Some mobile apps track your location — and secretly report it to services that sell the data. You almost certainly use at least one such app without even knowing it. How do you find out which apps may be problematic — and what can you do about it? Which mobile apps are tracking you? When he saw a visualization of show more ...
Cisco informed customers on Wednesday that it’s working on a patch for a code execution vulnerability affecting its AnyConnect product. The company says a proof-of-concept (PoC) exploit is available.
Two men accused of trading on information hacked from a government database will pay $425,000 to settle regulatory claims, a fraction of the illegal profits they were alleged to have earned.
According to Google researchers, the three iOS zero-days are related to the recent spat of three Chrome zero-days and a Windows zero-day that Google had previously disclosed over the past two weeks.
Iran’s Islamic Revolutionary Guard Corps (IRGC) unlawfully used the domains in operations to “covertly influence” opinions in the U.S. and elsewhere, the DoJ said in an announcement Wednesday.
It has been observed that RobbinHood’s favorite infiltration vector is the RDP port. The black-hat hackers usually gain access to the network by brute-force attacking the Remote Desktop Protocol port.
In September, hundreds of hospitals operated by Universal Health Services had their systems disrupted by an apparent Ryuk ransomware infection, with consequent attacks on other healthcare systems.
A specific JavaScript code embedded in a PDF file can lead to an out-of-bounds memory access condition when opening a PDF document in Adobe Acrobat Reader DC 2020.006.20034.
A cyberespionage campaign aimed at aerospace and defense sectors in order to install data-stealing implants on victims' machines may have been more sophisticated than previously thought.
Cado Security, a cloud-native forensics and response company, has announced a $1.5 million seed round of funding. The round was led by Ten Eleven Ventures, a cybersecurity venture capital firm.
This partnership will help further the Cyber Accelerator program that supports the growth of startup cyber-companies who aim to bring new better, faster, and cheaper security products to market.
The cyber infrastructure of the Brazilian Superior Court of Justice has suffered a massive ransomware attack, as a result, its services including the official website have been forced to go offline.
Various ransomware groups have posted the stolen data from victims online despite having been paid to not release it or have demanded another payment from victims at a later date.
Campari Group, the famed Italian beverage vendor behind brands like Campari, Cinzano, and Appleton, has been hit by a ransomware attack and has taken down a large part of its IT network.
According to a new report released by McAfee, during the second quarter of 2020, there was an average of 419 new threats per minute as overall new malware samples grew by 11.5%.
COVID-19 has exposed longstanding gaps in enterprise mobile security. Creating a comprehensive mobile security plan and mandating compliance with that plan are essential to closing them.
The IRS says it has finally tracked down the hacker who stole the Silk Road's nearly 70,000 bitcoins—now worth more than $1 billion—and allowed law enforcement to take control of those funds.
The seller offers “convenient access” to the 7,500 compromised networks located in the USA, Canada, and Australia via RDP and claims to be the sole cybercriminal in possession of the network access.
Despite its origin as a banking trojan, Emotet has emerged as a loader to provide access to compromised systems to third-party threat groups to deploy payloads such as trojans and human-operated ransomware.
The ongoing attacks are targeted at Russian firms, leveraging phishing emails for malware deployment. In some cases, documents stolen in previous attacks are leveraged for social engineering.
According to an annual report by the U.K's NCSC, the cybersecurity agency witnessed 723 reported incidents, including a quarter of them, 194, which were related to the COVID-19 pandemic.
Another leading Indian pharmaceutical firm, Lupin, has reported a cybersecurity attack on its IT systems within two weeks of a ransomware attack on Dr. Reddy’s Laboratories.
The advanced malware, which lives on GitHub and also uses Pastebin, comes equipped with reverse shell and crypto-mining capabilities and exploits over 12 known vulnerabilities, therefore the moniker.
While the updated version of the cybersecurity framework will become official in January, banks and financial institutions in Hong Kong will have until December 2023 to complete most of their tasks.
