Five For Friday

Five For Friday is your weekly cyber security news update on current security and cyber threats. Each week, EdgeWave will highlight five current stories on security incidents, cyber-attacks, security threats and much more. Give Us Your Feedback!

June 14, 2019


RADIOHEAD DROPPED 18 HOURS OF UNRELEASED MUSIC TO SCREW PIRATES

On Tuesday, Radiohead guitarist and composer Jonny Greenwood made an announcement on Twitter and Facebook: The band had been “hacked,” and the perpetrator attempted a $150,000 shakedown to prevent the public release of the files. In response? Radiohead dumped all of it online for free.

fff-radiohead-ransomware-release

CRITICAL FLAW IN EVERNOTE ADD-ON EXPOSED SENSITIVE DATA OF MILLIONS

A critical flaw in the Evernote Web Clipper Chrome extension could allow potential attackers to access users’ sensitive information from third party online services. This issue had the potential of affecting its consumers and companies who use the extension – about 4,600,000 users at the time of discovery.

fff-evernote-critical-flaw

NEAR-UBIQUITOUS MICROSOFT RCE BUGS AFFECT ALL VERSIONS OF WINDOWS

Two Microsoft vulnerabilities, CVE-2019-1040 and CVE-2019-1019, would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.

fff-microsoft-rce-bugs

GOOGLE’S PUSH TO CLOSE A MAJOR ENCRYPTED WEB LOOPHOLE

The internet-wide push to encrypt more web traffic has resulted in a wave of safer, snoop-proof connections. The next challenge, though, is completing that transition from using a mixture of unencrypted HTTP and protected HTTPS to requiring that baseline protection everywhere.

fff-googles-encryption-push

EVITE E-INVITE WEBSITE ADMITS SECURITY BREACH

Evite, a social planning and e-invitations service, and one of the biggest sites on the Internet, has officially admitted to a security breach that was first reported back in April. The company said that following an investigation, it tracked the incident to “malicious activity starting on February 22, 2019.”

fff-evite-security-breach

Get the latest security news

Sign up for our Five for Friday newsletter, your weekly cyber security news update on current security and cyber threats.

  • This field is for validation purposes and should be left unchanged.