You are here

Home » Cybersecurity

Cybersecurity

Hackers Wipe U.S. Servers of Email Provider, Erasing Customers’ Data

Hackers have breached the severs of email provider VFEmail and wiped the data from all its US servers, destroying customers' data in the process. "At this time, the attacker has formatted all the disks on every server," the company said yesterday. "Every VM is lost. Every file server is lost, every backup server is lost. This was more than a multi-password via SSH exploit, and there was no ransom. Just attack and destroy," VFEmail said. Founded in 2001 and based in Milwaukee, VFEmail provides email service to businesses and end users.

Microsoft Releases February 2019 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore, .NET Framework, Microsoft Exchange Server, Microsoft Visual Studio, Azure IoT SDK, Microsoft Dynamics, Team Foundation Server, and Visual Studio Code.

Siemens EN100 Ethernet Module (ICSA-19-038-02) – Product Used in the Energy Sector

The NCCIC has published an advisory on an improper input vulnerability in Siemens EN100 Ethernet Module. Firmware variant IEC 61850 for EN100 Ethernet module version prior to 4.33 is affected. The EN100 Ethernet module for the SWT 3000 management platform is affected by security vulnerabilities that could allow an attacker to conduct a denial-of-service attack over the network. Siemens has released update v4.33 for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available.

Siemens SICAM A8000 RTU Series (ICSA-19-038-01) – Product Used in the Energy Sector

The NCCIC has published an advisory on an uncaught exception vulnerability in Siemens SICAM A8000 RTU Series. Multiple versions are affected. The SICAM A8000 RTU series is affected by a security vulnerability that could allow unauthenticated remote users to cause a denial-of-service condition on the web server of affected products. Siemens has released updates for all product variants and recommends users update to the new versions. The NCCIC also advises on a series of mitigating measures for these vulnerabilities.

U.S. Experienced 14 Billion-Dollar Weather Disasters in 2018, According to NOAA

As part of its ongoing effort to track billion-dollar weather disasters, the National Oceanic and Atmospheric Administration (NOAA) reports there were 14 such events in the U.S. in 2018. Cumulatively, these events cost around $91 billion in damages. Both the number of events and their combined cost means 2018 ranks fourth highest since records began in 1980. Topping the list of disasters were Hurricane Michael, which caused $25 billion in damages, followed by the western U.S. wildfires and Hurricane Florence, which each caused $24 billion in damages.

Phishing Has Become the Root of Most Cyber Evil

Companies spend a huge amount of time and billions of dollars on security technology to keep threat actors out, and yet employees can negate all of these efforts by clicking on phishing links. According to one cybersecurity company, phishing was the root cause of 48 percent of the breaches it investigated. Many penetration testers have also confirmed the number one way to breach a company is by stealing a user’s credentials via phishing.

Canada is an “Attractive Target” for New Cyber Attack Techniques, Security Expert Testifies

Canada is an attractive target for malicious cyber operations and is often one of the first countries criminals and hostile nations target with new methods, cybersecurity expert and former CIA analyst Christopher Porter told Canada’s House of Commons committee Wednesday. Porter is the chief intelligence strategist at FireEye and was an analyst at the CIA for nine years, where he was tasked with briefing President Barack Obama’s National Security Council on cybersecurity.

Pages

Subscribe to Cybersecurity