While multi-factor authentication, or MFA, has become an essential part of the security arsenal belonging to every single Internet user out there, there are parts of it that need to be abandoned. And these are SMS and voice MFA, Microsoft warns, as they are based on publicly switched telephone networks, or PSTN, which show more ...
A number of security products for Windows are flagging a bunch of new Dell printer drivers as malware and obviously blocking their installation. While in theory one antivirus solution warning of a potential malware infection in a driver isn’t something concerning given that false positives happen occasionally, this show more ...
To open our 171st episode of the Kaspersky Transatlantic Cable podcast we start on the Silk Road. No, Dave and I aren’t talking drugs, weapons, or murder for hire, but rather Bitcoins. The US government recently seized roughly $1 billion in the cryptocurrency, and it appears to be tied to the now-defunct show more ...
Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft’s release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its show more ...
The vulnerabilities, if exploited, could allow an attacker to exfiltrate data, modify code, and execute commands on operational technology (OT) and critical infrastructure systems.
The thing is, cybersecurity isn’t a battle that is ultimately won, but an ongoing game to play every day against attackers who want to take your systems down by exploiting vulnerabilities.
A logged-in user would fall prey to an attack exploiting the critical flaw in Facebook’s payments redirect page by visiting, then clicking on, an attacker-controlled website.
The University of Arkansas at Little Rock is part of a coalition of universities and industry partners that are developing a curriculum to increase cybersecurity talent focused on health care.
A Cyentia Institute report that focuses on the 100 largest cyber incidents of the past five years found that these events totaled $18 billion in reported losses and 10 billion compromised records.
The CyberNews investigation team recently discovered an unsecured database containing more than 130,000 extremely sensitive, very explicit private photos, videos, and audio recordings.
A British infosec outfit spotted a privilege escalation vulnerability in EA Games’ Origin client after discovering the software was hunting for an absent DLL file when users opened it.
A new U.S. Department of Defense rule goes into effect later this month that will require defense contractors and subcontractors to complete a cybersecurity self-assessment.
Named Platypus, an acronym for "Power Leakage Attacks: Targeting Your Protected User Secrets," the attack targets the Running Average Power Limit (RAPL) interface of Intel processors.
The technique consisted of using Facebook developer accounts to place calls to Facebook or Facebook Messenger API servers, requesting a link preview for pages a group wanted to scrape.
PKWARE has acquired Dataguise, a company with innovative technology for businesses to discover and protect personal data stored across diverse IT systems and environments.
The vulnerabilities could be triggered only when someone had physical access to, and a valid account on, a vulnerable machine. It worked only on desktop versions of Ubuntu.
In Adobe Reader Mobile for Android, the company addressed an important-severity improper access control flaw, tracked as CVE-2020-24441, that can lead to the disclosure of sensitive information.
SentinelOne has raised $267 million from venture capital backers including Tiger Global and Sequoia at a valuation of more than $3 billion, almost three times what it was valued in February.
The supply chain around the Internet of Things (IoT) has become the weak link in cybersecurity, potentially leaving organisations open to cyberattacks via vulnerabilities they're not aware of.
Mozilla has issued a critical patch for Firefox, Firefox ESR, and Thunderbird after a security issue was discovered at the Tianfu Cup 2020 International Cybersecurity Contest.
The General Services Administration put its data at risk by mishandling contract employee access cards, according to an audit released Wednesday by its Office of Inspector General.
Federal regulators are requiring Zoom to strengthen its security in a proposed settlement of allegations that the video conferencing service misled users about its level of security for meetings.
A massive Intel security update this month addresses flaws across various products – most notably, critical bugs that can be exploited by unauthenticated hackers in order to gain escalated privileges.
Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed last week.
A researcher reported ‘extraordinary’ vulnerabilities related to open ports in the web browser in TCL's Android-based smart TVs – TCL is the world’s 3rd largest TV manufacturer.
Palo Alto Networks has agreed to purchase attack surface management vendor Expanse for $800 million to gain visibility into exposed and untracked assets in the customers‘ ecosystem.
A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and endangered patient data.
In a paper titled “Real-World ADS-B signal recognition based on Radio Frequency Fingerprinting,” three Chinese researchers describe a method of identifying unique transmitters fitted to aircraft.
While not necessarily dangerous, fleeceware apps can still deprive unwitting users of their hard-earned cash by providing poor goods or services through extortionate, automatic subscriptions.
