Who would have thought that an episode of this podcast would start with Robin Hood? Well, you don’t have to go far; that’s exactly where we kick off this episode of the Transatlantic Cable podcast. Our first story of the week takes a look at some Robin Hood types who, after using ransomware to steal from show more ...
The ENISA said in its annual report issued today that insider threats, ransomware, and cyber espionage threats were in decline up until April this year when COVID-19-related lockdowns began.
The US National Security Agency (NSA) today published a list of the top 25 publicly known vulnerabilities most often scanned for and targeted by state-sponsored attackers out of China.
The Cybersecurity Maturity Model Certification (CMMC) takes into account how most businesses can't keep up with the influx of vulnerabilities affecting their infrastructure and software.
The latest research opens the door to new methods of distributing secret cryptographic keys – used to encrypt and decrypt data, ensure secure communication, and protect private information.
The Swedish Post and Telecom Authority (PTS) said Tuesday that Huawei and ZTE equipment could not be used in building out new networks, with a spectrum auction due to be held next month.
Over the last three months, 80% of ransomware attacks combined with data dumps were associated with four families of ransomware – Maze, Sodinokibi, Conti, and Netwalker, according to Digital Shadows.
The FBI’s role in defending vaccine makers and others combating the virus is part of a government-wide effort, which has included indictments and public joint agency warnings against foreign actors.
The zero-day is tracked as CVE-2020-15999 and is described as a memory corruption bug in the FreeType font rendering library that's included with standard Chrome distributions.
“We’ve taken down most of their infrastructure,” corporate Vice President Tom Burt said in an interview. “Their ability to go and infect targets has been significantly reduced.”
Cisco has issued an odd warning to users of its HyperFlex hyper-converged infrastructure products, telling them a VMware programming blunder can leave their installation in an “unrecoverable” state.
Six of the security holes plugged last week have been rated important, including improper authorization, insufficient user session invalidation, and stored cross-site scripting (XSS) issues.
Suspected Russian hackers were behind multiple recent intrusions of U.S. state and local computer networks, according to an industry analysis from FireEye Mandiant obtained by CyberScoop.
Pharma giant Pfizer has leaked the private medical data of prescription-drug users in the U.S. for months or even years, thanks to an unprotected Google Cloud storage bucket.
An unauthorized party accessed information in an attack dating from February to August 2020. It potentially affected the names, billing addresses, email addresses, and credit card details of users.
The patch impacts Adobe Illustrator, Dreamweaver, Marketo, Animate, After Effects, Photoshop, Premiere Pro, Media Encoder, InDesign, and the Creative Cloud desktop app for Windows and macOS.
Nearly 9GB of sensitive data belonging to Toledo Public Schools (TPS) has been exposed, including names, addresses, dates of birth, phone numbers, and Social Security numbers.
In an advisory published on October 20, VMware revealed six vulnerabilities, including one critical flaw, affecting its ESXi, Workstation, Fusion, Cloud Foundation, and NSX-T products.
The latest version of Linus Torvalds' Git version-control system brings experimental support for the SHA-256 cryptographic hash, moving it away from its reliance on the less safe SHA-1.
Earlier this summer, a security researcher named Orange Tsai discovered three major vulnerabilities in MobileIron's MDM solutions, which he reported to the vendor, and which were patched in July.
The Office of the Comptroller of Currency found that the banks "failed to exercise proper oversight of the decommissioning of two Wealth Management business data centers located in the United States."
While the outages didn't affect operation of buses or metro systems, people with disabilities who rely on STM's door-to-door paratransit service are affected as it uses an online registration system.
Adobe has begun testing a method to securely watermark digital assets such as photos in its applications to ensure proper attribution of digital media, it said in a blog post on Tuesday.
A security researcher has reportedly earned $20,000 for a high-severity GitHub Enterprise vulnerability that might have allowed an attacker to execute arbitrary commands.
"We are aware of a bug in Chrome that is impacting how cookies are cleared on some first-party Google websites. We are investigating the issue, and plan to roll out a fix...," Google acknowledged.
