Tools and features introduced with the intention of benefiting and empowering an organization can sometimes end up being misused. PowerShell is a classic example.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Well, the New Year didn’t get off to a good start for some. The most visible of them being Travelex as a result of an unpatched VPN solution. From there things have rapidly fallen apart, and it ain’t over yet…

Not only have Global banks stopped customers transacting or ordering currency from Travelex, many have stopped transactions with third party currency providers altogether. Lloyd’s, Royal Bank of Scotland, Tesco and Sainsbury’s all receive their currency from Travelex. It has been reported by Travelex that no customer data has been compromised although no report has been publicly provided to explain how this has been determined.

Application performance management (APM) software, sometimes known as application performance monitoring software, is a software as a service (SaaS) type that provides you with a variety of ways to analyze and ensure availability within your application. They can give you metrics in areas such as render times, database load, and failed requests. Modern APM tools are mostly drop-in, all-in-one style solutions. Add a dependency and know everything about why your app is slowing down or crashing.

With the advancements in technology, our businesses heavily rely on the computers, internet and transfer of massive amounts of data. We communicate via internet, store data on cloud systems, or even conduct our business off-site with the help of internet technologies. As an unavoidable result, the sensitive information regarding our customers and organizations are exposed to cyber threats including hackers, data breaches and more.

This blog post provides an overview of the AT&T Alien Labs™ technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence, and WebLogic servers. Upon exploitation, malicious implants are deployed on the compromised machine. While most of the attacks described below are historical, we at Alien Labs are continuing to see new attacks, which can be further researched on the Alien Labs Open Threat Exchange™ (OTX).

The Brazilian General Data Protection Law (Lei Geral de Proteção de Dados Pessoais or LGPD) is a new law that was passed by the National Congress of Brazil on August 14, 2018 and comes into effect on August 15, 2020. The LGPD creates a legal framework for the use of personal data of individuals in Brazil, regardless of where the data processor is located.

First, we wanted to wish you a very API New Year. Besides the traditional wishes, we wanted to take the chance to summarize all the great things the team brought to you in 2019... and give you a glimpse into the future.