FTC Releases Alert on Exposed Twitter Passwords

Original release date: May 07, 2018 The Federal Trade Commission (FTC) has issued guidance for Twitter users on changing their passwords. Users should change their Twitter passwords as well as any other accounts that use the same password NCCIC encourages consumers to review the FTC alert for more information. Refer to the NCCIC Tips on Choosing and Protecting Passwords and Supplementing Passwords for additional best practices. This product is provided subject to this Notification and this Privacy & Use policy.

SB18-127: Vulnerability Summary for the Week of April 30, 2018

Original release date: May 07, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »

Cryptojacking Campaign Exploits Drupal Bug, Over 400 Websites Attacked

Hundreds of sites vulnerable to ‘Drupalgeddon 2.0’ have been impacted by a massive cryptomining campaign.

Lenovo Patches Arbitrary Code Execution Flaw

Lenovo warns of a high-severity bug impacting its System x line of servers, along with a medium-severity buffer-overflow vulnerability affecting its popular ThinkPad line.

Report: Intel Facing New Spectre-Like Security Flaws

Intel may be facing as many as eight new Spectre-level vulnerabilities in its chips, a German magazine alleges.

Abbott Addresses Life-Threatening Flaw in a Half-Million Pacemakers

A backdoor could be exploited to allow an attacker to manipulate the implants and cause heart problems and even death,

Twitter Urges Users to Change Passwords Due to Glitch

A glitch caused Twitter passwords to be stored in plain text on an internal log.

MassMiner Takes a Kitchen-Sink Approach to Cryptomining

The malware targets Windows servers with a cornucopia of well-known exploits, all within a single executable — including the EternalBlue NSA hacking tool.

Phone Maker BLU Settles with FTC Over Unauthorized User Data Extraction

Florida-based phone maker BLU is facing an FTC complaint over allegations it shared detailed personal user data with a third-party firm that included full text messages, call logs and contact lists.

Kitty Cryptomining Malware Cashes in on Drupalgeddon 2.0

Bad actors are leveraging the critical Drupal vulnerability to install cryptomining malware on servers and browsers,