Silensec Newsletter

Category: News

Top News

Several vulnerabilities found in Cisco Industrial Network Director

Cisco on recently informed customers that several vulnerabilities, including a code execution flaw classified as "high severity," have been found in the company's Industrial Network Director product. While conducting internal security testing, Cisco employees identified three types of vulnerabilities in Industrial Network Director. The most serious of them, tracked as CVE-2019-1861 with a CVSS score of 7.2, is a remote code execution flaw.

Read more...

Hackers steal $9.5 million from GateHub cryptocurrency wallets

Cybercriminals have stolen 23.2 million Ripple coins (XRP), worth nearly $9.5M, from the users of the GateHub cryptocurrency wallet service. The company admitted to the security breach in a preliminary statement posted on its website. While the incident is still under investigation, the company believes the hacker abused its API to carry out the attacks, though it is unsure how.

Read more...

Major Hacks of the Week

Almost 100k Australians' private details exposed in attack on Westpac's PayID

Private details of almost 100k Australian bank customers have been exposed in a cyberattack on the real-time payments platform PayID, which allows the instant transfer of money between banks using either a mobile number or email address.

The attack on Westpac has prompted a warning from computer security experts who say that the pilfered data could be used for fraud.

Read more...

Hackers attacked the Russian State exam system for two days

Days of passing State exams are very important for 11th-grade students of Russian schools. Their future life depends on the results of the most important exam in life. It turned out that hackers wanted to influence the results of final exams.

The Federal Education and Science Supervisory Department reported on cyber attacks on information systems of the Unified State Exam (USE). According to the Department, mass DDoS-attacks on servers providing information exchange were recorded.

Read more...

Major Vulnerabilities Disclosed

Cathay Pacific's unpatched decade-old vulnerability led to 2018 breach

In a media statement from the Privacy Commissioner's Office following the conclusion of their investigation into the 2018 Cathay Pacific Airways breach, an incident that caused unauthorised access to personal data of approximately 9.4M passengers of Cathay Pacific Airways Limited and Hong Kong Dragon Airlines Limited (collectively referred to as Cathay), the compmany claimed it was unable to update the system due to an application involved being incompatible with an Airbus fleet manual application.

Read more...

Hacker discloses 2nd 0Day to bypass patch for Windows EoP flaw

An anonymous security researcher today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system.

The researcher is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has disclosed over half a dozen zero-day vulnerabilities in Windows OS without actually bothering to make Microsoft aware of the issues first.

Read more...

Legal, Regulatory and Corporate
Security and Beyond

Google outages in eastern US affected Gmail, G-Suite, YouTube, and more

Network problems on the East Coast of the US caused massive outages in Google Cloud and the Google Compute Engine, impacting all the services that rely on them. Several Google services, including G Suite, Gmail, YouTube networks were affected. Users also experience problems in accessing 3rd-party services such as Snapchat and Discord.

Read more...

Australian National University breached with 19 years of data accessed

Australian National University Vice Chancellor Brian Schmidt disclosed a massive breach on the university's systems on Tuesday morning. The breach was discovered a fortnight ago on May 17, with the university being first accessed during "late 2018".

According to the Vice Chancellor, the systems involving research work, credit card details, travel information, medical records, police checks, workers' compensation, vehicle registration numbers, and some performance records were not caught up in the breach.

Read more...

Security Awareness Tip

Protect Yourself on Social Media

Social media offers new opportunities to engage and connect beyond your immediate network of friends and colleagues, but with this connectedness comes risk. It’s important to set protections in place before engaging on social media.

First, you need to enable two-factor authentication for all your accounts, especially those accessed by multiple people (that means you, your marketing team(s). Use strong, unique passwords.

Next, check your friend lists, clean up your followers, friends, and contact list and remove any accounts that you do not recognize or could be fraudulent.

And finally, check to ensure that you haven’t been affected by a breach. If you do find that your email address has been involved in a breach, ensure that you update the password associated with the affected account ASAP!

Read more...

Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.


Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed