This is hardly the first year full of cybersecurity impact and focus, but 2020 has been a big one. Companies have had to develop and implement new practices, new technologies, and new approaches — and fast. One focus of this year’s Kaspersky Global Corporate IT Security Risks Survey is how cybersecurity has show more ...
Emergency 911 systems were down for more than an hour on Monday in towns and cities across 14 U.S. states. The outages led many news outlets to speculate the problem was related to Microsoft‘s Azure web services platform, which also was struggling with a widespread outage at the time. However, multiple sources show more ...
The pandemic isn't the only thing shaking up development organizations. Application security is a top concern and security work is "shifting left" and becoming more intertwined with development. In this podcast, Security Ledger Editor in Chief Paul Roberts talks about it with Jonathan Hunt, Vice President show more ...
The source code of the Windows XP operating system is now circulating online as a huge 43GB mega-dump. Although it is nearly two decades old, it’s still used by many organizations around the world.
A fresh round of Joker malware that targets Android users has been found in Google Play as well as third-party app stores, according to research reports from Zscaler and Zimperium.
In its new Microsoft Digital Defense Report, the technology giant has summarized the biggest threats companies deal with today in the face of cybercrime and nation-state attackers.
A recent rash of cyberattacks against Magento 1 stores underscores the criticality of having a strategy in place for securing technology that has reached end-of-life (EOL).
The company did not provide technical details about the attack, it is not clear how the ransomware operators breached the company and which is the family of malware that infected its systems.
The sections of the House- and Senate-passed versions of the NDAA identified by the Acquisition Reform Working Group are based on recommendations from the Cyberspace Solarium Commission.
All four of the bipartisan bills were approved by voice vote, and supported by the leaders of the House Energy and Commerce and House Science, Space, and Technology panels.
Attackers focused on critical sectors such as healthcare, e-commerce, and educational services with complex, high-throughput attacks designed to overwhelm and quickly take them down, Netscout reveals.
It was continuing to offer alternative access for customers after making its e-business website unavailable on Monday in order to prevent the spread of malware, the group said.
Talos recently identified new versions of LodaRAT, a remote access trojan written in AutoIt, that were found containing several rewritten functions and newly added functionality.
Led by Cascade Seed Fund and joined by SeaChange Fund and Voyager Capital, the company will use the funds to publicly release their product in Q4 and to expand their team in the Portland area.
Synopsys has issued an advisory warning of authentication bypass vulnerabilities in multiple wireless router chipsets built into devices manufactured by Qualcomm, MediaTek, and Realtek.
On Wednesday, cybersecurity researchers from Mitiga said the campaign, which is ongoing, uses social engineering techniques to impersonate senior executives using Microsoft Office 365 email services.
HP Device Manager, which allows IT administrators to manage HP Thin Client devices, comes with a backdoor database user account that undermines network security, a UK-based consultant has warned.
Once one email account was compromised, the credentials for the account were sent to a remote bot. The bot would then sign into the account and analyze emails sent within the past several days.
Universal Health Services, a hospital system with over 400 locations across the U.S., was still working Tuesday to get its network and operations back online after a cyberattack early Sunday morning.
Cisco addressed two high severity memory exhaustion denial-of-service (DoS) vulnerabilities that reside in the IOS XR Network OS that runs on multiple carrier-grade routers.
The Ashtabula County Medical Center, a Cleveland-area hospital has spent more than a week offline after being hit by an apparent cyberattack, forcing it to postpone all elective procedures.
Axis Security, a U.S.-Israeli startup that helps companies enable employees to safely connect to private applications, said on Tuesday it raised $32 million in a funding round led by Canaan Partners.
The threat actors behind the Exorcist 2.0 ransomware are using malicious advertising on legitimate sites to redirect victims to fake software crack sites that distribute their malware.
The Series B financing round was led by Germany-based growth equity investor Digital+ Partners with participation from existing investors, including Evolution Equity Partners.
FireEye's Mandiant Threat Intelligence and MITRE have collaborated on developing a combined visualization from Enterprise ATT&CK and ICS ATT&CK to cover both IT and OT attack behaviors.
During a recent investigation, Sucuri researchers came across an obfuscated pop-up script leveraging baidu[.]com search results to redirect users to the attacker’s own domain.
Among multiple victims infected by Palmerworm, the media, electronics, and finance firms were based in Taiwan, while an engineering firm in Japan and a construction firm in China were also targeted.