Researchers from KELA spotted a threat actor touting domain admin access to the airline for $4,000 on two Russian-speaking illegal online forums and one English-speaking forum.
According to Cofense Intelligence researchers, a new version of Hentai OniChan ransomware dubbed King Engine is being delivered in a coronavirus-themed phishing campaign.
An attack on the Microsoft Exchange server of an organization in Kuwait revealed two never-before-detected Powershell backdoors tracked as TriFive and Snugy.
The deal will see remote working-focused zero-trust access capabilities added to Barracuda’s security offering with the Fyde solution available immediately as Barracuda CloudGen Access to businesses of all sizes.
Kaspersky researchers have discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems.
A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research.
Akamai CEO Tom Leighton said cybersecurity may have become less of a consideration during the pandemic, but the level of attack the company has witnessed suggests the threat has not abated.
Details of Brett Bruce White’s complex web of denial of service attacks, committed against people he didn’t know or had barely met, were revealed at Melbourne County Court on Wednesday.
The Intel Support Assistant is the latest Windows utility to be found that could expose millions of computers to privilege-escalation attacks through file manipulation and symbolic links.
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the show more ...
Microsoft Windows suffers from a local spooler bypass vulnerability.
Call For Papers for the No cON Name 2020 conference. It will be held online December 18th through the 20th, 2020.
Customer Support System version 1.0 suffers from a persistent cross site scripting vulnerability.
Customer Support System version 1.0 suffers from a cross site request forgery vulnerability.
Customer Support System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2020-5086-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
Red Hat Security Advisory 2020-5083-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5084-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 6.
Red Hat Security Advisory 2020-5085-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.
Ubuntu Security Notice 4628-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker show more ...
Gentoo Linux Security Advisory 202011-14 - A vulnerability has been discovered in MariaDB which could result in the arbitrary execution of code. Versions less than 10.5.6 are affected.
Gentoo Linux Security Advisory 202011-13 - Multiple vulnerabilities have been found in Salt, the worst of which could result in the arbitrary execution of code. Versions less than 3000.5 are affected.
Gentoo Linux Security Advisory 202011-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 86.0.4240.193 are affected.
Gentoo Linux Security Advisory 202011-11 - A privilege escalation vulnerability has been discovered in Blueman. Versions less than 2.1.4 are affected.
Gentoo Linux Security Advisory 202011-10 - A buffer overflow in tmux might allow remote attacker(s) to execute arbitrary code. Versions less than 3.1c are affected.
Gentoo Linux Security Advisory 202011-9 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 5.1.0-r1 are affected.
Gentoo Linux Security Advisory 202011-8 - Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3.4.0 are affected.
Gentoo Linux Security Advisory 202011-7 - A use-after-free in Mozilla Firefox might allow remote attacker(s) to execute arbitrary code. Versions less than 82.0.3 are affected.
Ubuntu Security Notice 4627-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 4626-1 - Simon Scannell discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information or gain administrative privileges. Moritz Lipp, Michael Schwarz, Andreas Kogler, David show more ...
Red Hat Security Advisory 2020-5079-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.
Ubuntu Security Notice 4625-1 - A use-after-free was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to execute arbitrary code.
CMSUno version 1.6.2 user remote code execution exploit. This is a variant of the vulnerability discovered by the same researcher in November of 2020.
Joomla Simple Image Gallery Extended (SIGE) extension versions 3.4.1-FREE and 3.5.3-PRO suffer from cross site scripting and remote file inclusion vulnerabilities.
Ubuntu Security Notice 4622-2 - USN-4622-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP to crash, show more ...
Ubuntu Security Notice 4630-1 - Hanno Boeck discovered that Raptor incorrectly handled certain memory operations. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could cause the application to crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 4629-1 - Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions. An attacker could possibly use this issue to execute arbitrary code. Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files. An attacker could possibly use this issue to execute arbitrary code.
A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research. "This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of websites at once through supply chain attacks, such as the Adverline incident, or through the use of
The end of the year is coming, and it's time for security decision-makers to make plans for 2021 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2021 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an
Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week. The rollout addresses flaws, 17 of which are rated as Critical, 93 are rated as Important, and two are rated Low in severity, once again bringing the patch count over 110 after
A zero-day vulnerability that has been exploited in active attacks against users of Windows 7 and Windows 10 has been patched by Microsoft.
