Thursday, July 20, 2017
           (757) 873-6707                     Monday - Friday, 9 am - 5:30pm
Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks Microsoft today addressed two NTLM-related vulnerabilities privately disclosed by Preempt Security. The flaws allow for credential relay attacks.
Adobe Fixes Six Vulnerabilities in Flash, Connect with July Update Adobe only fixed six vulnerabilities in two products, making it the company's smallest security bulletin of the year.
Micro Market Vendor Warns of Bankcard And Biometric Data Breach Avanti Markets notified customers of a possible breach of personal and payment card data as well as biometric user information that likely occurred July 4.
Classic Ether Wallet Compromised via Social Engineering Developers of Classic Ether Wallet said an attacker managed to hijack the domain for the wallet via social engineering late Thursday evening.

Latest News

Senator Calls For Use Of DMARC To Curb Phishing

Senator Ron Wyden is pushing to mandate government-wide use of the email authentication protocol DMARC “to ensure that hackers cannot send emails that impersonate federal agencies.”

Modified Versions of Nukebot in Wild Since Source Code Leak

Criminals have made use of the leaked source code for the Nukebot banking Trojan, crafting modified versions of the malware to target banks in the U.S. and France.

Bad Code Library Triggers Devil’s Ivy Vulnerability in Millions of IoT Devices

Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attacks to remotely gain control over devices or crash them.

Oracle Releases Biggest Update Ever: 308 Vulnerabilities Patched

Oracle's July Critical Patch Update included fixes for 308 vulnerabilities, 165 of which are remotely exploitable.

Oracle E-Business Suite Flaw Allows Downloads of Documents

Oracle today in its Critical Patch Update addressed a critical vulnerability in its Oracle E-Business Suite of business applications that allows for the download of business documents.

CoinDash Hacked During its ICO

Hackers hijacked CoinDash’s initial coin offering Monday, stealing $7.7 million in cryptocurrency from the nascent trading platform.

Privacy Activists Suffer Legal Setback In National Security Letter Case

Cloudflare and network operator Credo Mobile suffered a legal defeat when U.S. appeals court ruled to uphold a gag order on FBI surveillance data.

Botnet Tweeting, Spamming Porn Shut Down

Researchers discovered an active Twitter botnet made up of 38,000 bots, generating 8.5 million tweets and netting over 30 million clicks from its victims.

Cisco Patches Another Critical Ormandy Bug in WebEx Extension

Researchers Tavis Ormandy and Cris Neckar privately disclosed a critical vulnerability in Cisco's WebEx extension for Chrome and Firefox that allows for remote code execution.

FreeRADIUS Update Patches Bugs Static Analysis Tools Missed

FreeRADIUS today released an update that patches a number of vulnerabilities uncovered in a commissioned engagement using a customer fuzzer.