Vulnerabilities | Alerts | Solutions

Vulnerabilities | Alerts | Solutions

Browser Side-Channel Flaw De-Anonymizes Facebook Data | Threatpost

A side-channel vulnerability in Google Chrome and Mozilla Firefox allows drive-by de-anonymization of Facebook users. An exploit would allow an attacker to pick up the profile picture, username and the “likes”...

Honda, Universal Music Group Expose Sensitive Data in Misconfig Blunders | Threatpost

Server and cloud misconfigs continue to plague companies and their customers: This week it came to light that a Universal Music Group contractor neglected to protect an Apache Airflow server,...

Ticketfly, Major Concert Venues Still Offline After Hack | Threatpost

Ticketfly and several major venues’ services are still offline Friday morning as they struggle to recover from a major hack that have brought down their websites and disrupted several public...

ICANN Launches GDPR Lawsuit to Clarify the Future of WHOIS | Threatpost

The WHOIS internet domain directory is at the center of a GDPR-related lawsuit that should clarify at least one of the many unknowns when it comes to achieving compliance with...

Nocturnal Stealer Lets Low-Skilled Cybercrooks Harvest Sensitive Info | Threatpost

The Nocturnal Stealer malware has crept into the Dark Web like a thief in the night, offering criminals a lucrative payday for a small price — and little effort. It’s a...

Huawei Patches Four Server Bugs Rated High Severity | Threatpost

Huawei Technologies warned customers of four vulnerabilities rated high that impact 20 of its server models. Patches are available for each of the bugs that range from an authentication bypass...

Podcast: How Cities Can Be Security Smart | Threatpost

by Lindsey O'Donnell May 31, 2018 , 1:44 pm The smart city industry is projected to be a 400 billion dollar market by 2020, as municipals look at real-world applications...

Bug In Git Opens Developer Systems Up to Attack | Threatpost

Git repository hosting services GitHub, GitLab and Microsoft VSTS each patched a serious vulnerability on Tuesday that could lead to arbitrary code execution when a developer uses a malicious repository. Developers...

Botnet Operators Team Up To Leverage IcedID, Trickbot Trojans | Threatpost

The botnet operators behind two infamous banking trojans have banded together to gouge victims of cash in a tricky collaborative scheme. Flashpoint analysts, who highlighted the collaboration in a Wednesday report,...

Yahoo! Hacker Sentenced; Coke Opens Up a Can of Data Breach | Threatpost

Fortune 500 breaches seem to be a theme this week. As the Yahoo attacker responsible for the company’s 500 million-account data breach has been sentenced, Coca-Cola disclosed an insider stole...