Equifax Ltd fined £11 million for Preventable Cyber Security Breach
Equifax has been fined £11 million by Britian’s financial watchdog for the 2017 cyber security breach. Equifax suffered one of the largest cyber security breach in 2017 which affected 147.9 million US consumers. The UK arm of the credit reporting firm, Equifax...Queensland Introduces Mandatory Data Breach Notification
The Queensland government has introduced legislation for data breach notification, joining NSW as the only other state to introduce such a scheme. There was a review done over a year ago into the culture and accountability of the Queensland government. One of the...Curl Patches Worst Security Flaw in Ages
Patches have been released for two security vulnerabilities affecting the curl data transfer library, one of which could potentially result in code execution. Earlier this week, the maintainers of curl announced that two vulnerabilities would be announced later during...Vulnerable WordPress Plugin Results in Thousands of Sites Hacked
Thousands of WordPress websites have been compromised by attackers exploiting a vulnerability in a popular plugin. More than 17,000 WordPress websites have been compromised and infected by multiple Balada Injector campaigns. The campaign exploited a known...Popular D-Link Wi-Fi Device Vulnerable to Command Injection Attack
A popular D-Link Wi-Fi range extender device is susceptible to remote command injection and there is currently no fix available. Security researchers have discovered that DAP-X1860 Mesh Wi-Fi 6 Range Extender device from D-Link is vulnerable to a command injection...Linux Distributions Vulnerable to Looney Tunables
A new Linux vulnerability, known as the Looney Tunables impacts most Linux distributions and allows attackers to gain administrative root privileges. The vulnerability, discovered by security researchers, is due to a weakness in the GNU C Library’s ld.so dynamic...ShellTorch Flaw Affecting Open Source AI Servers
Multiple critical vulnerabilities in the open-source TorchServe AI model-serving tool, potentially exposes tens of thousands of internet-exposed servers to remote code execution. Security researchers have disclosed multiple critical vulnerabilities in the TorchServe...First Malicious Open Source Component Discovered to Deploy RootKits
A malicious component in the npm package registry has been found to be deploying an open-source rootkit. The package is called node-hide-console-windows, which looks to be a typo-squat of the legitimate npm package node-hide-console-window. There is an additional s at...