Five For Friday
Five For Friday is your weekly cyber security news update on current security and cyber threats. Each week, EdgeWave will highlight five current stories on security incidents, cyber-attacks, security threats and much more. Give Us Your Feedback!
June 14, 2019
RADIOHEAD DROPPED 18 HOURS OF UNRELEASED MUSIC TO SCREW PIRATES
On Tuesday, Radiohead guitarist and composer Jonny Greenwood made an announcement on Twitter and Facebook: The band had been “hacked,” and the perpetrator attempted a $150,000 shakedown to prevent the public release of the files. In response? Radiohead dumped all of it online for free.
CRITICAL FLAW IN EVERNOTE ADD-ON EXPOSED SENSITIVE DATA OF MILLIONS
A critical flaw in the Evernote Web Clipper Chrome extension could allow potential attackers to access users’ sensitive information from third party online services. This issue had the potential of affecting its consumers and companies who use the extension – about 4,600,000 users at the time of discovery.
NEAR-UBIQUITOUS MICROSOFT RCE BUGS AFFECT ALL VERSIONS OF WINDOWS
Two Microsoft vulnerabilities, CVE-2019-1040 and CVE-2019-1019, would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.
GOOGLE’S PUSH TO CLOSE A MAJOR ENCRYPTED WEB LOOPHOLE
The internet-wide push to encrypt more web traffic has resulted in a wave of safer, snoop-proof connections. The next challenge, though, is completing that transition from using a mixture of unencrypted HTTP and protected HTTPS to requiring that baseline protection everywhere.
EVITE E-INVITE WEBSITE ADMITS SECURITY BREACH
Evite, a social planning and e-invitations service, and one of the biggest sites on the Internet, has officially admitted to a security breach that was first reported back in April. The company said that following an investigation, it tracked the incident to “malicious activity starting on February 22, 2019.”