Security News > 2018 > August

Air Canada has suffered a data breach and is forcing a password reset on all 1.7 million users of its mobile app, though apparently only 20,000 of the mobile app accounts were accessed by the...

The campaign uses double infection points and two command-and-control servers.

Popular PHP package repository front end Packagist turned out to have an embarrassing command injection hole - now closed!

Underground forums alight with Struts chat, we hear A recently uncovered critical vulnerability in Apache Struts is already being exploited in the wild.…

Cybercriminals Have Been Experimenting With a Blockchain Domain Name System (DNS) read more

Don’t worry, they’re only in charge of catching visa and passport fraud A branch of the US State Department charged with detecting visa fraud was found to ignoring basic information security practices.…

Loki Bot’s operators have been targeting corporate mailboxes with their spam messages, Kaspersky Lab reports. read more

A newly detailed Android spyware that has an incredibly wide-ranging protocol has been active since May 2016, Kaspersky Lab warns. read more

The Qualcomm Life Capsule Datacaptor Terminal Server and the Becton Dickinson Alaris TIVA Syringe Pump allow remote access without authentication.

Since GDPR was implemented on May 25th, 2018 one big question has been lurking in the U.S.: When will the U.S. Federal Government follow suit? With the spate of breaches over the past year coupled...