News

The cross-site scripting vulnerability could have allowed trivial account takeover. Facebook has awarded a security researcher $20,000 for discovering a cross-site scripting (XSS) vulnerability in the Facebook Login SDK, which is used by developers to add a “Continue with Facebook” button to a page as an authentication method. Exploitation could allow threat actors to hijack accounts. Security researcher Vinoth Kumar identified a Document Object Model-based (DOM) XSS flaw in the window.postMessage() method of the platform’s...

Logins, personal information and tax info were all exfiltrated ahead of the ransomware attack, thanks to a phishing email. Magellan Health, the Fortune 500 insurance company, has reported a ransomware attack and a data breach. The company, which says it “empowers 1 in 10 Americans to lead healthier, more vibrant lives” according to its website, said the incident was discovered on April 11. It also said that it became apparent during a forensic investigation that...

Texas appellate courts and judicial agencies’ websites and computer servers were shut down after a ransomware attack. A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested by the cybercriminals. Specifically affected is the Office of Court Administration (OCA), which is the IT provider for the appellate...

Microsoft’s May edition of Patch Tuesday landed yesterday, replete with critical updates for SharePoint Server as well as client-side patches for the Internet Explorer (IE) and Edge web browsers. Although the update batch tackles a bumper 111 flaws – including 16 rated as ‘critical’ – none have been exploited in the wild to date, according to Microsoft. A series of patches for SharePoint collectively address 12 security vulnerabilities, including four critical flaws that pose a...

ATM manufacturer Diebold Nixdorf has suffered a ransomware attack on its corporate network, disrupting some operations. The malware attack, first reported by security blogger Brian Krebs, did not affect the company's ATMs or customer networks. Diebold Nixdorf discovered the issue - in which crooks appear to have installed the ProLock ransomware - on 25 April. The firm disconnected systems on the affected network to contain the malware and says that it did not pay a...

The U.S. Marshals Service (USMS) has started notifying 387,000 former and current inmates of a security breach that may have compromised their personal identifiable information. According to USMS officials, the incident occurred in December 2019, when a bad actor infiltrated the DSNet system, a platform that aids “the movement and housing of USMS prisoners with the federal courts, Bureau of Prisons, and within the agency.” The attacked exploited a vulnerability in the system to steal...

Magellan Health, the Fortune 500 insurance company, has reported a ransomware attack and a data breach. The company, which says it “empowers 1 in 10 Americans to lead healthier, more vibrant lives” according to its website, said the incident was discovered on April 11. It also said that it became apparent during a forensic investigation that the ransomware attack was the final stage in a longer campaign. “The unauthorized actor gained access to Magellan’s systems after...

A month after hacker forum WeLeakData.com was shuttered, the content of its database, including hackers’ private messages, is for sale on the dark web. Noting claims that the FBI seized the forum, resulting in its closure, are unsupported, researchers at Cyble who identified and verified the database leak said, “After a brief time of being offline, allegedly, the site was sold to a new member of the forum, and came back online.” About the same...

Important-rated EoP flaws make up the bulk of the CVEs; SharePoint continues its critical run with four worrying bugs. Microsoft has released fixes for 111 security vulnerabilities in its May Patch Tuesday update, including 16 critical bugs and 96 that are rated important. Unlike other recent monthly updates from the computing giant this year, none of the flaws are publicly known or under active attack at the time of release. Along with the expected cache...

Severe CSRF to XSS bugs open the door to code execution and complete website compromise. Page Builder by SiteOrigin, a WordPress plugin with a million active installs that’s used to build websites via a drag-and-drop function, harbors two flaws that can allow full site takeover. According to researchers at WordPress, both security bugs can lead to cross-site request forgery (CSRF) and reflected cross-site scripting (XSS). They “allow attackers to forge requests on behalf of a...