Yowai and Hakai botnets abuse ThinkPHP vulnerability

Cybercriminals are exploiting a ThinkPHP vulnerability, recently patched in December 2018. The attackers are using exploited systems to then propagate two new botnets - Yowai (variant of Mirai) and Hakai (variant of Gafgyt).

Continue Reading Yowai and Hakai botnets abuse ThinkPHP vulnerability

Cisco fixes critical SD-WAN solution vulnerabilities

Cisco released a security update to fix a critical vulnerability in the vContainer of the Cisco SD-WAN Solution. A remote authenticated attacker could cause a denial of service (DoS) condition and execute arbitrary code as the root user.

Continue Reading Cisco fixes critical SD-WAN solution vulnerabilities

French data protection watchdog fines Google $57M for GDPR violations

French data protection watch dog and data privacy agency, CNIL, has imposed nearly a $57 million fine against Google for violating GDPR privacy rules. This is the first time GDPR-related penalties have been imposed against a large U.S. technology company since GDPR was first made into law last year.

Continue Reading French data protection watchdog fines Google $57M for GDPR violations

Online casino data leak exposes 108 million bets, personal data

A massive data leak from an ElasticSearch server has exposed information on over 108 million bets, as well as personal information, deposits and withdrawals. The server was not configured with any password or authentication required to protect the data.

Continue Reading Online casino data leak exposes 108 million bets, personal data