Doug Olenick SC Media | Page 3 of 240

Doug Olenick

Online Editor

Most recent articles by Doug Olenick

Aussie P&N bank suffers data breach

The Australian P&N Bank reported a data breach that exposed detailed and sensitive financial information on an unspecified number of customers. Access was gained on December 12 to the bank’s customer relationship management system, which is operated by a third-party hosting firm, was undergoing an upgrade. Details on how it was accessed were not revealed,…

PlanetDrugsDirect breached, PHI and payment info exposed.

The Canadian online pharmacy PlanetDrugsDirect is notifying customers of a data breach that exposed both payment and personal health insurance. In an email obtained by Bleeping Computer the bargain online retailer said exposed data could include name, address, email, phone number, medical information (including prescription) along with payment card data. The company does not believe…

Army cyber troops

Army (websites) defeated, but for the greater good

Normally the U.S. Army would not tout the success of an attacker, but in the case of Hack the Army 2.0 bug bounty program the service proudly announced 146 vulnerabilities were found. The platoon-sized unit of white hat hackers, 52 individuals, found the valid vulnerabilities while investigating 60 publicly accessible Army websites, including army.mil, .goarmy.mil,…

VMware advisory warns users to patch critical issue in product

VMWare updates Tools fixing race condition

VMWare issued a single security advisory and patch for a vulnerability in its Tools product. The flaw, CVE-2020-3941, affects VMware Tools for Windows version 10.x.y and can be mitigated by updating to version 11.0. The vulnerability, rated as important, is a race condition that can be exploited enabling an unauthorized person from escalating their privileges…

Intel patches six security issues

Intel’s January 2020 security update included six items with one rated high, four medium and one as a low priority. The most important vulnerability is CVE-2019-14613 affecting Intel’s VTune Amplifier for Windows and if left unpatched and exploited can allow escalation of privilege. An update fixing the problem has been posted. The medium CVE-2019-14615 affects…

Adobe rolls out a light Patch Tuesday offering

Adobe’s January Patch Tuesday security update contains five critical patches for Illustrator CC and four non-critical vulnerabilities for Adobe Experience Manager. Two versions of Illustrator CC are covered in this release, 24.0 and 24.0.2 24.0, being impacted by the critical-rated CVE-2020-3710, CVE-2020-3711, CVE-2020-3712, CVE-2020-3713 and CVE-2020-3714.  All are memory code issues and can lead to…

National Security Agency

NSA reveals to Microsoft critical Windows 10 flaw

Microsoft reportedly acted on an NSA warning creating and issuing a secret out-of-band patch to the military and other high-value targets fixing CVE-2020-0601, a vulnerability affecting a core cryptographic component present in all versions of Windows. Published reports stated that the NSA informed Microsoft of the vulnerability and this knowledge enabled Microsoft to quickly fix…

Researchers detail BEC scams

Texas school district phished for $2.3 million

The Manor Independent School District fell victim to an apparent phishing scam to the tune of $2.3 million. Officials for the Texas school system did not release many details other than to say in a January 10 statement posted on Facebook that the incident was caused by a phishing email and that the local police…

Next post in Email Security