Uber
Uber concealed the theft of personal information of 57 million customers and drivers. Rather than inform anyone, Uber paid the hackers $100,000 to delete the data and keep the breach quiet. To read more: https://www.grahamcluley.com/uber-hackers-paid-data-breach/
Imgur
Imgur confirmed a hack dating back to 2014 occurred. The hackers stole 1.7 million email addresses and passwords scrambled with the SHA-256 algorithm. To read more: http://www.zdnet.com/article/imgur-reveals-hackers-stole-login-data/
Microsoft
US-CERT is warning of a vulnerability in ASLR that affects Windows 8, 8.1 and 10. The vulnerability could allow a remote attacker to take control of an affected system. To read more: https://threatpost.com/us-cert-warns-of-aslr-implementation-flaw-in-windows/128948/
F5
There is a bug in the RSA implementation that can give an attacker access to encrypted messages. The vulnerability only works in systems configured to enable the ancient SSLv2. To read more: https://www.theregister.co.uk/2017/11/20/f5_crypto_weakness/
Intel
Eleven severe bugs were found that affect the Management Engine, Trusted Execution Engine, and Server Platform Services. To read more: http://www.zdnet.com/article/intel-weve-found-severe-bugs-in-secretive-management-engine-affecting-millions/
HP
HP released patches for dozens of enterprise-class printer models affected by a code execution bug. The vulnerability is tied to insufficient solution DLL signature validation. To read more: https://threatpost.com/hp-to-patch-bug-impacting-50-enterprise-printer-models/128984/
Sign up below and receive weekly breach reports directly in your inbox.