Teri Robinson SC Media
Teri Robinson

Teri Robinson

Executive Editor

Most recent articles by Teri Robinson

Massive Magecart attacks steal personal data from Magento 1 stores

An automated campaign Magecart campaign against 2,000 Magento stores over the weekend compromised the private information of thousands of customers and may very well be the largest attack of its kind since 2015. The hacks were typical Magecart attacks, but since many of the stores victimized had no prior history of security incidents, “this suggests…

What’s really changed three years after Equifax breach?

Are organizations better off today than they were three years ago when a devastating breach at Equifax exposed sensitive customer data and poor security practices in equal measure? The consensus among experts is that companies still have a ways to go. “Unfortunately, not much has changed,” said Greg Foss, senior threat researcher from VMware Carbon…

Attackers could exploit flaws in MAGMI Magento plugin to hijack admin sessions

A duo of vulnerabilities discovered in the MAGMI Magento plugin could result in remote code execution (RCE) on vulnerable sites using Magento. The flaws in the Magento database client used for raw bulk operations on online store models were found by researcher Enguerran Gillier, a member of the Tenable Web Application Security Team, according to…

Apple notarization process, meant to protect, approved Shlayer malware

Apple appears to have inadvertently approved OSX.Shlayer malware as part of the security notarization process it has touted would boost user confidence that the Developer ID-signed software they distribute has the innovative tech giant’s seal of approval. “While it is unclear “what the Shlayer folks did to get their malware notarized,” essentially Apple’s process “allowed…

IBM pays up in tech, settles Weather Channel privacy lawsuit by LA

IBM will pony up $1 million worth of technology to the city of Los Angeles for COVID-19 contact tracing, and The Weather Channel app will change its privacy practices regarding use of user location data. The changes come with the settlement of a lawsuit that accused the app of misleading users as to how their…

Exposed social media profiles give security teams 235 million reasons to worry about ransomware attacks

Security teams should brace for a potential onslaught of ransomware attacks – more troubling as workforces operate remotely during the pandemic – after the public-facing profiles of 235 million TikTok, Instagram and YouTube users were exposed through a misconfigured database. “Since everybody is working remotely, those phishing attacks can compromise a personal device, which then…

electric power

A2V teams with utilities to secure supply chain

Utilities are gearing up to meet the security requirements laid out in the Critical Infrastructure Protection (CIP) Security Compliance Standards: NERC Critical Infrastructure (NERC-CIP) standards and waiting to see how a presidential executive order, also designed at securing bulk power systems (BPS), shakes out. That’s created an opportunity for the Asset to Vendor Network Power…

Next post in Security News