Entries by govanguard

Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?

As the coronavirus pandemic continues to worsen, remote-collaboration platforms – now fixtures in many workers’ “new normal” – are facing more scrutiny. Popular video-conferencing app Zoom may currently be in the cybersecurity hot seat, but other collaboration tools, such as Slack, Trello, WebEx and Microsoft Teams, are certainly not immune from cybercriminal attention. For organizations […]

Source

HTC Mania – 1,488,089 breached accounts

In January 2020, the Spanish mobile phone forum HTC Mania suffered a data breach of the vBulletin based site. The incident exposed 1.5M member email addresses, usernames, IP addresses, dates of birth and salted MD5 password hashes and password histories. Data from the breach was subsequently redistributed on popular hacking websites. Source

Source

OECD Provides Status Report on Pillars One and Two Impact Assessment – Where Is the Money Coming From?

On Thursday, February 13, the OECD presented a webcast which provided a status report on the development of an impact assessment of the anticipated tax collections and economic consequences of the proposed Pillar One and Pillar Two revisions to the international tax framework. Businesses (and presumably governments even more so) have been eagerly anticipating a […]

Source

US: Looking Back & Looking Ahead: A Series of Analyses of the Past Year in Financial Regulation and Enforcement and What to Expect in the Coming Year

SEC 2020: Expect SEC Enforcement to Cast Wide Net on Corporate Disclosure This is the second installment in our series of year-end analyses of the year in securities regulation and enforcement. Based on our ongoing analysis of SEC enforcement actions in 2019, we expect the SEC’s Division of Enforcement to continue its expansive view of […]

Source

March 2020 International Trade Compliance Update

Read publication Welcome to the March 2020 edition of Baker McKenzie’s International Trade Compliance Update. This issue’s highlights: WTO: trade policy review (EU), disputes, TBT notifications WCO: agenda for 65th HSC, news Other International Matters: CITES notifications, FAS Gain Reports Panama: Official Gazette updates Canada: consultations on WTO investment framework, comprehensive review of TRQs, consultation […]

Source

Firefox Zero-Day Flaws Exploited in the Wild Get Patched

Mozilla patched two Firefox browser zero-day vulnerabilities actively being exploited in the wild. The flaws, both use-after-free bugs, have been part of “targeted attacks in the wild,” according to a Mozilla Foundation security advisory posted Friday. Both bugs have critical ratings and allow remote attackers to execute arbitrary code or trigger crashes on machines running […]

Source

OGUsers (2020 breach) – 263,189 breached accounts

In April 2020, the account hijacking and SIM swapping forum OGUsers suffered their second data breach in less than a year. As with the previous breach, the exposed data included email and IP addresses, usernames, private messages and passwords stored as salted MD5 hashes. A total of 263k email addresses across user accounts and other […]

Source

Self-Propagating Malware Targets Thousands of Docker Ports Per Day

The Docker cloud containerization technology is under fire, with an organized, self-propagating cryptomining campaign targeting misconfigured open Docker Daemon API ports. Thousands of container-compromise attempts are being observed every day as part of the campaign, according to Gal Singer, a security researcher at AquaSec. The effort has been ongoing for months. However, since the beginning […]

Source

Cloud Providers, CDNs Team Up to Battle Internet Routing Attacks

A group of tech giants – including Akamai, Amazon Web Services, Cloudflare, Facebook, Google, Microsoft and Netflix – are banding together to battle route hijacking, route leaks and IP address-spoofing attacks targeting internet users. They’re coming together under a program was introduced this week by the Mutually Agreed Norms for Routing Security (MANRS) global initiative. […]

Source