Passwordstate hackers phish for more victims with updated malware

Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware. Last week, the company notified its users that attackers successfully compromised the password manager’s update mechanism Read More …

Passwordstate password manager hacked in supply chain attack

Click Studios, the company behind the Passwordstate enterprise password manager, notified customers that attackers compromised the app’s update mechanism to deliver malware in a supply-chain attack after breaching its networks. Passwordstate is an on-premises password management solution used by over Read More …

Kerberos KDC Security Feature Bypass Vulnerability (CVE-2020-17049 AKA Bronze Bit)

A recent vulnerability in the Kerberos authentication protocol, CVE-2020-17049 (dubbed Bronze Bit), has been disclosed by Microsoft. The vulnerability is in the way that the Key Distribution Center (KDC) handles service tickets and validates whether delegation is allowed. In the Read More …

Industrial Remote Access: Why It’s Not Something to Fear

Increased uptime? Check. Better access to outside expertise? Check. Improved first-time-fix rate? Check. These are just some of the benefits of industrial remote access. Yet many customers are reluctant to embrace remote access. Not only that, but incidents such as Read More …

Cisco fixes critical pre-auth bugs in SD-WAN, cloud license manager

Cisco has released security updates to address pre-auth remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software. SD-WAN are software products that help manage wide-area networks (WAN) while Smart Software Manager is a Read More …

Twitter Could Face $250M FTC Fine Over Improper Data Use

Twitter may be facing a Federal Trade Commission (FTC) fine of up to $250 million, after the social media giant last year revealed the improper use of users’ email addresses and phone numbers. In October 2019, Twitter acknowledged that user Read More …