Blog

A security researcher has published details of a vulnerability in a popular cloud storage drive after the company failed to issue security patches for over a year. Remco Vermeulen found a privilege escalation bug in Western Digital’s My Cloud devices, which he said allows an attacker to bypass the admin password on the drive, gaining […] Source: Password bypass flaw in Western Digital My Cloud drives puts data at risk

Source: Mirai Botnet Authors Avoid Jail Time — Krebs on Security

Newegg is clearing up its website after a month-long data breach. Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. The code siphoned off credit card data from […] Source: Hackers stole customer credit cards in Newegg data breach

Security firm FireEye has confirmed that a widely used web payment portal used to pay for local government services, like utilities and permits, has been targeted by hackers. Hackers have broken into self-hosted Click2Gov servers operated by local governments across the US, likely using a vulnerability in the portal’s web server that allowed the attacker to […] Source: Hackers have planted credit card stealing malware on local government payment sites

Internet outages happen all the time. If it’s not someone cutting through a cable in the street, it’s a massive denial-of-service attack pummeling a pillar of the internet with junk data. There is another, more common cause: routing issues. Internet routing isn’t sexy. But it’s a fundamental part of how the internet works. Routing relies […] Source: Cloudflare wants internet route leaks to be a thing of the past