data theft

Introduction CVE-2017-0199 is a remote code execution vulnerability that exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploits this vulnerability can take control of an affected system and then install programs, view, change, or delete data, or create new accounts with full user rights. Microsoft issued a patch for this vulnerability April, and most security vendors have published alarms for it. Unfortunately, attacks targeting this vulnerability are still widely being used... [Read More]
by RSS Bahare Sabouri and He Xu  |  May 30, 2017  |  Filed in: Security Research
Early this week it was reported that an IT contractor working for a company called Korea Credit Bureau - which among other things manages credit ratings of consumers - copied the names, social security numbers, phone numbers, home and business addresses, bank account numbers and credit card information of 15 to 20 million South Koreans in an attempt to sell that information to third party marketing firms. The theft came to light when the contractor was arrested. It appears that managers at the firms that purchased the data were also arrested. Some... [Read More]
by RSS Richard Henderson  |  Jan 21, 2014  |  Filed in: Industry Trends