Three UK telco bug has customers receiving and making random calls

Customers of the Three UK telco company are panicking as they receive a series of random phone calls due to an ongoing issue. Likewise, outbound calls from customers are being routed to random strangers. Three is the fourth-largest British telecom giant and Internet Service Provider (ISP) with 13.3 million subscribers as of 2020. Three telecom … Continue reading Three UK telco bug has customers receiving and making random calls

Accidental Insider Leaks Prove Major Source of Risk

Accidental Insider Leaks Prove Major Source of Risk Research reports highlight growing concerns around insider negligence that leads to data breaches. While malicious insiders often make headlines, most enterprise data leaks are accidental — caused by end users who fail to follow corporate security policy or try to work around it. The "2020 Cost of … Continue reading Accidental Insider Leaks Prove Major Source of Risk

Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config

Motivation There are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros. We have to enable these options ourselves to make our systems more secure. But nobody likes checking configs manually. So let the computers do their job! kconfig-hardened-check.py helps me to check the Linux kernel … Continue reading Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config

Windows 10 KB5003690 fixes issues affecting gamers since March

Microsoft has fixed performance issues impacting gamers running Windows 10 21H1 and 20H2 with the latest Windows 10 build released for Insiders in the Beta and Release Preview Channel. "We fixed an issue in a small subset of users that have lower than expected performance in games after installing KB5000842 or later," the Windows Insider … Continue reading Windows 10 KB5003690 fixes issues affecting gamers since March

Announcing SecureX Academy

SecureX has changed the way our customers do the work of securing their environments. We have been able to bring together the Cisco Secure portfolio, 3rd party tools and data sources, and a robust platform architecture into which these technologies can be plugged, in a way that saves organizations time and money and increases their … Continue reading Announcing SecureX Academy

US supermarket chain Wegmans notifies customers of data breach

Wegmans Food Markets notified customers that some of their information was exposed after the company became aware that two of its databases were publicly accessible on the Internet because of a configuration issue. Wegmans is a 106-store major regional supermarket chain with stores in the mid-Atlantic and Northeastern regions (i.e., New York, Pennsylvania, New Jersey, … Continue reading US supermarket chain Wegmans notifies customers of data breach

First American Financial Pays Farcical $500K Fine

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. This week, the U.S. Securities and Exchange Commission settled its investigation into the … Continue reading First American Financial Pays Farcical $500K Fine

Fake DarkSide gang targets energy, food industry in extortion emails

Threat actors impersonate the now-defunct DarkSide Ransomware operation in fake extortion emails sent to companies in the energy and food sectors. The Darkside ransomware operation launched in August 2020, targeting corporate networks and demanding millions of dollars for a decryptor and a promise not to release stolen data. After hitting Colonial Pipeline, the largest fuel … Continue reading Fake DarkSide gang targets energy, food industry in extortion emails

Insider Versus Outsider: Navigating Top Data Loss Threats

It’s no surprise that cloud adoption has increased considerably in the last year, as organizations sought to adapt to the rapid transition to remote work amid the pandemic. However, what’s shocking is that despite the many advantages cloud and software-as-a-service (SaaS) applications provide organizations, they frequently fall short when it comes to averting data loss. … Continue reading Insider Versus Outsider: Navigating Top Data Loss Threats

Attackers Find New Way to Exploit Google Docs for Phishing

Attackers Find New Way to Exploit Google Docs for Phishing Tactic continues recent trend by attackers to use trusted cloud services to send and host malicious content. Researchers spotted what they describe as a new method that attackers appear to be using to lure victims to malicious phishing websites via Google Docs. The attack chain … Continue reading Attackers Find New Way to Exploit Google Docs for Phishing