Security News

"We want to reassure everyone that this event won't stop our journey. After the security audit of renowned global companies, our operations will continue. We will announce the date of the reopening of the ETERBASE Exchange platform as soon as possible." If you're running Multi-Factor Authentication or Palo Alto's Captive Portal interface, an attacker can exploit a buffer overflow to ultimately gain code execution as root.

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Dealing with compromised customer accounts is a constant challenge for any organization doing business online today, and certainly Sendgrid is not the only email marketing platform dealing with this problem.

Researchers have once again demonstrated that many printers can be hacked remotely, by hijacking 28,000 devices and instructing them to print out a printer security guide. The researchers said the document was printed by nearly 28,000 of those devices, which suggests that 56% of exposed printers can be hijacked.

The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole. For what it's worth, the Maze crew doesn't tend to need to fib about these sort of things.

Chinese hackers infiltrated at least 10 Taiwan government agencies and gained access to around 6,000 email accounts in an attempt to steal data, officials said Wednesday. The damage done was "Not small", according to a top Taiwan cyber official, who said the full impact was still being assessed.

Carnival Corp. says it was the victim of a ransomware attack that likely got some personal information about the cruise company's guests and employees. The attack accessed an encrypted portion of technology systems for one of the cruise line's brands and certain data files were downloaded, the company said in a filing with the U.S. Securities and Exchange Commission.

Thousands of user accounts for online government services in Canada were recently hacked during cyber attacks, authorities said Saturday. The passwords and usernames of 9,041 GCKey account holders "Were acquired fraudulently and used to try and access government services," the authorities said.

What's more, in most of the cases, an attacker did not need to do much, beyond gaining an initial foothold, to command full internal network access: in 68 per cent of the trials, the infiltrators only needed to take one or two steps to have the entire organization at their fingertips. Network compartmentalization, and access controls limiting who can see what, may have helped minimize intruders' reach.

Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products. Play a video file - thanks to flaws in Microsoft Media Foundation and Windows Codecs.

A team of Chinese researchers has described the analysis process that resulted in the discovery of 19 vulnerabilities in a Mercedes-Benz E-Class, including flaws that can be exploited to remotely hack a car. The researchers conducted their analysis on a real Mercedes-Benz E-Class and demonstrated how a hacker could have remotely unlocked the car's doors and started its engine.