We kick off the 170th edition of the Kaspersky Transatlantic Cable podcast with the alleged end of the Maze ransomware gang. The cybercriminal enterprise recently issued a broken-English press release claiming it was exiting the game. It would be easy to take them at their word, but they are criminals, after all, and show more ...
Assaf Harel of the firm Karamba Security joins us in the Security Ledger studio to discuss connected car security and the right to repair. The post Episode 193: Repair, Cyber and Your Car with Assaf Harel of Karamba Security appeared first on The Security Ledger. Related StoriesEpisode 192: It’s Showtime! Are show more ...
Leaving aside victims' expectations that attackers will actually destroy stolen data, new research suggests a number of victims who do pay up may see some or all of the stolen data published anyway.
Cisco has disclosed a zero-day vulnerability, tracked as CVE-2020-3556, in the Cisco AnyConnect Secure Mobility Client software with the public availability of a proof-of-concept exploit code.
Russian authorities claim that between November 2017 and March 2018, the suspect created several malware strains, which he later used to infect more than 2,100 computers across Russia.
The flaw exists in the OpenSLP feature of VMware ESXi. ESXi is a hypervisor that uses software to abstract processor, memory, storage, and networking resources into multiple virtual machines (VMs).
Increased cybersecurity risk caused by human error has posed challenges to 80% of businesses during the COVID-19 pandemic, according to a new report by ESET and The Myers-Briggs Company.
Chesapeake Regional Healthcare experienced a data security incident affecting 23,058 individuals, from February 7 that may have intermittently reoccurred until May 20, the organization said.
Organizations that update business models to include cybersecurity as part of a strategic planning process may be able to better withstand unexpected disruptions, experts say.
The FBI issued a flash alert warning that unidentified threat actors are targeting vulnerable SonarQube instances to access source code repositories of U.S. government agencies and private businesses.
The QBot banking Trojan operators return with yet another themed spam wave using the same hijacked email thread technique enticing victims with malicious election interference attachments.
Several threat actors have recently taken to popular sites like YouTube, Vimeo, and Sellix to advertise and demonstrate their discount-priced $40 ransomware-as-a-service (RaaS) builder called ZagreuS.
Japanese game developer Capcom, who made games like Devil May Cry, and Street Fighter, has admitted to having suffered a cyberattack over the weekend that is impacting some of its business operations.
Old software components and the inclusion of unnecessary code created a massive attack surface area in high-performance computing containers used for scientific analysis, researchers say.
The 5.22GB worth of database was leaked earlier today on a prominent hacker forum. It can be confirmed that the database is now available on several other forums including Russian-speaking ones.
Researchers are puzzled when it comes to unmasking a new advanced persistent threat (APT) group targeting non-governmental organizations in the Southeast Asian nation Myanmar (formerly Burma).
Researchers are warning of phishing attacks leveraging Google Forms as landing pages to collect credentials by masquerading as login pages from over 25 different companies and government agencies.
U.S. Cyber Command and the NSA have taken recent actions to ensure that foreign actors don't interfere in 2020 elections, including an operation in past two weeks against Iran, U.S. officials said.
The two companies have been close since October 2018, when ConnectWise invested $9 million in Perch. ConnectWise is expected to tell partners about the deal at IT Nation on Tuesday.
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams.
Upon request from the government of Brazil, US law enforcement participated in "Operation Egypto," a Brazilian federal investigation into the suspected scam, the US Department of Justice (DoJ) said.
A critical vulnerability in Git LFS, an open-source Git extension for versioning large files, allows attackers to achieve remote code execution on victims using Windows-based systems.
The GEO Group, a company known for running private prisons and illegal immigration detention centers in the US and other countries, says it suffered a ransomware attack over the summer.
Researchers found an ongoing cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months.
Security experts reporting about a new Google Drive scam that targets users with notifications in Russian or English asking them to review their bank account activity or accepting a cash prize.
The FBI, DHS, and Health and Human Services issued a joint alert against the threat of ransomware and other attacks against the healthcare sector.
The infamous Maze ransomware gang announced its retirement from November 1, 2020. In a notice shared on its darknet site, the gang called an end to its operation saying, ‘This project is now closed.’
