ICO Logo

Prodial Ltd fined £350,000 by ICO for 46 million nuisance calls

Prodial Ltd, a lead generation firm responsible for over 46 million automated nuisance calls, has been fined £350,000 by the ICO. It’s the regulator’s largest ever fine.   Over 1,000 people complained to the ICO about the automated calls which played recorded messages relating to PPI claims. Unfortunately it is unclear if the fine will ever Read more about Prodial Ltd fined £350,000 by ICO for 46 million nuisance calls[…]

HTTPS Vulnerability

SSLv2 DROWN attack could compromise TLS

Security researchers have discovered a new weakness that could allow attackers to spy on encrypted communications between users and one in three HTTPS servers. Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability – referred to as DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) in public reporting – may allow a remote attacker to obtain the private key of a server supporting SSLv2.

[…]

Drupal

Drupal Releases Security Updates

Original release date: February 24, 2016 Drupal has released updates to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. Available updates include: Drupal core 6.38 for 6.x users Drupal core 7.43 for 7.x users Drupal core 8.0.4 for 8.0.x users Users and Read more about Drupal Releases Security Updates[…]

ASUS

FTC Shares Security Tips for ASUS Wireless Routers

Original release date: February 23, 2016 | Last revised: February 24, 2016 The Federal Trade Commission (FTC) has provided network security tips for vulnerable ASUS-branded wireless routers. Major security flaws in these routers may have exposed customers’ sensitive information to malicious actors. FTC urges consumers to download the latest security updates for their routers and Read more about FTC Shares Security Tips for ASUS Wireless Routers[…]

Microsoft Releases Update for EMET

Original release date: February 23, 2016 US-CERT is aware of a vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) versions prior to 5.5. Exploitation of this vulnerability may allow a remote attacker to bypass or disable EMET to take control of an affected system. US-CERT recommends users and administrators visit the Microsoft Security TechCenter  and Read more about Microsoft Releases Update for EMET[…]