Reports, articles, marketing materials — all are document types most of us handle at some point. We write and edit them on computers, e-mail them to colleagues or friends, share them in the cloud, hand them to clients, and so much more. If a file you intend to show to others contains information they shouldn’t show more ...
A phone call to an Internet provider in Oregon on Sunday evening was all it took to briefly sideline multiple websites related to 8chan/8kun — a controversial online image board linked to several mass shootings — and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic pedophiles is show more ...
Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation.
Microsoft has released two out-of-band security updates to address two remote code execution (RCE) vulnerabilities that affect the Microsoft Windows Codecs Library and Visual Studio Code.
As part of the October 2020 Patch Tuesday security updates, Microsoft has added a new option to Windows to let system administrators disable the JScript component inside Internet Explorer.
Remote work has increased the risk of threats caused by human error. Cybercriminals have capitalized on the fear and uncertainty of 2020 to make their targeted scams all the more convincing.
Discord has patched a critical issue in the desktop version of the messaging app used by many gamers and online communities which left users vulnerable to remote code execution (RCE) attacks.
Microsoft is at the top when it comes to hacker impersonations, with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year.
A group of researchers from the Ben-Gurion University of the Negev demonstrated that it is possible to fool commercial advanced driver-assistance systems by displaying virtual objects (phantoms).
Despite 88% of security professionals believing automation will make their jobs easier, younger staffers are more concerned about automation replacing their roles, according to research by Exabeam.
The quantum key distribution (QKD) technology leverages quantum physics to provide two remote parties with cryptographic keys that are immune to cyberattacks driven by quantum computers.
A large number of 8kun and QAnon-related sites are connected to the Web via a single web hosting provider based in Vancouver, Washington, called VanwaTech (a.k.a. “OrcaTech“).
With health insurance open enrollment season just around the corner, US consumers preparing to change or add to their health coverage should watch out for scammers, the Better Business Bureau warns.
Attackers can scan the internet for these types of folders, identify exposed systems, download their content, and gain access to sensitive configuration data or even to an app's source code.
Since August 2020, Proofpoint researchers have tracked extremely high-volume Amazon Japan credential and information phishing campaigns, with suspected activity dating back to June 2020.
A research report released by mobile security platform provider MobileIron in September 2020 shows that QR codes pose “significant” security risks for enterprises and end-users.
Cyber resilience needs to be part of a coherent "all vectors and all sectors" approach to national security, according to Mike Pezzullo, Secretary of Australia's Department of Home Affairs.
The new malware variant, dubbed Vizom by IBM security researchers, is being utilized in an active campaign across Brazil designed to compromise bank accounts via online financial services.
The UK's data privacy watchdog on Friday slashed a fine imposed on British Airways over a cyberattack after taking into account coronavirus fallout on the embattled airline's finances.
A hacker has breached the forum of Albion Online, a popular free medieval fantasy MMORPG, and stole usernames and password hashes, the game maker Sandbox Interactive GmbH disclosed on Saturday.
The campaigns are targeting accounts on Microsoft's Office 365 and Google's Gmail with tactics designed to provide a false sense of security or prey on curiosity about current events.
The Egregor gang claims to have stolen both the code and some proprietary files from the game publisher, Ubisoft. It also said that it has Crytek files related to games like Arena of Fate and Warface.
The financial leaders of the world’s seven biggest economies said some prominent strains of ransomware had been linked to groups that “are vulnerable to influence by state actors.
Phishing campaigns have started to use Basecamp, a web-based project management solution, as part of malicious phishing campaigns that distribute malware or steal users' login credentials.
Australian gas producer Kleenheat has warned a number of its customers about a data breach from 2014 that may have resulted in information such as name and address being exposed.
Besides the use of digital signatures to feign legitimacy, the main modification seen in the new GravityRAT campaign is support for multiple platforms besides Windows, such as Android and macOS.
According to research from Akamai, the largest of these attacks sent over 200Gbps of traffic at their targets as part of a sustained campaign of higher bandwidth and throughput than prior attacks.
The vulnerability itself affects Microsoft SharePoint Foundation 2013 Service Pack 1, SharePoint Enterprise Server 2016, and SharePoint Server 2019, but not SharePoint Online as part of Office 365.
Cybersecurity Collaborative, alongside parent company CyberRisk Alliance, announced the creation of the fund to assist organizations whose cybersecurity resources have been impacted by the pandemic.
Most phishing is focused on a small number of domain registrars and registries and hosting providers. Of all the maliciously registered domains, 65% is used within five days of registration.
The cybercriminals behind ransomware attacks have lots of options to access corporate networks. A recent report published by Accenture states that outsourced network hacking is a thriving business.
