Day: July 1, 2020

Ransomware Gangs Don’t Need PR Help

By mootiny

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime. Often the rationale behind couching these events as newsworthy is that the attacks involve publicly traded companies or recognizable brands, and that investors and the public have a right to…

SEC Consult SA-20200701-0 :: Reflected Cross-Site Scripting (XSS) in EQDKP Plus CMS

By mootiny

Posted by SEC Consult Vulnerability Lab on Jul 01SEC Consult Vulnerability Lab Security Advisory < 20200701-0 >
======================================================================= title: Reflected Cross-Site Scripting (XSS) Vulnerability product: EQDKP Plus CMS vulnerable version: <= 2.3.29 fixed version: 2.3.30 CVE number: – impact: Low homepage: https://eqdkp-plus.eu/ found: 2020-04-01… …

Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws

By mootiny

Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions’ users. To be noted, Microsoft rushed to deliver patches almost two weeks before the upcoming monthly ‘Patch Tuesday Updates’ scheduled for 14th July. That’s likely because both flaws reside in the Windows Codecs…

Details of Beijing’s new Hong Kong security law signal end to more than two decades of autonomy

By mootiny

Legislation to root out subversion, terrorism and collusion with foreign forces following year of civil unrest China’s mainland government has enforced a sweeping national security law in Hong Kong, increasing its hold on the territory in what HK’s chief exec, Carrie Lam, has described as the “most important development” in the former British colony’s history since its handover.… …

Details of Beijing’s new Hong Kong security law revealed: Signals end to more than two decades of autonomy

By mootiny

Legislation to root out subversion, terrorism and collusion with foreign forces following year of civil unrest China’s mainland government has enforced a sweeping national security law in Hong Kong, increasing its hold on the territory in what HK’s chief exec, Carrie Lam, has described as the “most important development” in the former British colony’s history since its handover.… …

Use This Definitive RFP Template to Effectively Evaluate XDR solutions

By mootiny

A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response. Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions. XDR has been referred to as the next step in the evolution of Endpoint…

A New Ransomware Targeting Apple macOS Users Through Pirated Apps

By mootiny

Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed “EvilQuest” — is packaged along with legitimate apps, which upon installation, disguises itself as Apple’s…