Vulnerability in PostBus Public Transport Platform

PostBus, a subsidiary of ÖBB-Personenverkehrs AG, has fixed a serious data exposure vulnerability in one of its online Swiss public transport platforms. ZTF cybersecurity researchers Sven Faßbender, Martin Tschirsich, and Dr André Zilch conducted a penetration test on the platform and found that it was vulnerable to attack.

Read more

VPN Software for Private Users Is Being Tested

VPN software is used for many things. It can help you get around geo-blocking. Or it can tune the ping when gaming or surfing online. It also lets you download or send messages without anyone spying on what you are doing. The lab at AV-Test reviewed many VPN products to see which ones are fast, secure, and keep your information private too.

Read more

2021: The Worst Hacks

In 2020, hackers were very active, and it was the year of the pandemic lockdown. In 2021, hackers continued to attack schools as well as health care facilities and critical infrastructure. The pandemic is still happening. Some people are working to stop it. Other people are trying to help. Governments are also doing things to stop the pandemic.

Read more

Billing Software App: SQL Injection Flaw

Cybercriminals are exploiting a vulnerability in BillQuick, the popular billing software. They are making it so that ransomware is spread. Security researchers at Huntress warn about this. BQE Software’s BillQuick Web Suite versions earlier than has an SQL injection that gives rise to a more serious remote code execution (RCE) risk. The CVE-2021-42258 vulnerability … Read more

Three Malicious Packages after More than 10,000 Downloads Are Removed by PyPI Admins

The Python Package Index (PyPI) has removed thousands of packages that are dangerous. These packages tricked people by using the name of other packages, but they were really malware-deploying and data-stealing. Two packages in this group of three malicious packages included their source code URL as an existing popular library. This made it look like … Read more