Over nine months ago, a security researcher found vulnerabilities in Panera Bread's web site. The researcher tried to report the flaws responsibly through the right contacts, got accused of being and scam artist, but eventually got through to someone. Unfortunately, eight months later the company had still not fixed the data leaking flaws. That's when Brian Krebs got involved, … [Read more...]
Verge Blockchain Hacked – Daily Security Byte
If you watched our 2018 Security Predictions, you know that one of them was that attackers would exploit a new blockchain vulnerability in a major cryptocurrency that would result in the value of that cryptocurrency dropping. Last week, that prediction hit. An attacker leveraged a vulnerability in one of the top 30 cryptocurrencies, Verge, to unfairly mine a huge amount of the … [Read more...]
Two Major Data Breaches – Daily Security Byte
Over the past few weeks, a number of organizations have disclosed big data breaches, including Under Armour, Saks Fifth Avenue and Lord & Taylor. These breaches resulted in the loss of various types of personally identifying information (PII), from password hashes to credit card track data. Watch the video below to learn much more about these breaches, and what you should … [Read more...]
Microsoft MMPE Vulnerable – Daily Security Byte
Microsoft recently released an out of cycle update to fix a critical flaw in the Microsoft Malware Protection Engine (MMPE). Due to a vulnerability in an open source archive package, a Google research found that by sending a maliciously crafted file to a computer running MMPE, you can exploit this flaw to execute code and gain complete control of computers running unpatched … [Read more...]
Learning From Boeing’s Infection – Daily Security Byte
Last week, a leaked memo from Boeing management informed the world that the top airplane manufacturer had gotten infected by the old WannaCry ransomworm. Since then, Boeing has downplayed the attack, saying it didn't affect production and is under control. Nonetheless, information security pundits wonder how such a large enterprise, which should have the best security controls … [Read more...]