Threat actors are actively exploiting Oracle WebLogic servers unpatched against CVE-2020-14882 to deploy Cobalt Strike beacons which allow for persistent remote access to compromised devices.
According to the CEO, the upload in question was actually of GitHub Enterprise Server, not the GitHub website itself. While the two share a considerable volume of code, the distinction is significant.
Coveware reports that when victims pay for a guarantee that data stolen during an attack - before systems got encrypted - will get deleted, they're often paying for false promises.
Researchers from Zscaler came across another variant of the app portraying itself as TikTok Pro, but the new one is a full-fledged spyware with premium features to spy on victims with ease.
“We know from our earlier experience that fraudsters see this pandemic as an opportunity to trick European consumers,” Commissioner for Justice Didier Reynders said in a statement.
This is the latest mergers & acquisitions (M&A) transaction since ACRE completed the acquisitions of two access control businesses - Open Options in December 2018 and RS2 in May 2019.
Over the past week, an exceptional number of Israeli companies reported ransomware attacks. Several of these attacks involved a previously unknown ransomware variant named Pay2Key.
The University of South Australia (UniSA) and Optus have formed a new strategic alliance to bolster research outcomes in data science and cybersecurity and train future specialists in those fields.
While 2020 has seen a rise in ransomware threats, the Ryuk ransomware accounted for 67.3 million attacks, making up 33.7% of all ransomware attacks this year, according to a report by SonicWall.
Ubuntu Security Notice 4621-1 - It was discovered that netqmail did not properly handle certain input. Both remote and local attackers could use this vulnerability to cause netqmail to crash or execute arbitrary code. It was discovered that netqmail did not properly handle certain input when validating email addresses. show more ...
Asterisk Project Security Advisory - If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately show more ...
Asterisk versions 17.5.1 and 17.6.0 were found vulnerability to a denial of service condition where Asterisk segfaults when receiving an INVITE flood over TCP.
Ubuntu Security Notice 4620-1 - It was discovered that phpLDAPadmin didn't properly sanitize before being echoed to the user. A remote attacker could inject arbitrary HTML/Javascript code in a user's context and cause a crash, resulting in denial of service or potential execution of arbitrary code.
Microsoft Windows version 8.1 suffers from a Cleanmgr race condition that allows for a security feature bypass in the firewall.
CMSUno version 1.6.2 authenticated remote code execution exploit.
Asterisk Project Security Advisory - Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending upon some off nominal circumstances, and timing it was possible show more ...
Ubuntu Security Notice 4599-3 - USN-4599-1 and USN-4599-2 fixed vulnerabilities in Firefox. The updates introduced various minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could show more ...
Sentrifugo version 3.2 assets authenticated remote code execution exploit.
Sentrifugo version 3.2 announcements authenticated remote code execution exploit.
Ubuntu Security Notice 4619-1 - Mário Areias discovered that dom4j did not properly validate XML document elements. An attacker could exploit this with a crafted XML file to cause dom4j to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2020-4961-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This show more ...
Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more.
BlogEngine version 3.3.8 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2020-4960-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that show more ...
SmartBlog version 2.0.1 suffers from a remote blind SQL injection vulnerability.
Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges. The
Security researchers have uncovered an organised gang of cybercriminals who are compromising the VOIP phone systems of over 1000 organisations worldwide. Check Point has identified a malicious campaign that has targeted a critical vulnerability in the Sangoma PBX open-source GUI, used to manage installations of show more ...
Reading Time: ~ 2 min. Maze Ransomware Group Ends Operations A press release issued this week announced the end of the Maze ransomware group’s data theft operations. In the release, the Maze authors revealed their motives behind one of the most successful ransomware campaigns to date, and why they chose to finally show more ...
The post Why Network Data Should be the Foundation of Your Security Strategy appeared first on Security Weekly.
