One Vendor, Two Unprotected Servers Equal Disaster Agilisium, a cloud storage vendor to Universal Music Group, exposed UMG’s internal FTP credentials, AWS Secret Keys and Passwords and the internal and SQL root password to the open internet – all via two instances of the Apache Airflow server with no password. Your Vendor Cyber Risk Management Program […]
Continue reading → [DISPLAY_ACURAX_ICONS]A 24 year old South Carolina mom, Jamie Summitt, got a rather rude lesson in cyber security. She purchased a “smart” baby monitor that she could watch from her equally smart phone, only to wake up one day to find the baby monitor pointed at her. She didn’t think much about that until she watched […]
Continue reading → [DISPLAY_ACURAX_ICONS]Paul Manafoft, President Trump’s former campaign manager, is in trouble with the Feds. Again. Federal prosecutors say that Manafort attempted to tamper with witnesses to make sure that their testimony coordinated with his. How the feds found out is that they got a warrant for his iCloud account. Whatsapp and Telegram messages backed up to […]
Continue reading → [DISPLAY_ACURAX_ICONS]Effective September 1, 2018, *ALL* companies doing business in Colorado will have just 30 days to notify residents if their data was breached. That is just one of the new rules. The rules apply to both government entities and businesses, which is a bit of a surprise. Different laws, but basically the same requirements. What […]
Continue reading → [DISPLAY_ACURAX_ICONS]8 new Spectre-Class Vulnerabilities Researchers have reportedly found *8* new Spectre-class vulnerabilties. Intel has classified 4 of them high risk and 4 of them medium risk, although they are not releasing any details on them – yet. The entire set is being referred to as Spectre Next Generation or Spectre-NG. At least one of them […]
Continue reading → [DISPLAY_ACURAX_ICONS]