Linux is malware-free — or so many believed for many years. The delusion arose from three bases. First, Linux was a niche system, used far less commonly than Windows. Second, it was used mainly by IT pros, who are savvier than the average user. And third, given the specifics of the system architecture, malware would show more ...
It is 2020, and an election year in the US, so Dave and I kick off this week’s Kaspersky Transatlantic Cable podcast by looking at Russian troll farms. In this story, the FBI tipped off Facebook, which in turn took down a number of accounts tied to the Internet Research Agency. That may have stopped the accounts show more ...
Modern enterprise networks are populated by both people and, increasingly, "things." But securing the growing population of Internet of Things devices presents unique challenges. In this thought leadership article, Brian Trzupek, the Senior Vice President of Emerging Markets at DigiCert discusses what is show more ...
Over 80% of Fortune 500 companies and 23,000 enterprises, including 18 million endpoints, employ Pulse Secure VPN to securely connect to corporate networks, making it a prime target for hackers.
Anti-Phishing Working Group (APWG) has found that the average wire transfer loss due to BEC scams has surged to $80,183 from $54,000, in Q2 2020.
The incident happened shortly after Service NSW began using Office365, Microsoft’s cloud-based email and office software suite. The staff had not yet switched on multi-factor authentication.
SAP this week announced the release of 10 new Security Notes as part of its September 2020 Security Patch Day, as well as updates for 6 previous Security Notes.
Because of the proliferation of free options for Secure Socket Layer (SSL) certificate registrations, it has become easy for threat actors to link the secure HTTPS protocol to cybersquatting domains.
Cybersecurity agencies from New Zealand, France, and Japan warned against Emotet operators who have been working hard to strengthen their infrastructure and ramp up their attacks.
Multiple online stores from several countries were compromised using a new JavaScript skimming malware dubbed Baka. Visa found seven C2 servers hosting the malware.
The cybercriminals emptied several of the exchange's Hot Wallets and stole different types of cryptocurrencies.
A Twitter account belonging to China’s ambassador to the United Kingdom was allegedly breached by a hacker who used the account to engage with anti-Chinese content.
The breach occurred as part of a ransomware attack against service provider Blackbaud.
An analysis of initial access brokers explains how they break into vulnerable organizations and sell their access for up to $10,000.
In the span of just over three months, researchers have exposed three mercenary, “hacker-for-hire” groups engaging in industrial espionage and stealing corporate secrets for profit.
An interdisciplinary research team constructs a way for companies to share breach data without revealing specific details that could exposes businesses to legal risk.
A flurry of recent attacks is complicating attempts to deliver classes online at some schools in different parts of the US.
A team of academics has disclosed a theoretical attack on the TLS cryptographic protocol that can be used to decrypt the HTTPS connection between users and servers and read sensitive communications.
Skimming attacks have become increasingly sophisticated as skimmers have learned new ways to stash malicious JavaScript code in e-commerce sites.
Small and medium-sized healthcare suppliers and providers are set to get a small cybersecurity boost after the government announced a £500,000 (~$650,000) fund to support certification and training.
SeaChange International, a US-based leading supplier of video delivery software solutions, has confirmed a ransomware attack that disrupted its operations during the first quarter of 2020.
In a short statement published on its website, Equinix said it found ransomware on its internal systems, but that the main core of its customer-facing services remained unaffected.
Qbot now also has a dangerous new feature: a specialized email collector module which extracts email threads from the victim’s Outlook client and uploads them to an external remote server.
Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. A wave of attacks were spotted in August by Juniper Threatlab researchers, making use of a new trojan downloader.
All devices using the Bluetooth standard 4.0 through 5.0 are vulnerable. Patches not immediately available.
This Series C funding round is led by Menlo Ventures, with participation from Highland Capital Partners, Hewlett-Packard Enterprise, Sequoia Capital, and Redpoint Ventures.
This CISA alert follows a similar warning the FBI issued in July about an increase in DDoS attacks using amplification techniques.
Hospitals and companies in Thailand were hit by hackers who held their computer systems and data ransom, demanding payment to restore information, police said on Thursday.
Snyk Ltd., a Boston startup that helps developers write more hacker-resistant code, today divulged that it has raised $200 million at a valuation exceeding $2.6 billion.
Since the start of the year, the new ProLock ransomware gang has made a name for itself by hacking into large companies and government networks, encrypting files, and demanding huge ransom payments.
A bug in United Airlines’ website let anyone access the ticket information for travelers who requested a refund.
Testing logins in real-time is an unusual technique that allows the attacker to adapt their response based on the received feedback.
The high number of claims comes to confirm previous reports from multiple cyber-security firms that ransomware is one of today's most prevalent and destructive threats.
Attackers can use these vulnerabilities to gain access to sensitive data or develop the attack to gain access to the internal segments of a company network that uses vulnerable protection tools.
ThreatConnect has announced the acquisition of Nehemiah Security, adding cyber-risk quantification to its existing threat intel platform and SOAR capabilities.
Malware targets only two very specific softswitches (software switches): Linknat VOS2009 and VOS3000.
With billions of people using social media on the global scale, the online channels for communication have become a major phishing spot for cyberattackers.
Poor security practices allowed software vulnerabilities to propagate throughout industrial and IoT products for more than 20 years.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged show more ...
IlchCMS version 2.1.37 suffers from multiple cross site scripting vulnerabilities.
Red Hat Security Advisory 2020-3723-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 85.0.4183.83. Issues addressed include information leakage, integer overflow, and use-after-free vulnerabilities.
Red Hat Security Advisory 2020-3714-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Red Hat Security Advisory 2020-3713-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a resource exhaustion vulnerability.
Red Hat Security Advisory 2020-3711-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects.
Red Hat Security Advisory 2020-3708-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects.
Red Hat Security Advisory 2020-3706-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects.
Red Hat Security Advisory 2020-3704-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects.
Red Hat Security Advisory 2020-3702-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects.
Gentoo Linux Security Advisory 202009-3 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 85.0.4183.102 are affected.
The ZTE F602W router suffers from a CAPTCHA bypass vulnerability.
Tiandy IPC and NVR version 9.12.7 suffer from a credential disclosure vulnerability.
CuteNews version 2.1.2 remote code execution exploit.
IT help desks everywhere are having to adjust to the 'new normal' of supporting mainly remote workers. This is a major shift away from visiting desks across the office and helping ones with traditional IT support processes. Many reasons end-users may contact the helpdesk. However, password related issues are arguably the most common. Since the onset of the global pandemic that began earlier
A group of researchers has detailed a new timing vulnerability in Transport Layer Security (TLS) protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a side-channel in the cryptographic protocol (versions 1.2 and lower) to extract the shared secret key used
Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) of devices
Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars. Eterbase, which has now entered maintenance mode until the security issue is resolved, described itself as Europe's Premier Digital Asset
The Gadget Show's Jon Bentley joins us to discuss the mystery of a Facebook friend you never requested, software updates for the Mercedes S-Class, and risks in the online classroom. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast hosted by computer security veterans Graham Cluley and Carole Theriault.
European cryptocurrency exchange platform Eterbase has announced that it has suffered a security breach which saw hackers access its network and steal funds worth US $5.4 million. Read more in my article on the Tripwire State of Security blog.
