The year 2020, with its pandemic and forced self-isolation, has raised a number of fundamentally new questions for businesses. One — has any company ever had to calculate depreciation for employees’ use of home chairs, monitors, and desks before? — has become quite relevant. The greatest burden has fallen on show more ...
Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight podcast we're joined by RSA CTO Zulfikar Ramzan about the company's path forward as an independent company. The post Spotlight Podcast: CTO Zulfikar show more ...
Thirty eight years after it was founded, RSA Security is embarking on what may be its most challenging journey yet: cybersecurity startup. In this Spotlight podcast we're joined by RSA CTO Zulfikar Ramzan about the company's path forward as an independent company. The post Spotlight Podcast: Dr. Zulfikar show more ...
Federal and state officials said Tuesday that despite fears to the contrary, there's no evidence that any state's voter registration database has been hacked this year.
A duo of vulnerabilities discovered in the MAGMI Magento plugin could result in remote code execution (RCE) on vulnerable sites using Magento.
While high-profile ransomware attacks and data leaks have dominated the news this summer, experts say there are more alarming trends in the ransomware landscape.
The banned accounts belonged to PeaceData, a news website publishing misleading articles about world politics.
Threat actors installed skimming malware on both the login web page of the APA website and the checkout page of its online store by exploiting a vulnerability in the APA’s content management system.
At a time when healthcare organizations are dealing with the COVID-19 crisis, they must make sure they continue to give adequate attention to data security.
A report from the Anti-Phishing Working Group (APWG) revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks.
The Iran-based APT has infiltrated multiple VPNs using open-source tools and known exploits.
A lawsuit seeking class-action status has been filed against Morgan Stanley, claiming the financial organization failed to properly safeguard PII when the company discarded old computer equipment.
The CISA collaborated with similar allied authorities in issuing an extensive list of best practices for preempting malicious cyber actors and navigating related crises in the moment.
The liability for failing to protect systems from cyber incidents will fall directly onto many CEOs by 2024, Gartner is predicting.
Personal information for several million American voters has turned up on a Russian underground cybercrime forum, according to a report in a Russian newspaper.
Cisco Talos recently discovered two flaws in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit to assist users with image conversion, creation, editing, and more.
The skimmer code checks for the usual web debuggers to prevent being analyzed. It also looks for fields of interest, such as billing, payment, credit card number, expiration, and CVV.
The RAT has been distributed in various campaigns over the past six months, targeting both European officials and Tibetan dissidents.
The malware has been active since late 2018 and has targeted users in the Czech Republic and Slovakia primarily (for now).
Attacks targeting popular content management system (CMS) platforms like WordPress, Joomla, Drupal, and NoneCMS have risen in 2020.
AusCERT said that after analyzing the data with cyber-security firm Cosive, it determined that the leaked data originated from K7Maths, an online service providing school e-learning solutions.
The remote code execution flaw, which was assigned the highest possible CVSS score of 10, allows unauthenticated attackers to execute arbitrary code and upload malicious files on vulnerable websites.
The parliament suffered a cyberattack during the past week and the e-mail accounts of several elected members and employees were hacked, the national assembly and a counter-intelligence agency said.
New Zealand’s justice minister says the nation is confronting cyberattacks on an unprecedented scale.
Actors behind Qakbot have been investing heavily in its development to enable data theft on a massive scale. Presently, it is more active than ever.
?Ava, a unified security company, announced the completion of the merger between Jazz Networks, an insider threat detection and response company, and Vaion, an end-to-end video security provider.
Microsoft has released a new batch of Intel microcode updates for Windows 10 2004, 1909, 1903, and older versions to fix hardware bugs in Intel CPUs.
As more government departments get digitally transformed, every connected device gets potentially exposed to a ransomware attack on important data and financial payments.
The US Department of Homeland Security teams up with Akamai and the Center for Internet Security to provide state and local governments with cybersecurity through DNS for free.
A new report finds that 33% of companies within the digital supply chain expose common network services such as data storage, remote access, and network administration to the internet.
Joker malware pretends to be a legitimate app but instead conducts billing fraud by either sending SMS messages to a premium rate number or making purchases from victim's account using WAP billing.
Network security policy management provider FireMon announced Tuesday that it has secured $40 million in debt financing from Silicon Valley Bank (SVB).
Former AlphaBay contract dispute wrangler Bryan Connor Herrell has been jailed for 11 years over his part in running the notorious darknet marketplace.
While Google DNS is being used to resolve the suspicious domain, the response returned via Google DNS contains the malicious payload in an encoded form, as verified by BleepingComputer.
In a new variant, Emotet malware hides behind an iOS-themed Word document template that requests users to 'Enable Content' to download payloads on the targeted systems.
What looked like a fake threat previously turned out to be a sordid DDoS attack campaign against several reputed firms. Such DDoS extortion attacks have come as a surprise for organizations globally.
In mid-August, five disparate Chinese APTs were found using the same combination of Linux rootkit and backdoor for cyberespionage attacks.
The TA542 cybercriminal group was observed making enhancements to the Emotet malware. It recently expanded its target area to Indonesia, Philippines, Sweden, and India, besides its usual targets.
Cloudentity, a cloud-based application security and identity-aware authorization provider, raised $13M in Series A funding led by ForgePoint Capital, with participation from WestWave Capital.
The CGI and FastCGI implementations in the Go standard library behave differently from the HTTP server implementation when serving content. In contrast to the documented behavior, they may return non-HTML data as HTML. This may lead to cross site scripting vulnerabilities even if uploaded data has been validated during upload. Versions 1.15 and 1.14.7 and below are affected.
Ubuntu Security Notice 4487-1 - Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate privileges.
Ubuntu Security Notice 4488-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly show more ...
Red Hat Security Advisory 2020-3539-01 - This release of Red Hat build of Thorntail 2.7.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service, deserialization, and improper authorization vulnerabilities.
Ubuntu Security Notice 4486-1 - Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service.
Ubuntu Security Notice 4485-1 - Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the show more ...
Ubuntu Security Notice 4483-1 - Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service. Fan Yang discovered that the mremap implementation in the Linux show more ...
Ubuntu Security Notice 4484-1 - It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges.
Ubuntu Security Notice 4482-1 - Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory.
Red Hat Security Advisory 2020-3600-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
Red Hat Security Advisory 2020-3602-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
Red Hat Security Advisory 2020-3601-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
Red Hat Security Advisory 2020-3580-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Red Hat Security Advisory 2020-3579-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's the latest tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers. "For threat actors,
Graham Cluley Security News is sponsored this week by the folks at Immersive Labs. Thanks to the great team there for their support! Attacks and breaches are a fact of life. They happen. What’s most important is how well your organisation responds. And technology isn’t enough. Your staff must be ready too. show more ...
Hackers are exploiting a critical vulnerability that may be affecting hundreds of thousands of websites running WordPress. The vulnerability lies in versions of the popular third-party plugin WordPress File Manager, which has been installed on over 700,000 websites. Read more in my article on the Hot for Security blog.
