article thumbnail

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

Also on July 3, security incident response firm Mandiant notified Kaseya that their billing and customer support site — portal.kaseya.net — was vulnerable to CVE-2015-2862 , a “directory traversal” vulnerability in Kaseya VSA that allows remote users to read any files on the server using nothing more than a Web browser.

IT 310
article thumbnail

Lawmakers Demand Details on 2015 Juniper Data Incident

Data Breach Today

Bipartisan Group Wants Company Findings on NetScreen Backdoor Investigation A bipartisan group of lawmakers sent a letter to Juniper Networks seeking a more detailed explanation into a 2015 incident when an NSA-created algorithm - that may have included a backdoor - appeared in a company product that would have allowed VPN traffic to be decrypted.

222
222
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

UK Man Sentenced for 2015 TalkTalk Hack

Data Breach Today

22-Year-Old Also Attacked His Former School The fallout from the 2015 TalkTalk hack continues as a 22-year-old U.K. man was sentenced to jail Monday for his role in the attack and other cybercrimes, including an attack against his former school.

171
171
article thumbnail

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Security Affairs

Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. “In September 2015, Apple managers had a dilemma on their hands: should, or should they not notify 128 million iPhone users of what remains the worst mass iOS compromise on record? Pierluigi Paganini.

Passwords 121
article thumbnail

Naikon APT is flying under the radar since 2015

Security Affairs

” The activity of the group was detailed in a report published by Kaspersky in 2015, but in the last five years, the group drastically changed its modus operandi to go silent. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

article thumbnail

A Retrospective on the 2015 Ashley Madison Breach

Krebs on Security

As first reported by KrebsOnSecurity on July 19, 2015 , a group calling itself the “ Impact Team ” released data sampled from millions of users, as well as maps of internal company servers, employee network account information, company bank details and salary information. 18, 2015, the Impact Team posted a “Time’s up!”

Sales 55
article thumbnail

Adobe announces end of support for Acrobat 2015 and Adobe Reader 2015

Security Affairs

Adobe announces the end of support for Acrobat 2015 and Reader 2015. It’s official, Adobe announces the end of support for Adobe Acrobat and Reader 2015. It’s official, Adobe announces the end of support for Adobe Acrobat and Reader 2015, the company will no longer receive any security updates after the deadline.