The team behind the open source PrestaShop ecommerce platform has issued a public advisory to warn of zero day SQL injection attacks hitting merchant servers and planting code capable of stealing customer payment information.
Senators Introduce Bipartisan Quantum Computing Cybersecurity Bill
A bipartisan bill that seeks to strengthen national security against quantum-computing threats has been introduced in the US Senate.
Co-sponsored by Senators Rob Portman (R-OH) and Maggie Hassan (D-NH), the bill was introduced in the House in April and passed in July.
Uber Settles With Federal Investigators Over 2016 Data Breach Coverup
Uber has entered a non-prosecution agreement to resolve a criminal investigation into the manner in which the company handled a 2016 data breach that impacted 57 million users and drivers.
1,000 Organizations Exposed to Remote Attacks by FileWave MDM Vulnerabilities
Vulnerabilities affecting a mobile device management (MDM) product from FileWave exposed many organizations to remote attacks, according to industrial cybersecurity firm Claroty.
Updated TSA Pipeline Cybersecurity Requirements Offer More Flexibility
The Transportation Security Administration (TSA) has updated its directive for oil and natural gas pipeline cybersecurity, providing owners and operators more flexibility in achieving the outlined goals.
Atlassian Expects Confluence App Exploitation After Hardcoded Password Leak
Atlassian has warned customers that a vulnerability in Questions for Confluence will likely be used in attacks after someone made public a piece of information needed to exploit a recently addressed vulnerability.
T-Mobile Settles to Pay $350M to Customers in Data Breach
T- Mobile has agreed to pay $350 million to customers affected by a class action lawsuit filed after the company disclosed last August that personal data like social security numbers had been stolen in a read more
SonicWall Warns of Critical GMS SQL Injection Vulnerability
Network security appliance vendor SonicWall late Thursday shipped urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the issue exposes businesses to remote hacker attacks.
Chrome Flaw Exploited by Israeli Spyware Firm Also Impacts Edge, Safari
A recently patched Chrome vulnerability that appears to have been exploited by an Israeli spyware company also impacts Microsoft’s Edge and Apple’s Safari web browsers.
Intezer Documents Powerful ‘Lightning Framework’ Linux Malware
Security researchers at Intezer are documenting the discovery of a powerful piece of Linux malware that can stay undetected and has the ability to install rootkits.
