Global systems integrator Wipro has acquired Melbourne-based managed services provider Ampion for an undisclosed sum. Based in Melbourne, Ampion specialises in cyber security, DevOps and quality engineering services. The company was formed last year following the merger of MSPs Revolution IT and Shelde. Wipro said adding Ampion’s offerings in engineering transformation, DevOps and security consulting…
Executive Summary Informations Name CVE-2020-9149 First vendor Publication 2021-04-01 Vendor Cve Last vendor Modification 2021-04-01 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Faces Up to 20 Years in Prison for Money Laundering Conspiracy Prajeet Nair (@prajeetspeaks) • April 1, 2021 The shuttered DeepDotWeb portal An Israeli citizen who served as the administrator of the now-shuttered DeepDotWeb portal that connected internet users with darknet marketplaces has…
Unknown attackers recently attempted to carry out a large-scale supply-chain attack by introducing malicious code to the official PHP GIT repository. If the developers hadn’t noticed the backdoor in time, it could have ended up on many Web servers and led to the largest supply-chain attack in history. What happened with PHP The programmers who…
A quick browse through the Ubiquiti website will reveal a company that wants you to know its network solutions are the best of the best. But what the company seemingly doesn’t want you to know is that it suffered a security breach far worse than it let on back in January. A few months back…
Governance & Risk Management , IT Risk Management , Patch Management If Exploited, Flaws Could Open Door to Theft of Admin Credentials Prajeet Nair (@prajeetspeaks) • April 1, 2021 VMware has issued patches for two critical vulnerabilities in its IT operations management platform, vRealize Operations, which, if exploited, could allow attackers to steal…
CISA, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to urgently conduct the…
A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack. In an update shared on Wednesday, Google’s Threat Analysis Group said the attackers behind the operation set up a fake security company called SecuriElite and a slew of social…
An unknown malicious actor has compromised the official PHP Git repository in attempt to add backdoors to the code base of the PHP project. According to PHP programming language developer and maintainer Nikita Popov, the incident took place last Saturday, on March 28. He said that two malicious commits were pushed to the…
MobiKwik CEO Bipin Preet Singh on Tuesday said the company is investigating claims of some users that their data was available on the dark web. He said the company would get a third party to conduct a forensic data security audit. Responding to reports of a massive data breach in MobiKwik’s servers, Singh came…
