BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

VideoLAN Patches Critical Vulnerability in VLC Media Player

view counter
VideoLAN has addressed a critical double-free vulnerability in the VLC media player that could allow an attacker to execute arbitrary code on target systems. VLC is a popular open-source media player...
Continue reading
  0 Comments
0 Comments

Flaw in Outlook for Android Allows for Data Theft

view counter
A vulnerability recently addressed in Outlook for Android allows an attacker to steal information from the affected device. The vulnerability, Microsoft reveals, resides in the manner in which Outlook for Android...
Continue reading
  0 Comments
0 Comments

Protection Against Side-Channel Attacks Added to OpenSSH

view counter
Protection against Spectre, Meltdown , Rowhammer , RAMBleed and other side-channel attacks has been added to OpenSSH. These recently uncovered attack methods can allow malicious actors to obtain passwords, encryption keys...
Continue reading
  0 Comments
0 Comments

TrueFort Secures $13.7 Million in Series A Funding

view counter
Real-time application behavior analytics, control, and protection provider TrueFort has raised $13.7 million in a Series A funding round. Founded in 2015, the New Jersey-based company provides an application behavior security...
Continue reading
  0 Comments
0 Comments

New Attack Delivers FlawedAmmyy RAT Directly in Memory

view counter
A recently discovered malicious campaign is aiming at infecting victim machines by delivering the notorious FlawedAmmyy RAT directly in memory, Microsoft warns. FlawedAmmyy is a remote access Trojan (RAT) that provides...
Continue reading
  0 Comments
0 Comments

Iran Denies Being Hit by US Cyber Attack

Iran denies being hacked by US
view counter
Iran said Monday that no cyber attack against the Islamic republic has ever succeeded, after American media reported the US launched one last week amid a standoff between the two countries....
Continue reading
  0 Comments
0 Comments

Mac Malware Delivered via Firefox Exploits Analyzed

view counter
A researcher has conducted a detailed analysis of the two pieces of Mac malware delivered recently by threat actors to cryptocurrency exchanges via two Firefox vulnerabilities. Updates released by Mozilla last...
Continue reading
  0 Comments
0 Comments

WeTransfer Security Incident: File Transfer Emails Sent to Wrong People

WeTransfer security incident
view counter
The popular file transfer service WeTransfer issued a security notice on Friday after discovering that some file transfer emails were sent to the wrong individuals. According to WeTransfer , file transfer...
Continue reading
  0 Comments
0 Comments

Ex-Senate Aide Sentenced to 4 Years in Prison for Data Leak

view counter
A former congressional staffer was sentenced to four years in prison Wednesday after pleading guilty to illegally posting online the home addresses and telephone numbers of five Republican senators who backed...
Continue reading
  0 Comments
0 Comments

U.S. Struck Iranian Military Computers This Week: AP Sources

US Launched a Cyber Attack Against Iran, reports say
view counter
U.S. military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to...
Continue reading
  0 Comments
0 Comments

Report: Jet Propulsion Laboratory Hacked for 10 Months

NASA Jet Propulsion Laboratory hacked for 10 months
view counter
view counter
A report says hackers stole data from NASA's Jet Propulsion Laboratory in Southern California for nearly a year without being detected. The Pasadena Star-News reports Friday that security weaknesses allowed hackers...
Continue reading
  0 Comments
0 Comments

U.S. Launched Cyber Attacks on Iran After Drone Shootdown: Reports

US Launched a Cyber Attack Against Iran, reports say
view counter
The United States launched cyber attacks against Iranian missile control systems and a spy network this week after Tehran downed an American surveillance drone, US media reported on Saturday. US President...
Continue reading
  0 Comments
0 Comments

New Botnet Exploits Android Debug Bridge and SSH

view counter
A newly discovered crypto-currency mining botnet can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH), Trend Micro reports.  Designed to help developers easily communicate with devices remotely,...
Continue reading
  0 Comments
0 Comments

Data on Patients Taking Vascepa Prescription Medication Exposed

view counter
78,000 Patient Healthcare Records Exposed in Unsecured MongoDB Database Vascepa is a prescription drug from Amarin that is used to control high levels of triglycerides (let's say, 'bad fat') in the...
Continue reading
  0 Comments
0 Comments

macOS Crypto-Miner Emulates Linux

view counter
New crypto-currency mining malware is targeting systems running macOS, and works by emulating Linux, Malwarebytes security researchers have discovered. Detected as Bird Miner, the threat spreads via a cracked installer for...
Continue reading
  0 Comments
0 Comments

Millions of Devices Exposed to Attacks Due to Flaw in PC-Doctor Software

view counter
More than 100 million computers from Dell and other vendors may have been exposed to hacker attacks due to a serious vulnerability in software made by hardware diagnostic tools provider PC-Doctor....
Continue reading
  0 Comments
0 Comments

Massive Data Breach at Canada Credit Union Giant Desjardins

view counter
Canada's Desjardins credit union announced Thursday that the personal banking information of 2.9 million customers had been stolen by an employee and distributed to outside parties. The nation's largest credit union...
Continue reading
  0 Comments
0 Comments

UK Regulator Calls Out Compliance Failures in Targeted Advertising Industry

view counter
The UK regulator for data protection and privacy (the Information Commissioner's Office -- ICO) has published a report on its ongoing investigation into the adtech and real-time bidding (RTB) industries. This...
Continue reading
  0 Comments
0 Comments

Phishing Campaign Impersonates DHS Alerts

view counter
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on a phishing campaign using attachments that impersonate the Department of Homeland Security (DHS).  In an effort to make their...
Continue reading
  0 Comments
0 Comments

Cloud Data Protection Firm Druva Raises $130 Million

view counter
Cloud data protection and management provider Druva on Thursday announced $130 million in new funding, which brings the total raised by the company to date to $328 million.  The Sunnyvale, California-based...
Continue reading
  0 Comments
0 Comments