Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Leaving aside the notion that victims might show more ...
SaltStack has officially revealed three bugs, tracked as CVE-2020-16846, CVE-2020-17490, and CVE-2020-25592, in its code – two of them seemingly critical – and told users to prioritize this update.
The sudden shift to remote working as a result of COVID-19 has left businesses at a far higher risk of cyber-attacks, largely due to their tech infrastructure being exposed to new attack vectors.
The sale was organized as a public auction on a private underground hacking forum for Russian-speaking cybercriminals, security researcher Pancak3 told ZDNet in an interview last month.
Skilled computer programmer Aleksandr Brovko admitted being involved in a scheme to steal sensitive personal and financial data and traffic it on dark web that caused estimated losses of over $100m.
Adobe on Tuesday informed customers that it has patched over a dozen vulnerabilities in its Acrobat products, including critical flaws that can be exploited for arbitrary code execution.
GrowDiaries, an online community where marijuana growers can blog about their plants and interact with other farmers, has suffered a security breach in September this year.
Even the most sophisticated APT groups tend to stick with old tactics, techniques, and procedures as long as they work. However, whenever needed, the groups can innovate in extremely dangerous ways.
Sweden’s largest insurer, Folksam, accidentally leaked private data on about one million of its customers to a handful of the world’s largest technology companies, it said on Tuesday.
Almost two-thirds of vulnerabilities on enterprise networks involve flaws that are over two years old that have not been patched, despite fixes being available, as per analysis by Bitdefender.
?Toy industry giant Mattel disclosed that they suffered a ransomware attack on July 28, 2020, that impacted some of its business functions but did not lead to data theft.
A researcher at cybersecurity services provider IOActive has identified a privilege escalation vulnerability in Windows that can be exploited by abusing games in the Microsoft Store.
Cofense identified a campaign that aims to steal employee credentials by leveraging reimbursement emails, across the insurance, medical, professional services, and banking industries.
Researchers suspect that previous customers of Maze may not quit the market, and that "many of their affiliates have moved to a new family" known as Egregor, a spin-off of Ransom.Sekhmet.
First discovered in October, RegretLocker is a simple ransomware in terms of appearance as it doesn't contain a long-winded ransom note and uses email for communication rather than a Tor payment site.
The University of Illinois at Urbana-Champaign and the University of West Florida received a total of $8 million in separate grants from the DHS and the NSA to tackle cybersecurity talent crunch.
According to Cofense Intelligence researchers, a new version of Hentai OniChan ransomware dubbed “King Engine” is being delivered in a Coronavirus-themed phishing campaign.
Isentia deals with the Australian government, Singtel, AMP, Samsung, Seek, and Walt Disney Corporation, as well as government agencies, Fortune 500 firms, small businesses, and academic institutes.
The CISA and the FBI shed light on the activities of Iranian state-sponsored hackers and alerted voters in a joint advisory. Hackers were seen using fake Proud Boys-themed emails.
FireEye has discovered a new threat actor named UNC1945 that infiltrates corporate networks for telecommunications, financial, and consulting firms via a vulnerability in the Oracle Solaris OS.
The Emotet Trojan is taking advantage of the Halloween season by pushing out spam templates that invite victims to a Halloween party to trick them into downloading the malware.
Investigators allege the duo set up phishing websites that mimicked legitimate employee portals belonging to wireless providers, and then tricked employees into logging in at these fake portals.
Leading cloud software provider Blackbaud has been sued in 23 proposed consumer class action cases in the U.S. and Canada related to the ransomware attack that the company suffered in May 2020.
More than 23,000 hacked databases have been made available for download on several hacking forums and Telegram channels in what threat intel analysts are calling the biggest leak of its kind.
Joomla Publisher component version 3.0.19 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2020-4909-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2020-4907-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2020-4908-01 - The libX11 packages contain the core X11 protocol client library. Issues addressed include double free and integer overflow vulnerabilities.
Ubuntu Security Notice 4616-2 - USN-4616-1 fixed several vulnerabilities in AccountsService. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered that AccountsService incorrectly dropped privileges. A local user could possibly use this issue to cause AccountsService to crash or hang, resulting in a denial of service. Various other issues were also addressed.
Ubuntu Security Notice 4617-1 - Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. Matthias Gerstner discovered that SPICE vdagent incorrectly handled show more ...
Red Hat Security Advisory 2020-4913-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2020-4903-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
Red Hat Security Advisory 2020-4900-01 - The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2020-4805-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include a memory leak vulnerability.
Red Hat Security Advisory 2020-4469-01 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2020-4627-01 - Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. Issues addressed include buffer over-read and buffer overflow vulnerabilities.
Red Hat Security Advisory 2020-4545-01 - libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2020-4641-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2020-4694-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include information leakage, man-in-the-middle, and out of bounds read vulnerabilities.
Red Hat Security Advisory 2020-4751-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include cross site scripting, denial of service, and open redirection vulnerabilities.
Red Hat Security Advisory 2020-4697-01 - The targetcli package contains an administration shell for configuring Internet Small Computer System Interface, Fibre Channel over Ethernet, and other SCSI targets, using the Target Core Mod/Linux-IO kernel target subsystem. FCoE users also need to install and use the fcoe-utils package.
Red Hat Security Advisory 2020-4490-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2020-4670-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include code execution, cross site scripting, denial of service, memory leak, and use-after-free vulnerabilities.
Red Hat Security Advisory 2020-4484-01 - Expat is a C library for parsing XML documents. Issues addressed include buffer over-read and denial of service vulnerabilities.
Red Hat Security Advisory 2020-4760-01 - The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Issues addressed include buffer over-read, buffer overflow, out of bounds read, and resource exhaustion vulnerabilities.
Red Hat Security Advisory 2020-4605-01 - The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability environment. Issues addressed include a crlf injection vulnerability.
Red Hat Security Advisory 2020-4756-01 - Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Issues addressed include denial of service and information leakage vulnerabilities.
Red Hat Security Advisory 2020-4553-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a memory leak vulnerability.
Red Hat Security Advisory 2020-4682-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include cross site scripting and information leakage vulnerabilities.
Red Hat Security Advisory 2020-4464-01 - libxslt is a library for transforming XML files into other textual formats using the standard XSLT stylesheet transformation mechanism. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2020-4910-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and privilege escalation vulnerabilities.
Red Hat Security Advisory 2020-4922-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a memory leak vulnerability.
Red Hat Security Advisory 2020-4923-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a memory leak vulnerability.
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! If 2020 taught the security industry anything, it is this: There has never been a better time to be a cybercriminal. From extortion ransomware to cyberespionage campaigns, adversaries show more ...
Reading Time: ~ 3 min. Mobile devices have become an indispensable part of our lives. By the time we’re teenagers, we’re already tethered to technology that lives in our pockets and connects us to a network far larger than we ever imagined possible. Because of the way we interact with our phones, it knows our show more ...
