LinkedIn Data Found in 8 Unsafe Databases

A security investigator recognized eight indiscreet databases that held about 60 million records of LinkedIn user information.

GDI Foundation, where the security investigator is from, is a not-for-profit association with a task to protect the free and open Internet by trying to make it safer. The researcher, Sanyam Jain, contacted Bleeding Computer when he noticed “something strange.” He came across leaky databases comprising the LinkedIn data “appearing and disappearing from the Internet under different IP addresses.”

Continue reading →

The Dark Side of the Internet

Leave a reply

The deep web is an unidentified online space only accessible with specific software, while the dark web is the part of the deep web that hides your identity and location. It’s essentially just “a series of encrypted networks that serve to anonymize peoples’ use on the internet and is relatively easy for anyone to access this encrypted network. All it takes is downloading darknet software with the most common dark web networks being Tor, I2P, and Freenet, but Tor is the most popular of them all.

Continue reading →

Cisco Patches Serious Vulnerability in ASR 9000 Routers

Leave a reply

On Wednesday, Cisco issued patches for 30 flaws, including a grave bug affecting ASR 9000 Series Aggregation Services Routers running IOS XR 64-bit software.

The flaw, tracked as CVE-2019-1710 and containing a CVSS score of 9.8, could allow an unverified, distant attacker to get access to internal applications running on the sysadmin virtual machine (VM).

Continue reading →

What You Need to Know About Advanced Persistent Threat (APT)

Leave a reply

An advanced persistent threat (APT) is a wide-ranging term used to describe an attack drive in which a trespasser, or a group of trespassers, launches an illegitimate, long-term presence on a network in order to mine highly sensitive data. The targets of these attacks, which are very prudently selected and researched, classically include large enterprises or governmental networks.

Continue reading →

Oracle Patches 300 Flaws in Enterprise Software

Leave a reply

Enterprise behemoth warns that several pre-auth remote code exec holes need to be pasted over

In its quarterly security updates released today, Oracle said it patched as many as 296 flaws across its enormous line of enterprise software.

Continue reading →

Microsoft Email Services Hacked for 3 Months

Leave a reply

Software giant Microsoft has revealed that hackers, at the beginning of the year, managed to access customers’ web-based email accounts for three months. The company added that unknown hackers hit the accounts of various Microsoft email services between January 1 and March 28.

Continue reading →

SAP and Intel Patch High Severity Vulnerabilities in Their Respective Systems

Leave a reply

This week, SAP released 6 Security Notes as part of its April 2019 Security Patch Day, including two that highlight high severity vulnerabilities in Crystal Reports and NetWeaver.

Intel, on the other hand, has released security updates highlighting two high-severity flaws in its Intel Media Software Development Kit (SDK) and Intel NUC mini PC.

Continue reading →

Juniper issues update after hardcoded identifications left in switches

Leave a reply

Juniper Networks has released an update after discovering hardcoded credentials had been left in some of its datacenter switches.

Designated CVE-2019-0034, the exposed login was found in the Junos Network Agent, a software tool used to manage sensors and other devices that monitor network performance. Precisely, hardcoded credentials were found in Google gRPC, a component used with the Junos Telemetry Interface.

Continue reading →

Yahoo! Offers Almost $118 million in a bid to settle data breach lawsuit

Leave a reply

Yahoo!, the search engine and web services giant, is set to pay $117.5m in an effort to settle a data breach issue out of court, according to reports.

The California-based company suffered a string of breaches between 2013 and 2016, with the earliest attack affecting every single customer account totaling 3 billion users.

Continue reading →

Microsoft and Adobe Release Patches to Overcome Vulnerabilities

Leave a reply

Microsoft has patched upwards of 70 flaws in April 2019, as well as two Windows zero-day vulnerabilities that let an attacker escalate privileges on a bargained system.

Continue reading →