webmin | Breaking Cybersecurity News | The Hacker News

A United States regulator has fined the credit card provider Capital One Financial Corp with $80 million over last year's data breach that exposed the personal information of more than 100 million credit card applicants of Americans. The fine was imposed by the Office of the Comptroller of the Currency (OCC), an independent bureau within the United States Department of the Treasury that governs the execution of laws relating to national banks. According to a press release published by the OCC on Thursday, Capital One failed to establish appropriate risk management before migrating its IT operations to a public cloud-based service, which included appropriate design and implementation of certain network security controls, adequate data loss prevention controls, and effective dispositioning of alerts. The OCC also said that the credit card provider also left numerous weaknesses in its cloud-based data storage in an internal audit in 2015 as well as failed to patch security

Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers. Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build infrastructure—that surprisingly persisted into various releases of Webmin (1.882 through 1.921) and eventually remained hidden for over a year. With over 3 million downloads per year, Webmin is one of the world's most popular open-source web-based applications for managing Unix-based systems, such as Linux, FreeBSD, or OpenBSD servers. Webmin offers a simple user interface (UI) to manage users and groups, databases, BIND, Apache, Postfix, Sendmail, QMail, backups, firewalls, monitoring and alerts, and much more. The story started when Turkish researcher Özkan Mustafa Akkuş publicly presented a zero-day remote code execution vul

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica