The cloud security’s CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts. Imperva today released details about an October 2018 intrusion into a database containing records on customers of its cloud Web application firewall (WAF), formerly known as Incapsula. According to a blog post from
Midwestern U.S. retailer Hy-Vee disclosed investigation findings this week from a data breach announced in mid-August impacting millions of customers utilizing its food and service point-of-sale (PoS) transaction machines. The investigation identified the operation of malware designed to access payment card data from cards used on PoS devices at certain Hy-Vee fuel pumps, drive-thru coffee
The vulnerability, now patched, is the latest in a series of bad news for Facebook. A now-patched Instagram vulnerability could have exposed users’ account data and phone numbers to cyberattackers, parent company Facebook confirmed in a new report from Forbes. The bug was discovered by an Israeli hacker who goes by the handle @ZHacker13. It
A recent blog post explains how the social network is fighting to protect its users from interactions with fake accounts. Fake accounts — those created by bots or malicious actors — are problems for every social network. In a recent blog post, professional community LinkedIn discussed what it has done, and is doing, to fight
The attack involves malware installed on POS systems Checkers Drive-In Restaurants Inc. notified its customers that about 15% of its restaurants in 20 states may have had data exposures possibly starting back into 2015, and some lasting until about mid-April this year. The company operates and franchises nearly 900 restaurants. See Related: “Cyber Attack Takes
Rana targets airline companies and others in well-planned, well-researched attacks, Israel’s ClearSky says. Newly leaked documents purportedly about a hitherto unknown Iranian cyber espionage group called Rana show in some detail the considerable planning and attention that goes into modern advanced persistent threat (APT) operations. For enterprise organizations, the documents — if authentic — provide
The CVE-2019-0859 vulnerability, patched last week, is the latest in a string of Windows local privilege escalation bugs discovered at Kaspersky Lab. Kaspersky Lab researchers today disclosed more details about CVE-2019-0859, one of two Windows zero-day vulnerabilities under active attack when Microsoft issued patches early last week. CVE-2019-0859 and CVE-2019-0803 are elevation of privilege bugs.
The vulnerabilities could be remotely exploited and give attackers control over affected systems. The CERT Coordination Center (CERT/CC) today published data on vulnerabilities affecting versions of Microsoft Windows and Windows Server. Microsoft had issued an advisory for CVE-2018-8611, a Windows kernel elevation of privilege bug that exists when the Windows kernel fails to properly handle