation firm LocalBlox left an AWS bucket misconfigured revealing 48 million records gleaned from Facebook and other sites.
Privacy & Compliance
FTC confirms Facebook probe, Common Cause files two complaints against Cambridge Analytica
Zuckerberg's pledge to do better wasn't enough to mollify the FTC, which is investigating whether Facebook violated a 2011 consent decree, which required it to obtain user consent when privacy settings were changed.
Next post in Privacy & Compliance