The pandemic has created IT security challenges in the health sector while exacerbating old ones. Healthcare firms have in recent months relied more on telehealth services to treat patients remotely.
A creative Office 365 phishing campaign has been inverting images used as backgrounds for landing pages to avoid getting flagged as malicious by crawlers designed to spot phishing sites.
Not only did the pandemic force organizations to transform their networks to accommodate moving their traditional workforce to remote working, it also forced cybercriminals to adjust their tactics.
The distinguishing part of the malware is the _mauthtoken cookie that it sets and checks to prevent redirects for returning visitors. This feature makes troubleshooting much harder.
News of the supposed leak and posting came from a site called Resynth that linked to a Wayback Machine snapshot of a GitHub repo that purported to be the work of GitHub CEO Nat Friedman.
The blunder was spotted on Wednesday by Tillie Kottmann, a Switzerland-based IT consultant and developer who uses the handle "deletescape." The website was taken down in Wednesday.
Agencies that have worked to bolster election security over the past years are still on high alert during the vote-counting process, noting that the election isn't over even if ballots have been cast.
Almost two-thirds (65%) of large financial services companies have suffered a cyberattack in the past year, while 45% have experienced a rise in attack attempts since the start of the pandemic.
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
iDS6 DSSPro Digital Signage System version 6.2 suffers from a privilege escalation vulnerability. An authenticated user can elevate his/her privileges by calling JS functions from the console or by insecure direct object references to hidden functionalities that can result in creating users, modifying roles and permissions and full takeover of the application.
The CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.
iDS6 DSSPro Digital Signage System version 6.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
iDS6 DSSPro Digital Signage System version 6.2 suffers from a cleartext transmission/storage of sensitive information in a cookie when using the Remember (autoSave=true) feature. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.
Ubuntu Security Notice 4618-1 - Sergey Nizovtsev discovered that tmux incorrectly handled some inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
Red Hat Security Advisory 2020-4953-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and privilege escalation vulnerabilities.
Red Hat Security Advisory 2020-4946-01 - The libX11 packages contain the core X11 protocol client library. Issues addressed include double free and integer overflow vulnerabilities.
Red Hat Security Advisory 2020-4947-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2020-4945-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2020-4951-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2020-4944-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2020-4948-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.4.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2020-4952-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2020-4950-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2020-4949-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2020-4932-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 8 serves as a show more ...
Red Hat Security Advisory 2020-4929-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 6 serves as a show more ...
Red Hat Security Advisory 2020-4930-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 security update on RHEL 7 serves as a show more ...
Red Hat Security Advisory 2020-4931-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.3 serves as a replacement for Red Hat show more ...
Amarok version 2.8.0 suffers from a denial of service vulnerability.
Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months. According to findings published by Check Point Research, the threat actors — believed to be located in the Palestinian Gaza Strip — have targeted Sangoma PBX, an
A cyber-attacker successfully breaks into your environment and begins sneaking around to find something valuable - intellectual property, bank account credentials, company plans, whatever. The attacker makes his way to a certain host on a network node to browse the directories, and suddenly, his connection is cut off. The stolen username and password he acquired no longer works. Unknowingly,
The Secure Access Service Edge (or SASE) has been a very hot buzzword in the past year. A term and category created by Gartner 2019, SASE states that the future of networking and security lies in the convergence of these categories into a single, cloud-based platform.The capabilities that SASE delivers aren't new and include SD-WAN, threat prevention, remote access, and others that were
A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to internet service providers (ISPs) in Australia, Israel, Russia, and defense contractors based in Russia
Students are being spied on as they do online exams, how did a televised football match reveal the truth about artificial intelligence, and what on earth is the Canny Lumpsucker vulnerability? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security show more ...
Ubisoft says that it is investigating media claims that the Egregor ransomware gang has published a 558 GB archive of the source code and resources of the video game Watch Dogs: Legion on file-sharing site networks. The Egregor group claims that it obtained the source code of the newest game in the Watch Dogs series, following a security breach of Ubisoft’s internal servers.
Japanese game developer Capcom has revealed that it suffered a security breach earlier this week which saw malicious hackers access its internal systems. Read more in my article on the Tripwire State of Security blog.
The post Protecting Cloud-Native Applications appeared first on Security Weekly.
