Monthly Archives: April 2019

LinkedIn Data Found in 8 Unsafe Databases

A security investigator recognized eight indiscreet databases that held about 60 million records of LinkedIn user information.

GDI Foundation, where the security investigator is from, is a not-for-profit association with a task to protect the free and open Internet by trying to make it safer. The researcher, Sanyam Jain, contacted Bleeding Computer when he noticed “something strange.” He came across leaky databases comprising the LinkedIn data “appearing and disappearing from the Internet under different IP addresses.”

Continue reading

The Dark Side of the Internet

The deep web is an unidentified online space only accessible with specific software, while the dark web is the part of the deep web that hides your identity and location. It’s essentially just “a series of encrypted networks that serve to anonymize peoples’ use on the internet and is relatively easy for anyone to access this encrypted network. All it takes is downloading darknet software with the most common dark web networks being Tor, I2P, and Freenet, but Tor is the most popular of them all.

Continue reading

Cisco Patches Serious Vulnerability in ASR 9000 Routers

On Wednesday, Cisco issued patches for 30 flaws, including a grave bug affecting ASR 9000 Series Aggregation Services Routers running IOS XR 64-bit software.

The flaw, tracked as CVE-2019-1710 and containing a CVSS score of 9.8, could allow an unverified, distant attacker to get access to internal applications running on the sysadmin virtual machine (VM).

Continue reading

What You Need to Know About Advanced Persistent Threat (APT)

An advanced persistent threat (APT) is a wide-ranging term used to describe an attack drive in which a trespasser, or a group of trespassers, launches an illegitimate, long-term presence on a network in order to mine highly sensitive data. The targets of these attacks, which are very prudently selected and researched, classically include large enterprises or governmental networks.

Continue reading

SAP and Intel Patch High Severity Vulnerabilities in Their Respective Systems

This week, SAP released 6 Security Notes as part of its April 2019 Security Patch Day, including two that highlight high severity vulnerabilities in Crystal Reports and NetWeaver.

Intel, on the other hand, has released security updates highlighting two high-severity flaws in its Intel Media Software Development Kit (SDK) and Intel NUC mini PC.

Continue reading

Juniper issues update after hardcoded identifications left in switches

Juniper Networks has released an update after discovering hardcoded credentials had been left in some of its datacenter switches.

Designated CVE-2019-0034, the exposed login was found in the Junos Network Agent, a software tool used to manage sensors and other devices that monitor network performance. Precisely, hardcoded credentials were found in Google gRPC, a component used with the Junos Telemetry Interface.

Continue reading