The key to deception technology is that it goes beyond simple detection to identify and prevent lateral movement, notoriously one of the most difficult aspects of network defense.
On Tuesday, a file package called Azerbaijan Navy 2020 started circulating on Russian forums. It contains 18,872 entries, and there are almost 10,000 unique citizens in the database.
Earlier this year, peripheral maker Kensington patched its desktop software to close a vulnerability that could have been exploited by malicious websites to quietly hijack victims' computers.
The REvil ransomware gang has deposited $1 million in bitcoin in a Russian-speaking hacking forum to prove to potential partners that the business is very profitable and they should consider joining it.
Red Hat Security Advisory 2020-3841-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include cross site scripting and information leakage vulnerabilities.
Ubuntu Security Notice 4560-1 - It was discovered that Gon gem did not properly escape certain input. An attacker could use this vulnerability to execute a cross-site scripting attack.
The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The installer component of Cisco AnyConnect Secure Mobility Client for Windows show more ...
MailDepot version 2032 SP2 (2.2.1242) suffers from a session expiration design issue.
DOMOS versions 5.8 and below suffer from a command injection vulnerability.
Qiata FTA versions 1.70.19 and below suffer from a cross site scripting vulnerability.
Red Hat Security Advisory 2020-4143-01 - Red Hat OpenShift Container Storage is a provider of agnostic persistent storage for OpenShift Container Platform either in-house or in a hybrid cloud. As a Red Hat storage solution, OCS is completely integrated with OpenShift Container Platform for deployment, management, and monitoring. Issues addressed include an information leakage vulnerability.
Ubuntu Security Notice 4559-1 - Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin. While a previous security update fixed the issue show more ...
Ubuntu Security Notice 4557-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain show more ...
Red Hat Security Advisory 2020-4137-01 - Fixed an XSS vulnerability Fixed the Red Hat sosreport tool to no longer include the Ansible Tower SECRET_KEY value Fixed the Ansible Tower installer so that it is now compatible with the latest supported Red Hat OpenShift Container Platforms 3.x and 4.x. Issues addressed include a cross site scripting vulnerability.
Red Hat Security Advisory 2020-4136-01 - Updated to the latest version of the git-python library to no longer cause certain jobs to fail Updated to the latest version of the ovirt.ovirt collection to no longer cause connections to hang when syncing inventory from oVirt/RHV Added a number of optimizations to Ansible show more ...
Ubuntu Security Notice 4558-1 - It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash.
Red Hat Security Advisory 2020-4134-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. show more ...
Red Hat Security Advisory 2020-4127-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Red Hat Security Advisory 2020-4129-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Red Hat Security Advisory 2020-4114-01 - ovirt-ansible-repositories is an Ansible role used to set up the repositories required for oVirt engine or host installation. The openvswitch package contains components for enabling Open vSwitch; a software-based Ethernet virtual switch. It also includes OVN components for show more ...
Red Hat Security Advisory 2020-4115-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only show more ...
Red Hat Security Advisory 2020-4111-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.
Red Hat Security Advisory 2020-4082-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and information leakage vulnerabilities.
Red Hat Security Advisory 2020-4080-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.3.0 ESR. Issues addressed include bypass, cross site scripting, integer overflow, spoofing, and use-after-free vulnerabilities.
Red Hat Security Advisory 2020-4079-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a use-after-free vulnerability.
Gentoo Linux Security Advisory 202009-18 - Multiple vulnerabilities have been found in Bitcoin, the worst of which could result in a Denial of Service condition. Versions less than 0.20.1 are affected.
Gentoo Linux Security Advisory 202009-14 - A buffer overflow in Xen might allow remote attacker(s) to execute arbitrary code. Versions less than 4.13.1-r3 are affected.
Red Hat Security Advisory 2020-4078-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.
Red Hat Security Advisory 2020-4003-01 - NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband, and PPPoE devices, as well as providing VPN integration with a variety of different VPN services.
Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China. Linking the attacks to Palmerworm (aka BlackTech) — likely a China-based advanced persistent threat (APT) — Symantec's Threat Hunter Team said the first wave of activity associated with this campaign began last
Cisco yesterday released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago.Tracked as CVE-2020-3566 and CVE-2020-3569, details for both zero-day unauthenticated DoS vulnerabilities were made public by Cisco late last month when the company found hackers actively exploiting Cisco IOS XR Software that is installed
