Silensec Newsletter

Category: News

Top News

U.S. charges WikiLeaks' Julian Assange with violation of the Espionage Act

A federal grand jury has indicted WikiLeaks founder Julian Assange on 18 counts under the U.S. Espionage Act for his role in publishing classified material. The 18-count superseding indictment is now likely to intensify the legal dispute surrounding the 47-year-old Assange and whether his publishing of classified documents is an act of espionage or a protected right under the First Amendment.

Read more...

Instagram website leaked phone numbers and emails for months, researcher says

Instagram's website leaked user contact information, including phone numbers and email addresses, over a period of at least four months, a researcher says. The source code for some Instagram user profiles included the account holder's contact information whenever it loaded in a web browser, a data scientist and business consultant, who notified Instagram shortly after he discovered the problem earlier this year.

Read more...

Major Hacks of the Week

Account hijacking forum OGUsers pwned

On 12th May, hackers managed to steal the database of a famous hijacker forum called OGUsers. This forum is used by hackers and online account hijackers, which means that the hackers have now been given a taste of their own medicine.

The database contained around 112,988 user accounts and the stolen information included hashed passwords, email IDs, IP addresses, and confidential forum messages.

Read more...

Medical Informatics Engineering Agrees to Pay $100,000 and to Implement Corrective Action Plan to Settle 2015 HIPAA Breach

Medical Informatics Engineering, Inc. (MIE) has paid $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services, and has agreed take corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. MIE is an Indiana company that provides software and electronic medical record services to healthcare providers.

Read more...

Major Vulnerabilities Disclosed

PoC Exploits for CVE-2019-0708 wormable Windows flaw released online

Experts have developed several proof-of-concept (PoC) exploits for the recently patched Windows Remote Desktop Services (RDS) vulnerability tracked as CVE-2019-0708 and dubbed BlueKeep. One of the PoC exploits could be used for remote code execution on vulnerable systems.

Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including a Windows zero-day flaw and an RDS vulnerability that can be exploited to carry out WannaCry-like attack.

Read more...

Researcher drops 3 separate 0-day Windows exploits in 24 hours

The security researcher who posted a claimed zero-day Windows 10 vulnerability on GitHub Tuesday, recently posted the remaining four exploits that he/she said he/she possessed. This is not the first time that Sandbox Escaper has publicly disclosed Windows 0-days.

The four new exploits are described as AngryPolarBearBug2, SandboxEscape, InstallerBypass and CVE-2019-0841-BYPASS.

Read more...

Legal, Regulatory and Corporate
Security and Beyond

Most security pros have considered quitting due to a lack of resources

Companies are suffering from a lack of resources, both in terms of people and technology (79%), and 72% have considered leaving their jobs for this reason, Censornet research reveals.

Security professionals believe their jobs and the overall security of their organizations would benefit from an autonomous security solution that could automatically react to and prevent attacks.

Read more...

High-risk behaviors expose most travelers to cyber risks

The travel industry and its customers are increasingly the targets of cyberattacks as criminals seek to monetize highly valuable travel data, according to the new IBM Security research. Compounding the problem, a new survey conducted by Morning Consult on behalf of IBM Security reveals that travelers are still blind to the risks they face on the road.

Read more...

Security Awareness Tip

Information security: Data Back-Up

We all have an idea of how crazy it gets when we loose important information, with out having backed it all up and what this would mean to a person or a major organization. Backing up of network systems and workstations should be done religiously.

Once a week is a good start, but every three days is better. Back them up to three different places: onsite, off-site and the cloud if you can (so backup tapes and media cannot be affected by the ransomware infection).

Ransomware can be transmitted by email, too. And its effects are well known: having backups ready to go will dramatically lessen the chances that a ransomware attack will cause your company a significant problem for more than a day or so.

Backup solutions exist at various points, and you don’t have to have huge amounts of cash on hand to purchase them. A little diligence here can save you a lot of pain and suffering and will form a great backbone for your incident response and business continuity plans, according to a report by the ITSP magazine.

Read more...

Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.


Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed