Skip to main content

Posts

319 Accounts Compromised in Mailchimp Attack

  Email marketing firm Mailchimp announced on Monday that a hacker breached its internal tools and managed to gain access to 319 Mailchimp accounts for companies in the cryptocurrency and finance industries.  Read full story here . Disclosure: VMO also uses Mailchimp to store subscriber information, however we do not think our account was compromised. We also have two-factor authentication enabled on Mailchimp account.

PwC Canada fined $950K for internal training exam cheating

  The Canadian affiliate of Big Four audit firm PwC has agreed to pay $950,000 in penalties between two audit regulators after discovering widespread cheating among employees taking internal exams. Read more here .

Russian Cybersecurity Giant Kaspersky Tries to Maintain Neutrality During Ukraine War

  Around the same time Russian forces  launched a massive rocket into a square in Kharkiv , Ukraine’s second-largest city, killing and wounding an as of yet unknown number of people, Eugene Kaspersky, head of his namesake Russian cybersecurity firm,  tweeted that he hoped  negotiations between Ukraine and Russia would lead to “a compromise.” Read more here .

Update Google Chrome Now

  A zero day vulnerability in Google’s highly used browser Chrome requires that you update it to the new version immediately.  Zero-days triggered by memory mismanagement while the browser is rendering a page are always worrying  because remote code execution (RCE) holes in a browser often lead to so-called  drive-by downloads , where merely looking at a booby-trapped web page could leave you with malware implanted on your computer or your phone . Read more here . 

Document reveals how Ericsson was involved in corruption in ten other countries

  Confidential documents have revealed how the telecoms giant Ericsson is alleged to have helped pay bribes to the  Islamic State  terrorist group in order to continue selling its services after the militants seized control of large parts of Iraq. Read more here  

Toyota Halts Production after its supplier gets hit by suspected Cyber Attack

  TOKYO, Feb 28 (Reuters) - Toyota Motor said it will suspend domestic factory operations on Tuesday, losing around 13,000 cars of output, after a supplier of plastic parts and electronic components was hit by a suspected cyber attack. Read more here

Ericsson investigates in-house bribery scandal tied to ISIS

  Shares in Ericsson were down nearly 15% at one point today as investors reacted to reports that Ericsson may have made payments to the ISIS terror organization to gain access to certain transport routes in Iraq.  It is not the first time Erricsson has been accused of corruption. Sweden's telecom giant had previously agreed in Sept 2019 to pay more than $1bn to resolve allegations of bribery to the US Department of Justice. Read the story here.

Thales is accused of Bribery

  Thales eSecurity Inc. is a market leader in Encryption and Data Security domain. The French conglomerate has an Arms division that is accused of paying bribes to former South African President Jacob Zuma for a $2 Billion Arms deal.  Jacob Zuma and Thales deny the allegations, a court case will begin on May 17, 2022. Most recently the Court dismissed Zuma's attempt to remove the prosecutor from his corruption trial.  Read More here: News Link 1. News Link 2.

Unpatched MS-SQL Servers vulnerable to Cobalt Strike

  The ASEC analysis team has recently discovered the distribution of Cobalt Strike targeting MS-SQL servers that are vulnerable to malware attacks. It targets MS-SQL servers that are not patched. Read the complete story here .

Samsung shipped '100 million' phones with flawed encryption

  Academics at Tel Aviv University in Israel have found that recent Android-based Samsung phones shipped with design flaws that allow the extraction of secret cryptographic keys. If you have Corporate Samsung Phones or BYOD enabled Samsung Phones, you must act now. Read the complete story here.