Breach at Third Party Contractor Affects 18,000 Anthem Members
Anthem last week began notifying 18,000 members affected by a data breach unrelated to 2015’s.
Chris Brook
About
"Distrust and caution are the parents of security" - Benjamin Franklin
Android Banking Trojan Svpeng Adds Keylogger
The authors behind the Android banking malware family Svpeng have added a keylogger to a recent strain, giving attackers yet another way to steal sensitive data.
Threatpost News Wrap, July 14, 2017
Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner.
Attackers have been carrying out WPSetup attacks, taking advantage of users who have installed WordPress but not yet configured it.
SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws in SAP POS and SAP Host Agent.
Version 10g of Oracle Access Manager suffers from vulnerabilities that could allow an attacker to hijack sessions.
Adobe only fixed six vulnerabilities in two products, making it the company’s smallest security bulletin of the year.
An international group of investigators were infected by Pegasus spyware while in Mexico, Citizen Lab reports.
Victims of Sabre Corp’s SynXis reservation system breach reportedly include both the Hard Rock Hotel and Casino chain and the Loews Hotel chain.
Certificate authority Let’s Encrypt said this week it will begin offering wildcard certificates in 2018.
