Doug Olenick SC Media | Page 4 of 188

Doug Olenick

Online Editor

Most recent articles by Doug Olenick

Microsoft SharePoint vulnerability spotted in the wild

The Saudi and Canadian Cyber Security Centres have issued reports on a vulnerability in Microsoft’s SharePoint that is being exploited in the wild. The vulnerability, CVE-2019-0604, has been patched by Microsoft, but if exploited can give an attacker the ability to execute commands and download and upload files, reported AT&T Alien Labs. The malware involved…

No, VPNs Aren’t Dead — They’re More Essential Than Ever

A few weeks ago, a particular SC Media Executive Insight claimed it’s time to say good-bye to VPNs. Among other things, the writer claimed that application access was more effective, and that zero trust architecture is an essential ‘alternate model’ for access. While I agree with Mr. Sullivan that application access and zero trust architecture…

Wolters Kluwer still down from May 6 cyberattack

The information services firm Wolters Kluwer has been battling to recover from a cyberattack that forced the company to shut down many of its tax and accounting software applications, which is causing issues for those using the affected products. The company, a global provider of professional information, software solutions, and services for clinicians, nurses, accountants,…

Cisco patches critical vulnerability in Cisco Elastic Services Controller

Cisco released a security advisory for a bypass a critical vulnerability in its REST API of Cisco Elastic Services Controller. The flaw, CVE-2019-1867, could allow an unauthenticated, remote attacker to bypass authentication on the REST API, the company reported. The problem is caused by an improper validation of API requests that can be exploited with…

Big Data experts are in demand

Canada’s Freedom Mobile Elasticsearch database exposed

Researchers are claiming to have found an open Elasticsearch database containing 5 million records related 10 1.5 million Freedom Mobile customers — figures disputed by the telecommunications company. Noam Rotem and Ran Locar from vpnMentor said they came across the database on April 17 and attempted to contact Freedom Mobile on April 18 and 23…

matrix

MegaCortex ransomware attacks spike

A spike in activity surrounding the relatively new ransomware MegaCortex was detected on May 1 hitting North America and several European nations. MegaCortex, a take on Metacortex from The Matrix, first surfaced in late January when it was uploaded to VirusTotal from the Czech Republic. Since February there have been 76 confirmed attacks using the…

Federal bill to curtail CBP PII reveals, Illinois tackles digital assistant eavesdropping

A bipartisan group of Senators plan to introduce a bill that would stop U.S. Customs and Border Protection (CBP) from selling the PII of citizens who move out of the country. The bill, sponsored by Senators Steve Daines, R-Mont., and Gary Peters, D-Mich., addresses a loophole that allows CBP to sell certain pieces of personal…

Next post in Privacy & Compliance News and Analysis