Tag: patching

4 Cybersecurity Best Practices in Protecting Servers

4 Cybersecurity Best Practices in Protecting Servers

IT Support
4 Cybersecurity Best Practices in Protecting Servers  UK’s Information Commissioner's Office recently fined Cathay Pacific £500,000 for failing to protect the company’s servers leading to customers’ personal details being exposed, 111,578 of whom were from the UK, and nearly 9.4 million more worldwide. The data breach at Cathay Pacific came to light when the company disclosed on October 24, 2018 that it discovered unauthorized access to some of its information systems containing data of 9.4 million customers. In a statement about the fine imposed by the UK’s Information Commissioner's Office, Cathay Pacific said it "would once again like to express its regret, and to sincerely apologize for this incident". According to the UK’s Information Commissioner's Office, the large-scale data breach at Cathay Pacific covered the period of more than 4…
Read More
Travelex Ransomware Attack: Another Hard Lesson on Skimping Patching

Travelex Ransomware Attack: Another Hard Lesson on Skimping Patching

Information Security, IT Support
Travelex Ransomware Attack: Another Hard Lesson on Skimping Patching The recent ransomware attack on Travelex, considered as the world's biggest foreign currency exchange company, highlights the importance of applying security patches in a timely manner. Travelex disclosed that on New Year’s Eve it’s corporate network was hit by the ransomware called “Sodinokibi”, also known as REvil ransomware. In a ransomware attack, legitimate users are prevented in accessing their computers or their data. The company said it immediately took all its systems offline to prevent the spread of REvil ransomware across the company’s network, forcing the company’s staff to resort to using pen and paper. The company’s ransomware attack disclosure came seven days after the attack. The group behind the REvil ransomware told the BBC that it gained access to Travelex’…
Read More
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Information Security, IT Support
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows Microsoft is advising Windows users, including users of modern versions of Windows, to apply the recently released security update as this latest update fixes 2 wormable vulnerabilities. What Is Wormable Vulnerability? Wormable vulnerability refers to a security vulnerability in which future malicious software (malware) that exploits this vulnerability could spread from vulnerable computer to vulnerable computer without user interaction, specifically replicating itself in order to spread to other computers. CVE-2019-1181 and CVE-2019-1182are the 2 wormable vulnerabilities that Microsoft fixed in its latest update. Both security vulnerabilities CVE-2019-1181 and CVE-2019-1182 allow an attacker to send a specially crafted request to the target Windows systems via Remote Desktop Protocol (RDP) – a proprietary protocol developed by Microsoft, allowing a user to connect…
Read More

Tag: patching

4 Cybersecurity Best Practices in Protecting Servers

4 Cybersecurity Best Practices in Protecting Servers

IT Support
4 Cybersecurity Best Practices in Protecting Servers  UK’s Information Commissioner's Office recently fined Cathay Pacific £500,000 for failing to protect the company’s servers leading to customers’ personal details being exposed, 111,578 of whom were from the UK, and nearly 9.4 million more worldwide. The data breach at Cathay Pacific came to light when the company disclosed on October 24, 2018 that it discovered unauthorized access to some of its information systems containing data of 9.4 million customers. In a statement about the fine imposed by the UK’s Information Commissioner's Office, Cathay Pacific said it "would once again like to express its regret, and to sincerely apologize for this incident". According to the UK’s Information Commissioner's Office, the large-scale data breach at Cathay Pacific covered the period of more than 4…
Read More
Travelex Ransomware Attack: Another Hard Lesson on Skimping Patching

Travelex Ransomware Attack: Another Hard Lesson on Skimping Patching

Information Security, IT Support
Travelex Ransomware Attack: Another Hard Lesson on Skimping Patching The recent ransomware attack on Travelex, considered as the world's biggest foreign currency exchange company, highlights the importance of applying security patches in a timely manner. Travelex disclosed that on New Year’s Eve it’s corporate network was hit by the ransomware called “Sodinokibi”, also known as REvil ransomware. In a ransomware attack, legitimate users are prevented in accessing their computers or their data. The company said it immediately took all its systems offline to prevent the spread of REvil ransomware across the company’s network, forcing the company’s staff to resort to using pen and paper. The company’s ransomware attack disclosure came seven days after the attack. The group behind the REvil ransomware told the BBC that it gained access to Travelex’…
Read More
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows

Information Security, IT Support
Time to Patch: New Wormable Vulnerabilities Found in Modern Versions of Windows Microsoft is advising Windows users, including users of modern versions of Windows, to apply the recently released security update as this latest update fixes 2 wormable vulnerabilities. What Is Wormable Vulnerability? Wormable vulnerability refers to a security vulnerability in which future malicious software (malware) that exploits this vulnerability could spread from vulnerable computer to vulnerable computer without user interaction, specifically replicating itself in order to spread to other computers. CVE-2019-1181 and CVE-2019-1182are the 2 wormable vulnerabilities that Microsoft fixed in its latest update. Both security vulnerabilities CVE-2019-1181 and CVE-2019-1182 allow an attacker to send a specially crafted request to the target Windows systems via Remote Desktop Protocol (RDP) – a proprietary protocol developed by Microsoft, allowing a user to connect…
Read More