Entries by Security Incident Response Team

Threat Hunting or Efficiency: Pick Your EDR Path?

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Cybersecurity teams face a lot of conflicting objectives—both within their teams and from upper management. But a May 2019 commissioned study conducted by Forrester Consulting on behalf of McAfee really puts a fine point […]

Happy Birthday, CVE!

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). It was October 1999. Macs had just got embedded Wi-Fi, Napster had launched, and Yahoo had purchased Geocities for $3.6bn. Something else happened that escaped most computer users at the time: CVE posted its […]

Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).   An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored cross-site scripting (XSS) attacks. Sites running the plugin are vulnerable to unauthenticated plugin […]

Millions of passenger data publicly accessible in cloud storage buckets

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). The breach, which reportedly exposed data on millions of passengers, is one of many that have resulted from organizations leaving data publicly accessible in cloud storage buckets. Read more   Top 5 Security News […]

Crimeware in the Modern Era

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). “Crimeware is a cornerstone to financially motivated threat actors’ toolsets and sees consistent and continuous evolution in its operation. Crimeware developers have demonstrated resilience in the face of an evolving security landscape and law […]

Backdoor Found in Utility for Linux, Unix Servers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Backdoor was intentionally planted in 2018 and found during the DEF CON 2019 security conference when researchers stumbled upon malicious code. In an unnerving twist, when a critical zero-day vulnerability was reported in a […]

OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). In recent years, several groups of cybersecurity researchers have disclosed dozens of memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre, and Meltdown. Have you ever noticed they all had at […]