Home Blog Page 252

Drupalgeddon3: Third Critical Flaw Discovered

For the third time in the last 30 days, Drupal site owners are forced to patch their installations. As the Drupal team noted a few days ago, new versions of the Drupal CMS were released, to patch one more critical RCE vulnerability affecting Drupal 7 and 8 core. The vulnerability, code-named Drupalgeddon3, exploits improper input validation in the Form API....

FS-ISAC 2018 Summit

<img src="https://info.digitalguardian.com/rs/768-OQW-145/images/fsi-isac-logo.png"> Digital Guardian will be presenting and exhibiting in Booth #69.Get tools, tips and recipes from our threat hunting experts. Boca Raton | May 20-23 | Boca Raton Resort - Read more

Analyst Insights – The 4 Questions for GDPR Success

Bloor Research Analyst Insights – The 4 Questions for GDPR Success This webinar was recorded April 26, 2018. - Read more

DDoS attacks in Q1 2018

News overview In early January, it was reported that an amateur hacker had come close to pulling off a botnet attack using “improvised” materials. Armed with information gleaned from hacker forums, the DIYer created a Trojan using a zero-day exploit in Huawei routers and released it online. The attack was soon nipped in the bud, but the wannabe cybercriminal could...

Supply Chain Risk: Time to Focus on Partners Ahead of GDPR Deadline

With the GDPR compliance deadline of May 25 almost upon us, recent events have highlighted the importance of locking down third-party risk. Attacks on supply chain partners, Facebook’s data leak scandal and a new report from the National Cyber Security Centre (NCSC) have all come at an opportune time to illustrate the potential liabilities facing firms. The GDPR will require...

Five Critical Steps of a Complete Security Risk and Compliance Lifecycle

Five Critical Steps of a Complete Security Risk and Compliance Lifecycle #outlook a{ padding:0; } body{ width:100% !important; } .ReadMsgBody{ width:100%; } .ExternalClass{ width:100%; } body{ -webkit-text-size-adjust:none; } body{ margin:0; padding:0; } img{ border:0; height:auto; line-height:100%; outline:none; text-decoration:none; } table td{ border-collapse:collapse; } #backgroundTable{ height:100% !important; margin:0;...

Energetic Bear/Crouching Yeti: attacks on servers

Energetic Bear/Crouching Yeti is a widely known APT group active since at least 2010. The group tends to attack different companies with a strong focus on the energy and industrial sectors. Companies attacked by Energetic Bear/Crouching Yeti are geographically distributed worldwide with a more obvious concentration in Europe and the US. In 2016-2017, the number of attacks on companies...

Latest article

Indian Govt Bans Apps Being Misused to Stop E-Rickshaws Remotely

The Indian government has directed Google and Apple to take down three mobile applications, BAT-BMS, Lossigy, and Epoch-i-ion, after they were allegedly misused to...

Microsoft 365 users fall victim to one-in-a-million password spray attack

Microsoft users have been hit by a massive, automated password spray attack. Among those targeted by the attack were clients...

Apple’s ‘Hide My Email’ Privacy Flaw Exposes Real Email Addresses

Researchers say Apple’s Hide My Email flaw may expose real addresses, despite two fixes. Here’s what users should know about the privacy risk. The post...

Catan and Mouse

Welcome to this week’s edition of the Threat Source newsletter.  “I do not know everything; still many things I understand.” ― Madeleine L&apos;Engle, A Wrinkle...