Security experts recently observed an interesting payload deployment using Metasploit against exposed Docker APIs. The framework has a significant advantage of combining any exploit with any payload.
Accused Russian cybercriminal Alexander Vinnik’s legal odyssey continues Monday in Paris, where he faces trial on charges of extortion, money laundering, and involvement in organized crime.
This Metasploit module exploits a server-side include (SSI) in SharePoint to leak the web.config file and forge a malicious ViewState with the extracted validation key. This exploit is authenticated and requires a user with page creation privileges, which is a standard permission in SharePoint. The web.config file show more ...
Chrome suffers from a use-after-free vulnerability in USB::OnServiceConnectionError.
Chrome suffers from a use-after-free vulnerability in WebIDBGetDBNamesCallbacksImpl::SuccessNamesAndVersionsList.
Mocha for Android suffers from an issue where a call can cause the callee device to send audio without user interaction.
ReQuest Serious Play F3 Media Server version 7.0.3 suffers from an unauthenticated remote code execution vulnerability. Abusing the hidden ReQuest Internal Utilities page (/tools) from the services provided, an attacker can exploit the Quick File Uploader (/tools/upload.html) page and upload PHP executable files that results in remote code execution as the web server user.
FRITZ!Box versions 7.20 and below suffer from a DNS rebinding protection bypass vulnerability.
HiSilicon Video Encoder suffers from an unauthenticated RTSP buffer overflow vulnerability that can cause a denial of service condition.
Red Hat Security Advisory 2020-4274-01 - The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. Issues addressed include a code execution vulnerability.
Jenkins version 2.63 suffers from a sandbox bypass vulnerability.
ReQuest Serious Play F3 Media Server version 7.0.3 suffers from a denial of service vulnerability. The device can be shutdown or rebooted by an unauthenticated attacker when issuing one HTTP GET request.
HiSilicon Video Encoder allows for full administrative access via a backdoor password. Versions affected are vendor specific.
Red Hat Security Advisory 2020-4272-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
HiSilicon Video Encoder suffers from a remote code execution vulnerability via an unauthenticated upload of malicious firmware. Versions affected are vendor specific.
ReQuest Serious Play F3 Media Server version 7.0.3 suffers from a debug log disclosure vulnerability. An unauthenticated attacker can visit the message_log page and disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running on the device.
HiSilicon Video Encoder suffers from a remote command injection vulnerability. Versions affected are vendor specific.
ReQuest Serious Play Media Player version 3.0 suffers from an unauthenticated file disclosure vulnerability when input passed through the file parameter in tail.html and file.html script is not properly verified before being used to read web log files. This can be exploited to disclose contents of files from local resources.
HiSilicon Video Encoder versions up to 1.97 suffer from a path traversal vulnerability that allows for file disclosure.
Chrome suffers from a use-after-free vulnerability in XRSystem::FocusedFrameChanged and FocusController::NotifyFocusChangedObservers.
TinyMCE 5 suffers from an html injection vulnerability.
Online Job Portal version 1.0 suffers from a persistent cross site scripting vulnerability.
OX App Suite and OX Documents versions 7.10.3 and some prior versions suffer from information exposure, server-side request forgery, and cross site scripting vulnerabilities.
Online Discussion Forum Site version 1.0 suffers from a cross site scripting vulnerability.
Online Student's Management System version 1.0 suffers from a remote shell upload vulnerability.
A Java deserialization vulnerability exists in the QRadar RemoteJavaScript Servlet. An authenticated user can call one of the vulnerable methods and cause the Servlet to deserialize arbitrary objects. An attacker can exploit this vulnerability by creating a specially crafted (serialized) object, which amongst other show more ...
Nagios XI version 5.7.3 suffers from multiple remote SQL injection vulnerabilities.
The trials and tribulations of London's Hackney Council continue after it suffered a "serious cyber attack" last week. The real-life victims of a cyber attack are the thousands of innocent residents, some of whom may desperately need money in their pocket to pay their rent, living in fear of eviction and homelessness.
Sandbox Interactive, the developers of the free medieval fantasy video game Albion Online, have warned players that a hacker managed to break into its systems and gain access to its user database. Read more in my article on the Hot for Security blog.
At the end of last week, Google slipped out a blog post that probably went under the radars of some folks. In it, they revealed that they had mitigated against the largest known distributed denial-of-service (DDoS) attack, when its infrastructure blocked a whopping 2.5 Tbps (Terabits per second) attack.
Reading Time: ~ 3 min. Fine-tuning privacy for any preference A DNS filtering service that accommodates DNS over HTTPS (DoH) can strengthen an organization’s ability to control network traffic and turn away threats. DoH can offer businesses far greater control and flexibility over their privacy than the old system. show more ...
