British Airways Fined £20m For Data Breach Affecting Over 400,000 Customers The Information Commissioner’s Office (ICO) has fined British Airways (BA) £20m ($26m) for failing to protect the personal and financial details of more than 400,000 of its customers. In June 2018, the personal data of approximately 429,612 customers and Read more…
The Week In Ransomware – October 16th 2020 – The Weekend Is Upon Us Ransomware continues to target government entities and the enterprise, while victims quietly pay ransoms that power this cycle of attacks. This week we learned that government software provider Tyler Technologies paid a ransom to obtain a decryptor for Read more…
Google Warned Users Of 33,000 State-Sponsored Attacks in 2020 Google delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of state-sponsored phishing attacks targeting their accounts. “In these cases, we also shared our findings with the campaigns and the Federal Bureau of Read more…
Nation-State Actor Hit Google With The Largest DDoS Attack In an overview of distributed denial-of-service (DDoS) trends targeting its network links, Google revealed that in 2017 a nation-state actor used massive firepower that amounted to more than 2.54 terabits per second. The actor targeted thousands of Google IP addresses at the Read more…
ThunderX Ransomware Rebrands As Ranzy Locker, Adds Data Leak Site ThunderX has changed its name to Ranzy Locker and launched a data leak site where they shame victims who do not pay the ransom. ThunderX is a ransomware operation that was launched at the end of August 2020. Soon after Read more…
Microsoft Issues Out-of-Band Windows Security Updates For RCE Bugs Microsoft has released two out-of-band security updates designed to address remote code execution (RCE) bugs found to affect the Microsoft Windows Codecs Library and Visual Studio Code. The two vulnerabilities are tracked as CVE-2020-17022 and CVE-2020-17023, both of them being rated as important severity and Read more…
UK Urges Orgs To Patch Severe CVE-2020-16952 SharePoint RCE Bug The U.K. National Cyber Security Centre (NCSC) today issued an alert highlighting the risks behind the recently addressed CVE2020-16952 remote code execution (RCE) vulnerability in Microsoft SharePoint Server. NCSC, the cybersecurity arm of the UK’s GCHQ intelligence service, urges organizations to Read more…
Microsoft Releases Azure Defender For IoT In Public Preview It focuses on providing security monitoring for specialized device types, applications, and machine-to-machine (M2M), as well as specialized industrial protocols (Modbus, DNP3, BACnet, etc.) within IoT/OT environments. By adding visibility into misconfigured, unmanaged, and unpatched IoT/OT devices, it makes it a lot Read more…
NPM Nukes NodeJS Malware Opening Windows, Linux Reverse Shells NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads over the course of the last few months up until being removed by Read more…
Critical SonicWall Vulnerability Affects 800K Firewalls, Patch Now A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
