BayPay Members Blogs

This additional resource is sponsored by The BayPay Forum.

SAP Patches Critical Flaw in Diagnostics Agent

view counter
SAP this week released 11 Security Notes as part of the Patch Day – July 2019, one of which was a Hot News Note addressing a Critical vulnerability in Diagnostics Agent....
Continue reading
  0 Comments
0 Comments

Buhtrap Group Used Windows Zero-Day in Government Attack

view counter
One of the two  Windows zero-day vulnerabilities fixed by Microsoft with its July 2019 Patch Tuesday updates was used by a threat group known as Buhtrap to target a government organization...
Continue reading
  0 Comments
0 Comments

Ex-IT Worker Who Hacked Former Company's Website Gets Prison

view counter
An Arizona man has been sentenced to 27 months in federal prison for hacking into computer systems operated by his former California employer and then deleting its website and marketing materials....
Continue reading
  0 Comments
0 Comments

Ransomware Targets QNAP Linux Systems

view counter
A recently observed ransomware family is targeting Linux-based file storage systems (NAS servers) made by QNAP, Intezer’s security researchers reveal.  Dubbed QNAPCrypt, the threat targets said NAS servers in an attempt...
Continue reading
  0 Comments
0 Comments

Intel Patches Serious Vulnerability in Processor Diagnostic Tool

view counter
Intel’s Patch Tuesday updates for July 2019 fix a serious vulnerability in the company’s Processor Diagnostic Tool and a less serious issue in its Solid State Drives (SSD) for Data Centers...
Continue reading
  0 Comments
0 Comments

Sea Turtle's DNS Hijacking Continues Despite Exposure

view counter
In April 2019, Cisco Talos researchers reported on an ongoing state-sponsored DNS hijacking campaign that had compromised at least 40 different organizations in 13 countries. They named the campaign Sea Turtle,...
Continue reading
  0 Comments
0 Comments

Flaw in Rockwell PanelView Allows Root-Level Access to Devices

view counter
A serious vulnerability in Rockwell Automation’s PanelView graphics terminals allows a remote, unauthenticated attacker to gain root-level access to the device’s file system. According to security advisories published on Tuesday by...
Continue reading
  0 Comments
0 Comments

Privacy Compliance Firm TrustArc Raises $70 Million

view counter
San Francisco-based privacy compliance and data protection firm TrustArc on Wednesday announced that it raised $70 million in a Series D funding round. The latest funding round, which brings the total...
Continue reading
  0 Comments
0 Comments

Marriott to Contest $124 Million Fine Imposed by UK Data Protection Regulator

view counter
Marriott International says it will fight a large fine resulting from a massive data breach that was discovered in 2018. Following the July 8 statement of intention to fine British Airways...
Continue reading
  0 Comments
0 Comments

ChatOps is Your Bridge to a True DevSecOps Environment

view counter
The way we build, provision, maintain and secure apps continues to evolve. As agile development practices put pressure on operations, organizations move to DevOps where both functions are synchronized. This in...
Continue reading
  0 Comments
0 Comments

Researchers Find 17,490 Anubis Android Malware Samples

view counter
Two related servers were recently found hosting 17,490 samples of the same Android malware, Trend Micro’s security researchers say. Dubbed Anubis, the mobile malware has received numerous updates since first observed...
Continue reading
  0 Comments
0 Comments

GE Says Anesthesia Machine Vulnerability Poses No Risk to Patients

GE anesthesia machines can be hacked
view counter
Researchers have discovered a vulnerability that can be used to hack some of GE Healthcare’s hospital anesthesia devices, but the vendor says it does not pose a direct risk to patients....
Continue reading
  0 Comments
0 Comments

Marriott Faces $123 Million Fine in UK for Data Breach

view counter
Marriott says it will fight a $123 million U.K. government fine related to its massive data breach. Marriott has the right to respond to the proposed fine before a final determination...
Continue reading
  0 Comments
0 Comments

In the Detection and Response Era, a Unified SOC is the Path to Success

view counter
This may be cheesy, and half of you reading this may not have been alive at the time to remember, but President Ronald Reagan’s appeal more than 30 years ago to...
Continue reading
  0 Comments
0 Comments

Two Windows Privilege Escalation Vulnerabilities Exploited in Attacks

view counter
Microsoft’s July 2019 Patch Tuesday updates fix nearly 80 vulnerabilities, including two Windows zero-day flaws and six issues whose details were previously made public. One of the zero-day vulnerabilities is CVE-2019-0880...
Continue reading
  0 Comments
0 Comments

Vulnerability Gives Attackers Remote Access to Zoom Users’ Cameras

view counter
A vulnerability in the Zoom Client for Mac allows a remote attacker to force a user into joining a video call with the video camera active, a security researcher has discovered. ...
Continue reading
  0 Comments
0 Comments

UK Spy Agency Decrypts Some Secrets With New Exhibition

view counter
Historic gadgets used by British spies will be revealed for the first time later this week, as one of the country's intelligence agencies steps out the shadows to mark its centenary...
Continue reading
  0 Comments
0 Comments

Adobe Fixes Low Priority Flaws With July 2019 Patch Tuesday Updates

view counter
Adobe’s Patch Tuesday updates for July 2019 address vulnerabilities in the company’s Bridge CC, Experience Manager and Dreamweaver products, but none of the security holes appear serious. The latest update for...
Continue reading
  0 Comments
0 Comments

Malware Isolation Firm Menlo Security Raises $75 Million

Menlo Security Logo
view counter
Menlo Security, a provider of zero-trust internet isolation services, has raised $75 million in a Series D funding round led by clients advised by JP Morgan Asset Management. Existing investors, including...
Continue reading
  0 Comments
0 Comments

Fileless Attack Attempts to Run Astaroth Backdoor Directly in Memory

view counter
Microsoft says it recently detected and stopped a fileless campaign looking to deliver the Astaroth Trojan to unsuspecting victims.  The malware has been around for a couple of years and is...
Continue reading
  0 Comments
0 Comments