Data Security News Headlines 30th December, 2016

  1. 3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!

Security researchers at Check Point’s exploit research team have been discovered three critical zero-day vulnerabilities in PHP 7 that could allow an attacker to take complete control over 80 percent of websites which run on the latest version of the popular web programming language. The vulnerabilities includes CVE-2016-7479—Use-After-Free Code Execution, CVE-2016-7480—Use of Uninitialized Value Code Execution CVE-2016-7478—Remote Denial of Service. Researcher said that first two vulnerabilities, if exploited, would allow a hacker to take full control over the target server and the third vulnerability could be exploited to generate a Denial of Service (DoS) attack, allowing a hacker to hang the websites. The check Point researchers reported all the three zero-day vulnerabilities to the PHP security team on September 15 and August 6.

Cyber Security Tips: Users are strongly recommended to upgrade their servers to the latest version of PHP.

  1. Topps Customer Data Exposed After Website Hack

The iconic maker of baseball another sports trading cards sent email notifications to potentially impacted users to inform them on the data breach and that personal information submitted to the Topps website (www.topps.com) might have been compromised. According to the email, “one or more intruders” gained to sensitive information via unauthorized access to the company’s website. Notification sent by the company said that compromised data includes names, addresses, email addresses, phone numbers, credit card and debit card numbers, card expiration dates, and card verification numbers. Impacted customers are those who placed orders through the Topps website between around July 30 and October 12, 2016.

Cyber Security Tips: Customers are strongly recommended that change their bank account password, use strong password and keep watch on your account.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: