News & Updates

A report from Anti-Phishing Working Group reveals that 58% of all phishing websites now use the HTTPS protocol.

Dell urges users to update the vulnerable SupportAssist tool built into its business and home machines. The privilege escalation vulnerability could allow hackers control over Dell computers running Windows, if left unpatched.

Oracle published an out-of-band security alert advisory on CVE-2019-2729, a zero-day deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services.

Baltimore City and County governments, Ohio-based NEO Urology, and Talley Medical Surgical Eyecare in Indiana are still in recovery efforts after ransomware incidents caused daily operations to be temporarily suspended.

A Netflix researcher uncovered four critical vulnerabilities — CVE-2019-11477, CVE-2019-11478, CVE-2019-5599, and CVE-2019-11479 — within the TCP implementations on Linux and FreeBSD kernels.

The hacking group Xenotime, reported to be behind intrusions targeting facilities in oil and gas industries, has started probing industrial control systems (ICSs) of power grids in the U.S. and the Asia-Pacific region.

Two hacking groups have been spotted attacking vulnerable Exim email servers, trying to exploit CVE-2019-10149. One group uses a public internet server, and another a server on the dark web.

Fortune 500 company Quest Diagnostics, LabCorp, and billing provider American Medical Collection Agency (AMCA) are facing multiple class-action lawsuits after cybercriminals breached the web payment page of AMCA over an eight-month period.

Two major breaches, one at the US Custom and Border Protection and another a a retro gaming site, highlight the need for effective data protection.