Stolen Personal And Medical Information Was Found Online

Jeremiah Fowler, a researcher with Security Discovery recently found an unprotected Elasticsearch databased owned by a company called SkyMed on the internet.  According to his findings the database was configured such that it was open and visible to any browser. This allows anyone who stumbles across it to edit, download, …

Security Is Now A Concern For Open Source Software

This year’s Open Source Security and Risk Analysis Report analyzed the anonymized data of more than 1,200 commercial codebases from 2018. According to the report, managing open source risk continues to pose a significant challenge for industry. The Synopsys Cybersecurity Research Center produces the report, and found that 96 percent …

Google Giving More Flexibility To Private Data Removal

Tech giant Google recently unveiled the next step in its plan to put more power in the hands of users when it comes to their own data.  The most recent change involves the introduction of a new auto-delete feature tied to your Google account. It will allow you to set …

Scammers Now Use Google Ads To Steal Information

There’s a new scam afoot that involves using Google Ads. We’re frankly surprised that it’s working, but apparently, it’s drawing some unsuspecting customers in. It appears to be an organized campaign. The unknown scam artists are creating ads with phrases like: “Amazon.com – Best place to get dream products. Best …

Email Providers Found To Have Signature Vulnerabilities

A team of security researchers have uncovered a serious flaw in several major email clients you need to be aware of. The flaw allows hackers to fake verified signatures, which gives their phishing and other email-based attacks the appearance of legitimacy.   According to research conducted by the team, the …

Android Wifi Hotspot App Leaks Network Passwords And Information

Do you use an Android App called ‘WiFi Finder’?  If so, be advised that your network password has likely been exposed, based on research conducted by Sanyam Jain, of the GDI Foundation. Jain discovered an unprotected database online associated with the app that contained more than two million network passwords. …

Password Policies Getting Update From Microsoft

Industry experts have been predicting the death of the humble password for decades.  To date, those predictions have amounted to nothing. Passwords are still with us, and still serve as the cornerstone of security, even as other measures have arisen alongside them to help better secure your all-important data.   …

Popular Fitness Site Endures A Customer Information Breach 

Do you frequent the website bodybuilding.com? If so, be advised that the site has been breached. According to a recent statement by the company behind the site, the breach occurred in February, 2019 and had its origins in a phishing email the company received back in July of 2018. A …

Windows Update May Fail With External Storage Devices

Microsoft recently issued an important support document that your IT staff needs to be aware of. In part, their notice reads as follows: “Inappropriate drive reassignment can occur on eligible computers that have an external USB device or SD memory card attached during the installation of the May 2019 update.  …

Persistent Banking Trojan Virus Launches New Phishing Scam

The venerable banking Trojan known as Q-bot is back in the news, having recently been spotted in the wild as part of a sophisticated new phishing campaign designed to claim a new generation of victims. Q-bot is one of the oldest banking Trojans still in use, and has a history …