Security News > 2020 > December

Payment card processing giant TSYS suffered a ransomware attack earlier this month. TSYS provides payment processing services, merchant services and other payment solutions, including prepaid debit cards and payroll cards.

Data management and governance provider Skyflow this week announced a new $17.5 million Series A financing round, bringing the total raised by the company to date up to $25 million. Previously, Skyflow raised $7.5 million in a seed round led by Foundation Capital.

A previous patch for Cisco's Jabber chat product did not in fact fix four vulnerabilities - including one remote code execution flaw that would allow malicious people to hijack targeted devices by sending a carefully crafted message. Watchcom added: "The patch released in September only patched the specific injection points that Watchcom had identified. The underlying issue was not addressed. We were therefore able to find new injection points that could be used to exploit the vulnerabilities."

These phishing emails promise compensation, test results, and other lures about the coronavirus to trick unsuspecting users, says Armorblox. With 2020 almost over, such email attacks continue merrily on.

Security researchers on Thursday documented and described a new injection technique capable of extracting sensitive data from PDF files. The new code-injection technique essentially allows hackers to inject code to launch dangerous XSS attacks within the bounds of a PDF document.

Jack Wallen shows you how to install and configure fail2ban on the latest release of Fedora Linux. Fail2ban monitors specific log files for failed login attempts and, when an attempt to compromise is detected, it blocks the IP address from further attack or attempted logins.

Check Point Research has identified four vulnerabilities in the network library of Steam, the online platform from game developer Valve that is used by 25 million users to connect together at peak time to buy, play, create, and discuss PC games. An attacker could have used the security flaws to remotely crash an opponent's game client and potentially take over a gamer's computer and hijack all computers connected to a third-party game server.

Ransomware actors behind the attack have breached at least 85,000 MySQL servers, and are currently selling at least compromised 250,000 databases. Researchers said that PLEASE READ ME is an example of an untargeted, transient ransomware attack that does not spend time in the network besides targeting what's required for the actual attack - meaning there's typically no lateral movement involved.

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Today, Sophos disclosed that a SQL injection vulnerability was fixed in the Cyberoam operating system that could remotely add accounts to a CROS device.

To combat the COVID-19 outbreak, many companies and governments have deployed contact tracing apps that can alert you if someone with whom you've been in contact tests positive for the virus. The research included global contact tracing apps and apps from two US states and two US territories for a total of 52 Android apps and 43 iOS apps-95 apps in all.