The alleged operator of a website that sold payment card numbers stolen from hacked entities was hauled into a Virginia federal courtroom yesterday after Israel extradited the defendant, despite reported efforts by Russia to prevent the prisoner from reaching American soil. Russian national Aleksei Burkov, 29, is accused of running Cardplanet, which offered visitors the…
The claim made by the Mexican state-owned petroleum corporation Pemex that it had recovered from a Nov. 10 cyberattack was met with some skepticism, as published reports indicate the attack may be still affecting the company. Pemex stated it had suffered a cyberattack that impacted about five percent of its computer equipment, but managed to…
A day before House impeachment hearings drew President Trump’s Ukraine policies into the spotlight, prosecutors in the Roger Stone trial ended their case with testimony from former Trump Deputy Campaign Manager and convicted felon Rick Gates, who said that Stone served as a liaison between WikiLeaks and the campaign regarding hacked DNC emails, with the…
VMware pushed out security updates covering five vulnerabilities that if exploited could lead to information disclosure or a denial of service situation. The important-rated vulnerabilities are CVE-2019-5540, CVE-2019-5541 and CVE-2019-5542 and impact VMware Workstation Pro / Player and VMware Fusion Pro/Fusion. CVE-2019-5541 covers an out-of-bounds write vulnerability in e1000e virtual network adapter that could lead…
A bug in the latest version of iOS opens iPhone cameras as users peruse their Facebook feeds, letting the social media giant access the cameras. “We have seen no evidence of photos or videos being uploaded due to this bug,” a spokesman told the Guardian, confirming that glitch would let the Facebook app “navigate to…
Intel joined the Patch Tuesday crowd with a platform update that covered 77 vulnerabilities, two of which were rated critical. The chip maker noted the security updates in a new blog the company said it will use to disseminate security updates, bug bounty topics, new security research, and engagement activities within the security research community.…
Google and health care provider organization Ascension have publicly confirmed a recent report that the two companies have embarked on a massive initiative to aggregate the data of roughly 50 million patients and store it on the cloud. The companies say it will improve patient care and administration, but the strategy has also sparked concern…
Microsoft today issued updates covering 74 vulnerabilities, 13 critical, as part of its November Patch Tuesday roll out with two flaws, CVE-2019-1429 and CVE-2019-1457, catching the eye of several cybersecurity researchers as particularly important. CVE-2019-1429 is a scripting engine memory corruption vulnerability that has been exploited in the wild as a zero day. When exploited…
The average ransom payment paid out by victims increased 13 percent, to $41,000, during the last three months, but researchers noted the rate of increase has plateaued. Researchers at Coveware credited the victims with being better prepared to restore their data on their own negating the need to pay the ransom. However, that was not…
The U.K. Labour Party’s digital platforms have been the target of distributed denial of service attack activity since yesterday, impeding access to the political body’s main website. The initial wave of DDoS attacks took place on Nov. 11. Multiple news reports today quoted a Labour Party spokesperson as saying that the barrage of fake traffic…