Speaking at Infosecurity Online, Javvad Malik of KnowBe4 recommended listeners to look for rogue URLs and “lookalike domains” in phishing messages as it is all too common for a URL to be changed.
"We are particularly concerned about Facebook's plans to go to end-to-end encryption of their entire platform to create, in effect, the world's biggest dark web," Secretary of Home Affairs said.
A series of popular apps using an outdated piece of code owned by Twitter are exposing their users' location data. In total, the apps have been downloaded nearly 10 million times.
The flaw resides in the Cisco Discovery Protocol implementation for Cisco IOS XR Software. It could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload.
Ongoing phishing email lures have shifted from COVID-19 to job opportunities. Scammers are sending emails purporting to be from governments about economic benefits for those affected by the pandemic.
The Canadian government alerted of a new COVID-19 scam wherein fraudsters masquerade as the procurement department to send phishing emails, in an attempt to steal workers’ private information.
Microsoft and several other tech companies have recently joined their hands to disrupt the TrickBot botnet, which is one of the top three most successful Malware-as-a-Service (MaaS) operations globally.
Silent Librarian, TA407, or Cobalt Dickens is an Iranian state-sponsored APT group infamous for targeting educational institutions to steal research materials, via spear-phishing campaigns.
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the show more ...
RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system version 2.2.25 that allows participants of a conference with permissions to upload presentations to read arbitrary files from the file system and perform server-side requests. This leads to administrative access to the BigBlueButton instance.
Ubuntu Security Notice 4596-1 - It was discovered that Tomcat did not properly manage HTTP/2 streams. An attacker could possibly use this to cause Tomcat to consume resources, resulting in a denial of service. It was discovered that Tomcat did not properly release the HTTP/1.1 processor after the upgrade to HTTP/2. An show more ...
Red Hat Security Advisory 2020-4295-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.
Bludit versions 3.9.2 and below bruteforce mitigation bypass exploit. Please visit the related homepage for deep dive details on usage.
Tiki Wiki CMS Groupware version 21.1 suffers from an authentication bypass vulnerability.
Libtaxii versions 1.1.117 and below and OpenTaxi versions 0.2.0 and below suffer from a server-side request forgery vulnerability.
Red Hat Security Advisory 2020-4264-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Ubuntu Security Notice 4595-1 - It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code.
GOautodial version 4.0 suffers from a remote shell upload vulnerability.
Ubuntu Security Notice 4594-1 - It was discovered that Quassel incorrectly handled Qdatastream protocol. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that Quassel incorrectly handled certain login requests. A remote attacker could possibly use this issue to cause a denial of service.
School Faculty Scheduling System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
School Faculty Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2020-4299-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, denial of service, and double free vulnerabilities.
Hrsale version 2.0.0 suffers from a local file inclusion vulnerability.
Ubuntu Security Notice 4588-1 - It was discovered that FlightGear could write arbitrary files if received a special nasal script. A remote attacker could exploit this with a crafted file to execute arbitrary code.
Ubuntu Security Notice 4586-1 - It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick to crash, resulting in a denial of service.
Ubuntu Security Notice 4587-1 - Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. Josef Gajdusek discovered that iTALC had heap-based buffer show more ...
Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browsers include UCWeb, Yandex Browser, Bolt Browser, and RITS Browser. The flaws were discovered by Pakistani
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild by attackers to
Many thanks to the fab folks at Recorded Future, who are sponsoring my writing this week. Recorded Future empowers your organization, revealing unknown threats before they impact your business, and helping your teams respond to alerts 10 times faster. How does it do this? By automatically collecting and analyzing show more ...
Reading Time: ~ 5 min. October 21 is Wonder Woman Day. It commemorates Wonder Woman’s first appearance in All Star Comics #8. With the upcoming release of Wonder Woman 1984, we took the opportunity to talk superheroes, superpowers and protecting data with our very own Briana Butler, Engineering Services Manager at show more ...
