The Australian Cyber Security Centre (ACSC) has released new guidelines to assist organizations in securing Content Management Systems (CMS). The guidelines include good mitigation advice in areas of patching, account management, hardening and monitoring to name a few.
Identity & Access Management
Security experts from Kaspersky have discovered 37 vulnerabilities in four VNC implementations, some that have gone undetected since 1999.
Yubico has issued a recall of certain models of its YubiKey FIPS series devices after the company discovered security issues.
First American Financial Corp., one of the world’s largest real estate title insurance companies, exposed hundreds of millions of title insurance customer financial records.
The European Parliament voted in favor of a massive database to unify and track biometrics data of EU and non-EU citizens, as part of approved Interoperability Legislation.
Microsoft has seen a rise in recent cyberattack activity against European think tanks and non-profit organizations. The warning comes as European leaders warn attacks will continue across Europe in 2019.
Popular WordPress plugin maker WPML said their website was hacked over the weekend and led to the loss of customer data. The culprit was an ex-employee who exploited a backdoor planted on an unsecured web server.
Cybersecurity firm UpGuard has discovered an error in Amazon AWS bucket configuration that led to the exposure of internal GoDaddy infrastructure data.
Reddit, a popular social news aggregation and discussion website, suffered from a security breach between June 14 and June 18 of this year. The incident was discovered on June 19 and linked to weaknesses in SMS-based two-factor authentication (2FA).
Clarkson PLC (“Clarksons”), a British shipping company, recently revealed a single and isolated user account compromise was the cause of a data breach and theft of confidential information last year.