Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

Market NewsBy Product_Team September 15, 2020

Monday’s CISA advisory is a staunch reminder for federal government and private sector entities to apply patches for flaws in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange servers.

Cloud Leak Exposes 320M Dating-Site Records

Market NewsBy Product_Team September 15, 2020

A misconfigured, Mailfire-owned Elasticsearch server impacted 70 dating and e-commerce sites, exposing PII and details such as romantic preferences.

TikTok Fixes Flaws That Opened Android App to Compromise

Market NewsBy Product_Team September 15, 2020

The flaws are disclosed as Oracle reportedly partners with TikTok as concerns in the U.S. over spying continue.

Magecart Attack Impacts More Than 10K Online Shoppers

Market NewsBy Product_Team September 15, 2020

Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit.

APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins

Market NewsBy Product_Team September 12, 2020

The Russia-linked threat group is harvesting credentials for Microsoft’s cloud offering, and targeting mainly election-related organizations.

Office 365 Phishing Attack Leverages Real-Time Active Directory Validation

Market NewsBy Product_Team September 12, 2020

Attackers check the victims’ Office 365 credentials in real time as they are typed into the phishing landing page, by using authentication APIs.

It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure

Market NewsBy Product_Team September 12, 2020

Vulnerability-disclosure policies (VDPs), if done right, can help provide clarity and clear guidelines to both bug-hunters and vendors when it comes to going public with security flaws.

WordPress Plugin Flaw Allows Attackers to Forge Emails

Market NewsBy Product_Team September 12, 2020

The high-severity flaw in the Email Subscribers & Newsletters plugin by Icegram affects more than 100,000 WordPress websites.

cPanel Compatibility

Market NewsBy Product_Team September 11, 2020

Access admin/user panel over the same port 2082 – CWP User Panel 2083 – CWP User Panel SSL 2086 – CWP Admin (same as 2030) 2087 – CWP Admin SSL (same as 2031)* Recommended to be used with the hostname because of the usage of the hostname SSL. Examples: https://hostname.domain.com:2083 https://hostname.domain.com:2087 https://100.110.120.130:2083 https://100.110.120.130:2087 Access to…

Microsoft Warns of Cyberattacks on Trump, Biden Election Campaigns

Market NewsBy Product_Team September 11, 2020

Just months before the U.S. presidential election, hackers from Russia, China and Iran are ramping up phishing and malware attacks against campaign staffers.

Category Archives: Market News