News

Application Security , Endpoint Security , Incident & Breach Response Pen Test Partners: Millions Could Have Had Data Exposed Marianne Kolbasuk McGee (HealthInfoSec) • May 6, 2021     Photo: Peloton Security researchers say API flaws could have exposed the private data of millions of Peloton fitness equipment online service users for months before they…

Endpoint Security , Governance & Risk Management , Patch Management Dell Has Patched Driver Issue Found by SentinelOne Jeremy Kirk (jeremy_kirk) • May 5, 2021     Dell’s headquarters in Round Rock, Texas (Photo: Jjpwiki via Wikipedia/CC) Dell has patched five flaws in a vulnerable firmware update driver that has shipped in millions of laptops,…

Softpedia News / Security 5. May 2021 Multiple critical vulnerabilities have been discovered in the Exim email server software by the Qualys Research Team. Some of these flaws can be chained together to achieve full remote unauthenticated code execution and root privileges.  Exim is a widely used mail transfer agent (MTA) that even comes pre-installed…

The attack overwhelmed the systems of a Belgian ISP, leading to widespread service outages and disruptions Many government websites and services in Belgium were knocked offline on Tuesday after Belnet, the internet service provider (ISP) for the country’s public sector, was hit by a massive distributed denial-of-service (DDoS) attack. According to Belnet, the attack started…

Breach Notification , Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime SEC Filing Predicts $10 Million to $15 Million Impact Marianne Kolbasuk McGee (HealthInfoSec) • May 5, 2021     SmileDirectClub, which sells teeth-straightening appliances, expects that a recent cyberattack, which disrupted the manufacturing of its products, will take a $10 million…

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online services. Nearly 66% of the recycled numbers that were…

Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Alejandro Mayorkas Says Attacks Increased 300% in Past Year Doug Olenick (DougOlenick) • May 6, 2021     Secretary of Homeland Security Alejandro Mayorkas About 50% to 70% of all ransomware attacks in the U.S. are targeting small and…

Today is World Password Day 2021, and while companies are touting the best password management practices, Google is hoping someday we won’t have to worry about them at all. According to the company, even the strongest passwords can be compromised.  “You may not realize it, but passwords are the single biggest threat to your online…