Monthly Archives: December 2018

Data Breach Strikes 15K BevMo E-commerce Users

BevMo, the alcohol retailer revealed to the office of the California Attorney General that its website was breached, compromising the credit card information of about 15,000 users.

The website is carried off by NCR Corp., which identified a harmful code which was added on the website checkout page by a non-official attacker who acquired access, siphoning user’ names, debit  or credit numbers, their expiry dates, phone numbers, email addresses, CVV2 codes, shipping and billing addresses.

Continue reading

Prominent Phishing Attacks Enterprises Need to Know

Phishing is the motive of sending unlawful or swindling communications that become visible to approach from a famous source. It is commonly done through email which has been practiced widely across the world. The main motive in this act is to steal highly sensitive information such as credit card, debit card and login information of accounts, or even to install malware on the system of the victim. Phishing is a general kind of cyber threat that everyone should acquire information about it so as to safegurad themselves.

Continue reading

Employee Data Reveals in An Attack at NASA Server

NASA – The U.S. National Aeronautics and Space Administration has affirmed that one of its servers faced threat through hack in October, with various employee information, comprising social security numbers, revealed to hackers.

NASA states it is presently alerting employees whose data may have been impacted in a statement circulated couple of days ago. An inquiry has already commenced, however NASA states Social Security numbers and various personally detectable data were saved on the cracked server.

Continue reading

Microsoft Urges to Patch the 0-day Vulnerability in Internet Explorer

Microsoft announced an out-of-band modification on Wednesday for its web browser, Internet Explorer fixes a zero-day bug victimized by harmful hackers in marked threats. Microsoft has recognized Clement Lecigne of Google’s Threat Analysis Group for documenting the bug, however neither Microsoft nor Google have stated any information associated the threats involving the vulnerability.

Continue reading

WordPress Fixes Privilege Escalation Bugs

RIPS Tech security analysts express that the privilege escalation bugs in WordPress permit hackers to acquire access features that were meant for administrators merely. A hacker with a user function as low as presenter on WordPress, the open-source free Content Management System built on MySQL and PHP, could effort the security vulnerabilities to generate posts of post sorts they regularly should not have acquire access to.

Continue reading

API Vulnerability Revealed Images of 6.8 Million Users of Facebook

Facebook exposed that a vulnerability associated to its Photo API could have permitted third-party apps to access photos of users on Friday, even ones that were guessed to be exclusive. Its internal team exposed a vulnerability in the Photo API according to the social media giant that influenced customers who had used Facebook credentials and permitted third-party apps to access their images.

Applications that are provided access to images are averagely permitted to access merely photos shared on a timeline of users. But, due to this hole, the developers could have acquired access to other images as well, containing ones shared on Facebook Marketplace or through Stories, or images that were merely uploaded to the social media service but not posted.

Continue reading

Code Implementation Bug in SQLite Impacts Chrome, and Software

Numerous applications employing the famous SQLite Database Management System could be revealed to threats due to a possibly critical bug that can lead to distant code implementation, information revelation, and Denial of Service threats. The bug was identified by analysts of the Blade Team based at China-based internet giant Tencent. The professionals have titled the bug “Magellan” and they demand it impacts any piece of software that employs Chromium or SQLite – Chromium believes on WebSQL, which is rooted on SQLite.

Continue reading

Various Flaws Fixed With The Announcement of WordPress 5.0.1

On Thursday, WordPress developers released the availability of WordPress version 5.0.1 of the Content Management System, which states various sorts of flaws.

Tim Coen, the researcher has detected various Cross-Site Scripting vulnerabilities in WordPress, containing one reasoned by the capability of contributors to modify the new comments from customers along with higher advantages. He also identified that a particularly crafted URL input can be employed for Cross-Site Scripting threats – this issue merely influences few plugins.

Continue reading