International credit bureau TransUnion says that hackers managed to breach a server operated by its South African division, and gained access to the personal information of individuals.
Read more in my article on the Hot for Security blog.
International credit bureau TransUnion says that hackers managed to breach a server operated by its South African division, and gained access to the personal information of individuals.
Read more in my article on the Hot for Security blog.
The sharp increase in funding and mergers-and-acquisition (M&A) activity in the cybersecurity industry over the last year has brought into focus the challenges that organizations can run into when their vendor is acquired by or merges with another company. Specialized, pure-play security companies are being bought by bigger and more generalized technology vendors or by private firms seeking to cash in on the cybersecurity boom.
Data that S&P Global Market Intelligence compiled last November showed there were 151 M&A cybersecurity deals in the first three quarters of 2021 alone compared to 94 over the same period in 2020, 88 in 2019, and 80 in 2018. Many companies secured massive venture capital (VC) investments from private equity firms. Some were acquired outright by these firms. VC firms poured nearly $22 billion into cybersecurity firms last year, which was a record.
Anyone who follows cybersecurity is aware of the steady drumbeat of data breaches and attacks. So, an attack needs to really stand out to earn the name “disaster.”
We’ve assembled eight truly disastrous IT security failures over the past decade, with the goal of finding not just clever hacks, but real mistakes on the part of the victims. Hopefully you’ll come away with some ideas on how not to suffer a disaster of your own.
[ Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. | Sign up for CSO newsletters. ]
Hieu Minh Ngo proved that you don’t need a lot of technical know-how to breach the security of an important data broker and get access to a lot of people’s private information. Sometimes all it takes is some brazen misrepresentation and social engineering skills. While still in his early 20s, Ngo convinced Court Ventures, a data broker later purchased by Experian, that he was a private investigator in Singapore. He then purchased personally identifying information (PII) from Court Ventures as part of his “work.”
Posted by CFP – ESORICS 2022 on Mar 20
[Apologies for cross-posting]
————————————————————————–
C a l l F o r P a p e r s
27th European Symposium on Research in Computer Security (ESORICS) 2022
26-30 September 2022, Copenhagen, Denmark
URL: https://esorics2022.compute.dtu.dk/#
————————————————————————–
===================
CONFERENCE OUTLINE:
===================
We are looking…
Posted by malvuln on Mar 20
Adversary3 v1.0 – Malware vulnerability intel tool for third-party
attackers.
Posted by malvuln on Mar 20
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/531d8b4ac8f7eb827d62424169321b2b.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: BuilderRevengeRAT – (Revenge-RAT v0.3)
Vulnerability: XML External Entity Injection
Description: The malware listens on TCP port 333. There is a Config.xml
file used by the RAT builder to specify port, notification, webcam etc. The
XML parser used…
Posted by malvuln on Mar 20
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: BuilderTorCTPHPRAT.b
Vulnerability: Remote Persistent XSS
Family: TorCTPHPRAT
Type: WebUI
MD5: 838f67d7a4b6824ec59892057aab3bb7 (Webremote TorCT Client.exe)
MD5: dc40fa699cfce01802213dbbd0cbe37e (SlaveOnline.php)
Vuln ID: MVID-2022-0520…
Posted by malvuln on Mar 20
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: BuilderTorCTPHPRAT.b
Vulnerability: Arbitrary File Upload – RCE
Family: TorCTPHPRAT
Type: WebUI
MD5: 838f67d7a4b6824ec59892057aab3bb7 (Webremote TorCT Client.exe)
MD5: b54822058a3ed33c673d06113b453ebe (upload.php)
Vuln ID: MVID-2022-0519…
Posted by malvuln on Mar 20
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: BuilderTorCTPHPRAT.b
Vulnerability: Insecure Credential Storage
Description: The default password for the TorCT client malwares web-panel
is “ww” and is stored in cleartext within the “password.php” file.
Family: TorCTPHPRAT…
Posted by malvuln on Mar 20
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/ae4a409d217bbd538009fbbb5457e754.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: BuilderPandoraRat.b – (Pandora Rat 2.2 [Beta].exe)
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP port 6622. Credentials are stored
in plaintext in Settings.ini file and default password is blank.
Family:…