May 4, 2021, update for Outlook 2016 (KB5001921)

May 4, 2021, update for Outlook 2016 KB5001921 This article describes update 5001921 for Microsoft Outlook 2016 that was released on May 4, 2021.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to the...

Ransomware Attack Strikes Spain’s Employment Agency

The Spanish State Employment Service SEPE in Spain has been hit by a cyberattack, suspending its communications systems across hundreds of offices and delaying thousands of appointments. SEPE is an “autonomous body” in Spain that manages and controls unemployment benefits. The cyberattack hit...

PHPGurukul Hospital Management System Information Disclosure Vulnerability

PHPGurukul Hospital Management System is a PHP and MySQL based hospital management system. A security vulnerability exists in PHPGURUKUL Hospital Management System V 4.0, which can be exploited by an attacker to gain access to all user, doctor, and patient data, change administrator passwords,...

Ransomware in 2020: A Banner Year for Extortion

Remote learning platforms shut down. Hospital chemotherapy appointments cancelled. Ransomware attacks in 2020 dominated as a top threat vector this past year. Couple that with the COVID-19 pandemic, putting strains on the healthcare sector, and we witnessed ransomware exact a particularly cruel...

Telemed Poll Uncovers Biggest Risks and Best Practices

Healthcare organizations have gone virtual during the COVID-19 pandemic, just like the rest of us – with the use of telehealth services becoming the go-to format for med checks, routine consultations and therapist visits. But how safe are these services when it comes to patient data? In an...

Post-Cyberattack, UVM Health Network Still Picking Up Pieces

More than a month after a cyberattack hit the University of Vermont UVM health network, the organization is still working to recover its systems. The UVM health network is a six-hospital, home-health and hospice system, which encompasses more than 1,000 physicians, 2,000 nurses and other clinicia...

Cyberattack on UVM Health Network Impedes Chemotherapy Appointments

The University of Vermont UVM health network is scrambling to recover its systems after a cyberattack led to widespread delays in patient appointments – including chemotherapy appointments, as well as mammograms and biopsies. The UVM Health Network is a six-hospital, home-health and hospice syste...

Easy!Appointments Authorization Issues Vulnerability

Easy!Appointments is a web-based appointment and schedule management system. A security vulnerability exists in Easy!Appointments version 1.3.0. An attacker can exploit this vulnerability to bypass CAPTCHA protection...

CVE-2018-13060

Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue...

CVE-2018-13063

Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts...

CVE-2018-13060

Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue...

CVE-2018-13063

Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts...

Authorization

Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts...

Code injection

Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue...

CVE-2018-13063

Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts...

CVE-2018-13063

Technical details about CVE-2018-13063 are not provided in the connected documents; only the basic description is present. Monitor for updates and additional disclosures to assess affected components, impact, and remediation.

CVE-2018-13060

Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue...

CVE-2018-13060

CVE-2018-13060 affects Easy!Appointments 1.3.0. Multiple connected sources document a vulnerability where CAPTCHA protection can be bypassed, enabling an attacker to bypass CAPTCHA and potentially abuse the login/appointment flow. Root cause details in the sources indicate a guessable CAPTCHA iss...

WordPress Easy!Appointments Plugin Information Disclosure Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Easy!Appointments is a web-based appointment management plugin used in it. An information disclosure vulnerability exists in the...

CVE-2019-14936

Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure Username and Password Hash...