Previous Week’s Review on Security Threats

Review over the last week’s major vulnerabilities on security are coming up that had been occurred in various parts across the globe. All those are described here for the readers who might have missed to read them when the violation had took place. So, people can have an over view on those security attacks and significant steps taken to resolve the security flaws accordingly.

Patients Information Compromised in AdventHealth Data Violation

AdventHealth Medical Group Pulmonary and Sleep Medicine personals had declared in a statement that up to 42K of their patients’ personal and health information had been violated of a sixteen month long. The medical facility revealed the location, in Taveras, Fla., which had not learned so far how the violation was installed nor why it was capable to stay undetected for so long.

GitHub Expands Scope and Increases Bug Bounty Program Rewards

GitHub has settled to increase and expand the rewards of its bug bounty program shortly after the payment made on $250K in bug bounties last year in 2018. GitHub exposed that last year it was paid out a sum of $165K to analysts who participated in its open bug bounty program. Security professionals also got handsome amounts through thew private bug bounty programs of GitHub.

PoS U.S. Restaurants & Hotels Under Threats of Data Breach

Point of Sale solutions provider of North Country Business Products, whose main products were employed at over 6,500 destinations across the US, recently revealed an information data breach that presented in the revelation of the payment card information. An inquiry was conducted by a third-party cyber forensics company that exposed that critical  actors had spread a piece of violation to some of its clients at the beginning of this year between January 3 – 24, 2019.

Multiple Vulnerabilities Detected in CISCO, Microsoft Windows IIS, WinRAR & Adobe Products

CISCO had declared about the batch of fixes for its products, including HyperFlex, Firepower devices WebEx, and Prime infrastructure. Among five of the them were fixed likely HyperFlex Software, the software operation on Cisco HyperFlex HX-Series information data center intersects.

A harmful flaw impacted on entire versions of WinRAR, the notable file archiver user for Windows, the threat makers could use to take malware through specific crafted ACE archives.

Microsoft declared their users about the Windows servers operating Internet Information Services vulnerability to Denial of Service threats that occurred as critical HTTP/2 demands. Sending specific crafted HTTP/2 hold outs the reason CPU of the machine temporarily spike to guaranteed up to IIS overcomes the insecure connections mentioned by the tech giant.

Adobe on stated a fix for the Reader flaw tracked as CVE 2019-7089 after the researchers who identified the bugs managed to bypass the initial fixes.

Leave a Reply

Your email address will not be published. Required fields are marked *