Tag Archives: Tesco

10Fold- Security Never Sleeps- 120

412 Million FriendFinder Accounts Hacked

“World’s largest Sex and Swinger network users exposed to cybercriminals”

Last month hackers were able to successfully infiltrate AdultFriendFinder, Cams.com, and several other FriendFinder Networks sites, but the user information has yet to be released to the general public. The attack came from a local inclusion exploit, allowing the hackers to gain access to all of the sites without proper authentication.

VMware Workstation Code Execution Flaw Found by Hackers

“Patches security vulnerabilities across several versions”

A critical out-of-bounds memory access flaw, labeled as CVE-2016-7461, has been patched by VMware as of Sunday. The vulnerability allowed for guests to give arbitrary command over host servers that run Fusion or Workstation.

New DoS Technique Adds to Growing Concerns of Cyber Attacks

“New DDoS attack technique capable of using one laptop to bring down high-bandwidth firewalls”

A new cyberattack method, referred to as BlackNurse, is capable of sending ICMP packets in levels that overload major systems far easier than what has been previously observed. Far more CPU resources is required than normal to address the requests these packets request, creating substantial malfunctions and ping floods.

Tesco Allegedly Warned Before Historic Breach

“Cyber security firms claim firm knew attack was coming”

Dark web hackers were apparently observed boasting online about the ease in which they could steal from the bank. Many security firms had issued warnings to Tesco, reporting that these hackers referred to the bank as a ‘cash milking cow.’ Despite the bragging, there is no concrete evidence that the user is connected to the breach earlier this month, but the lack of preparation stemming from the bank has caused many concerns about the credibility of its security systems.

 

 

 

10Fold- Security Never Sleeps- 118

Tesco Acknowledges, Apologizes for Compromise of Over 40,000 Accounts

“Cash stolen from about half of accounts accessed”

One of the biggest hacking events on a bank in United Kingdom history occurred Monday, ending with nearly 40,000 accounts compromised according to Tesco CEO Benny Higgins. “Online criminal activity” was reported by the firm over the weekend, and it was later reported that 15% of its total accounts had shown signs of fraudulent withdrawal. The bank has issued various statements on the refunding of cash thefts to date.

RCE Flaw in Bopup Found

“Enterprise IM manager has significant security breach”

Cybersecurity service firm Trustwave has found a remote code execution flaw in Bopup Communications servers, a buffer overflow that cybercriminals to exploit the application. A packet is able to be sent to a remote administration port and allows for remote execution of commands on the communication sites servers.

Controversial Cybersecurity Law Passes in China

“Watchdog organizations warn of human rights violations”

Greater control over the internet in China has many worried about implications towards businesses and individual rights. While the government added certain amendments to address these concerns, it did little to appease critics. Many corporations have announced that the law will force them out of the country, while Sophie Richardson of Human Rights Watch has declared that the requiring of local storage data is in violation with many international treaties.

Moxa Ethernet Products Found to Have Serious Issues

“Critical and moderate vulnerabilities found”

Several security flaws have been detected in Taiwan based Moxa Industrial Ethernet products, according to an advisory recently distributed by ICS-CERT. The Moxa OnCell LTE cellular gateways, AWK Wireless AP/bridge/client products, TAP railway wireless units, and WAC wireless access controllers have improper authentication and other vulnerabilities.