Every security officer views remote connections to corporate systems as a potential threat. For infosec experts at industrial enterprises, and especially at critical infrastructure facilities, the threat feels very real. Every security officer views remote connections to corporate systems as a potential threat. For show more ...
U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges. The Justice show more ...
Named the Adversary Emulation Library, the project is the work of the MITRE Engenuity's Center for Threat-Informed Defense.
DDoS attacks are causing severe issues to the targeted education institutions such as temporarily takedown of the network and online classes.
A researcher hacked Facebook after identifying and exploiting Unauthenticated RCE on MobileIron’s Mobile Device Management (MDM) used by the company’s employees.
The new BLESA attack goes after the often ignored Bluetooth reconnection process, unlike previous vulnerabilities, most found in the pairing operation.
A New Jersey man who physically installed keyloggers onto the computer networks of his rivals to steal trade secrets has been sent to prison for nearly eight years.
A new malware gang has made a name for itself over the past few months by hacking into Microsoft SQL Servers (MSSQL) and installing a crypto-miner.
Bruce Schneier coined the phrase security theater to describe “security measures that make people feel more secure without doing anything to actually improve their security.”
As per a Keepnet Labs study, the top five sectors with the highest click rates on malicious phishing links are consulting, clothing and accessories, education, technology, and holdings/conglomerates.
The software contains vulnerabilities that could allow adversaries to exploit a victim machine in multiple ways that would eventually allow them to execute code.
Both nation-state-backed hackers and cybercriminals are trying to take advantage of the rise in remote working - and getting more sophisticated in their approach.
Six suspected Chinese hacking groups have zeroed-in on entities in the telecommunications sector in the first half of this year, according to CrowdStrike research published Tuesday.
Threat actors deployed Trojan horse malware in an attempt to gain access to the website of St. Louis County earlier this month.
The CISA report includes technical details of 19 files, including multiple components of the China Chopper web shell, like an ASP app that listens for incoming HTTP connections from remote operators.
A new SMS-based phishing (“smishing”) campaign is using the United States Postal Service (USPS) as a disguise to target mobile users.
Zoom now supports phone calls, text messages, and authentication apps as forms of two-factor authentication.
After the latest security incident, Singapore's Personal Data Protection Commission (PDPC) imposed a fine of SG$10,000 ($7,325) and ordered a review of Grab's data protection policies within 120 days.
A multifaceted, targeted approach is necessary to bolster election security and protect democratic institutions in the run up to the 2020 election in the U.S., researchers argue.
Github's move away from passwords for its APIs may be a sign of a larger transformation away from username and password-based logins in services.
Researchers discovered that more than 40% of the keys were database keys while 38% were for cloud services.
Gartner's 2020 Security & Risk Management Summit focused on the importance of privileged access management to cybersecurity as threat actors increasingly target admin credentials.
Dunkin' Donuts today settled a lawsuit in which it was accused of hushing up the fact hackers siphoned its customers' personal information from its systems in 2015.
Many existing manufacturing systems were developed at a time when cybersecurity was much less of an issue. However, recent incidents highlight the growing cyber threats faced by the sector.
Researchers have discovered a new variant of the Shlayer macOS malware that obfuscates itself to sneak past Apple's notarization service and compromise targeted systems.
The US National Security Agency (NSA) this week published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature can be customized to fit an organization’s needs.
BleepingComputer learned that Staples had two endpoints that allowed customers to track their purchases using the order number and ZIP code, and one of them could reveal info on someone else’s order.
According to cybersecurity intelligence firm Kela, the LockBit ransomware operation posted a link yesterday on a Russian-speaking hacker forum to their new data leak site.
The US government has filed charges today against five Chinese nationals for hacking into more than 100 companies across the world, as part of a state-sponsored hacking group known as APT41.
Popular mobile messengers like WhatsApp expose personal data via discovery services that allow users to find contacts based on phone numbers from their address book, say researchers.
A document obtained by Motherboard provides more detail on the malware law enforcement deployed against Encrochat devices.
Separate incidents at two US healthcare organizations may have resulted in the personal data of more than 190,000 patients being compromised following a cyber-attack against Blackbaud.
Quick Response (QR) codes are booming in popularity and hackers are flocking to exploit the trend. As per a new study, people are mostly ignorant of how it can be used to launch digital attacks.
Nozomi Networks, a company that specializes in the security of OT and IoT systems, on Tuesday announced that it has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA).
An automated campaign Magecart attack campaign against 2,000 Magento stores over the last weekend compromised the private information of thousands of customers.
This Metasploit module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter to be executed as the apache user. The sudo configuration permits the apache user to execute any show more ...
1CRM versions 8.6.7 and below suffer from an insecure direct object reference vulnerability.
Acronis Cyber Backup version 12.5 Build 16341 suffers from a server-side request forgery vulnerability.
Piwigo version 2.10.1 suffers from a cross site scripting vulnerability.
Proof of concept exploit for the Windows Zerologon vulnerability as noted in CVE-2020-1472. By default, it changes the password of the domain controller account.
Ubuntu Security Notice 4503-1 - It was discovered that Perl DBI module incorrectly handled certain calls. An attacker could possibly use this issue to execute arbitrary code.
Ubuntu Security Notice 4502-1 - It was discovered that websocket-extensions does not properly parse special headers. A remote attacker could use this issue to cause regex backtracking, resulting in a denial of service.
Red Hat Security Advisory 2020-3727-01 - OpenShift Container Platform components are primarily written in Go. The golang.org/x/text contains text-related packages which are used for text operations, such as character encodings, text transformations, and locale-specific text handling. Kibana is one of the major show more ...
Ubuntu Security Notice 4501-1 - It was discovered that an out-of-bounds read existed in LuaJIT. An attacker could use this to cause a denial of service or possibly expose sensitive information.
Ubuntu Security Notice 4507-1 - It was discovered that ncmpc incorrectly handled long chat messages. A remote attacker could possibly exploit this with a crafted chat message, causing ncmpc to crash, resulting in a denial of service.
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the show more ...
Ubuntu Security Notice 4506-1 - It was discovered that MCabber does not properly manage roster pushes. An attacker could possibly use this issue to remotely perform man-in-the-middle attacks.
Ubuntu Security Notice 4505-1 - Elar Lang discovered that PHPMailer did not properly escape double quote characters in filenames. A remote attacker could possibly exploit this with a crafted filename to bypass attachment filters that are based on matching filename extensions.
Ubuntu Security Notice 4504-1 - Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This show more ...
The US Department of Justice (DoJ) on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January. Behzad Mohammadzadeh (aka Mrb3hz4d), 19, and Marwan Abusrour (aka Mrwn007), 25, have been charged with conspiracy to commit intentional damage to a protected
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is how cybercriminals operate. Any opportunity to maximize effectiveness, no matter how contemptible
The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and 'Wicked Spider,' the cyber-espionage group has been operating since at least 2012 and is not just
Reading Time: ~ 4 min. Since launching our web classification service in 2006, we’ve seen tremendous interest in our threat and web classification services, along with an evolution of the types and sizes of cybersecurity vendors and service providers looking to integrate this type of curated data into their product show more ...
