MyPayrollHR, a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company’s CEO, resulted in countless people having money drained from their bank accounts and has left… Read More


Cybersecurity researchers at AdaptiveMobile Security disclosed a critical vulnerability in SIM cards dubbed SimJacker that could be exploited by remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS. The SimJacker vulnerability resides in the S@T (SIMalliance Toolbox) Browser dynamic SIM toolkit that is embedded in most SIM cards… Read More


The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge of the matter. But unlike most other occasions when flagrant incidents of… Read More


The Russia-linked hackers who triggered a power outage in Ukraine back in 2016 may have hoped to cause much more damage, according to a report published recently by U.S.-based industrial cybersecurity firm Dragos. The threat group, which Dragos tracks as Electrum, used a piece of malware named Crashoverride and Industroyer to target industrial control systems… Read More


The French finance minister, Bruno Le Maire, said plans for Libra could not move ahead until concerns over consumer risk and governments’ monetary sovereignty were addressed. Facebook unveiled plans for Libra in June, triggering immediate warnings from some experts that it could shift control over the economy from governments and their central banks to big… Read More


On August 31st, 2019, an Amazon AWS US-EAST-1 datacenter in North Virginia experienced a power failure at 4:33 AM, which led to the datacenter’s backup generators to kick on. Unfortunately, these generators started failing at approximately 6:00 AM , which led to 7.5% of the EC2 instances and EBS volumes becoming unavailable. ‘1:30 PM PDT… Read More


A security flaw in Exim mail servers could be exploited by local or remote attackers to execute arbitrary code with root privileges. The Exim development team has addressed a vulnerability in Exim mail server, tracked as CVE-2019-15846, that could be exploited by local and remote attackers to execute arbitrary code with root privileges. The vulnerability… Read More


Maintainers of the RubyGems package repository have yanked 18 malicious versions of 11 Ruby libraries that contained a backdoor mechanism and were caught inserting code that launched hidden cryptocurrency mining operations inside other people’s Ruby projects. The malicious code was first discovered yesterday inside four versions of rest-client, an extremely popular Ruby library. According to… Read More


An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength. A close shave, then. While the Ruby scripting language and RoR aren’t as popular as they once were, they’re still embedded in numerous enterprise development environments, an unknown number… Read More


Today, Wikipedia was hit with a malicious attack that has taken it offline in several countries for intermittent periods. The attack is ongoing and our Site Reliability Engineering team is working hard to stop it and restore access to the site. As one of the world’s most popular sites, Wikipedia sometimes attracts “bad faith” actors.… Read More