In an odd turn of events, the 174th episode of the Kaspersky Transatlantic Cable podcast takes Dave and me back to a slew of topics that were hot in 2018: ransomware, Bitcoin prices, and more. We start with a story about the skyrocketing price of Bitcoin. Dave and I share some of our theories on the rise. Keep in mind show more ...
CYBATHLON 2020, in which people with disabilities complete once-impossible everyday tasks using state-of-the-art technologies, is more than just an international competition. The organizers at ETH Zurich (the Swiss Federal Institute of Technology in Zurich) conceived it as a platform for the development of assistive show more ...
For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange show more ...
A dynamic analysis of the publicly available images on Docker Hub found that 51% had critical vulnerabilities and about 6,500 of the 4 million latest images could be considered malicious.
OpenClinic is an open-source health records management software; its latest version is 0.8.2, released in 2016, so the flaws remain unpatched, researchers at Bishop Fox said.
Organizations hoping to work with the Defense Department would be required to obtain certification through an accreditation body that entered into a no-cost contract with the DoD on November 25.
There's been a huge rise in one particular form of phishing attack as cybercriminals look to exploit the combination of the holiday season shopping rush and the move to shopping online.
DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in attacks designed to exploit the CVE-2020-14882 remote code execution vulnerability fixed by Oracle two months ago.
The CTIX Lite platform makes threat intelligence accessible for midmarket companies with smaller security teams and puts them on an equal footing with their larger peers.
The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that major hacking groups are targeting U.S. think tanks.
W Investments Group, based in Montreal, led this Series E growth round of $35 million, with guidance from Yaletown Partners, leaders of the initial Series E round in June 2020.
To prevent the ransomware from spreading to devices loaned to students and faculties, the district asked that all district-issued devices be shut down and remain off until told otherwise.
Attackers impersonating Quickbooks on the Microsoft 365 platform create a sense of urgency to compel their victims to “promptly” pay fake invoices allegedly from a legitimate vendor.
In a statement issued on November 27, the Royal Dutch Cycling Union (KNWU) indicated that malicious hackers now possess the entire contents of a legacy database containing members’ contact details.
The decision comes after a new GCHQ report raised new security concerns over Huawei 5G equipment, stating that the US ban on Chinese 5G tech will force Huawei to use untrusted technology.
The name of the two packages was jdb.js and db-json.js., and both were created by the same author and described themselves as tools to help developers work with JSON files.
As per a new Comcast report, 95 percent of survey respondents underestimated the volume of attacks they face each month. The average volume indicated by respondents was 12 attacks per month.
A week after cybersecurity researchers disclosed a flaw in the popular GO SMS Pro messaging app, it appears the developers of the app are silently taking steps to fix the issue from behind the scenes.
Skepticism flowed on Twitter after a researcher posted about claims from ransomware gang REvil that EvilCorp and Maze are actually one group operated by eight people with ties to Russian government.
A team setup by TIM’s Cybersecurity to detect vulnerabilities that attackers could exploit to carry out attacks on its infrastructure found six zero-day flaws in Schneider Electric StruxureWare.
Researchers found that majority of popular site operators haven’t set up a backup DNS server, while the rate of DNS spoofing, though still very small, has more than doubled in less than seven years.
The US Federal Bureau of Investigation says that cyber-criminals are increasingly relying on email forwarding rules in order to disguise their presence inside hacked email accounts.
The new funding round was led by Ace Management and saw participation from Arches Capital, Capricorn Digital Growth Fund and Quest for Growth, Invest-NL, and existing investors.
The botnet carries two payloads: 1) a Monero XMR Miner binaries; and 2) Tsunami binaries. This botnet is targeting cloud servers and was still active as of December 1, 2020.
The flaw (tracked as CVE-2020-3843) was addressed by Apple in a series of security updates pushed as part of iOS 13.5 and macOS Catalina 10.15.5 in May earlier this year.
Under the deal, Ivanti has purchased outstanding MobileIron stock for roughly $872 million. Pulse Secure was acquired from affiliates of Siris Capital Group but the financial terms were not disclosed.
The findings from the University of Toronto’s Citizen Lab scrutinize the work of the company Circles, which is a sister firm of the Israeli software surveillance broker NSO Group.
The Dark Caracal APT group is believed to be linked to a Lebanese intelligence agency. It was discovered leveraging a new strain of the 13-year-old Bandook trojan in its latest attacks.
After deobfuscating the code, researchers found that the PHP-based malware uses the symlink method to quickly cross-contaminate websites that are hosted under the same user as the compromised website.
In 2016, while still a minor, the hacker used a phishing technique to steal credentials of a Nintendo employee, thereby gaining access to confidential Nintendo files related to its consoles and games.
According to a CDNetworks report, brute force is the most common type of web application violation, followed by SQL injection, custom rules, dynamic IP blacklist, and IP blacklist.
The main payload is a variant of the XMRig Monero miner that is protected with a shared object developed to hide the presence of the miner's process from various tools for process enumeration.
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
Red Hat Security Advisory 2020-5325-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.
Ubuntu Security Notice 4659-1 - It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Daniele Antonioli, Nils Ole Tippenhauer, and show more ...
Ksix Zigbee devices playback protection bypass proof of concept exploit.
Ubuntu Security Notice 4658-1 - It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Daniele Antonioli, Nils Ole Tippenhauer, and show more ...
Simple College Website version 1.0 suffers from a local file inclusion vulnerability.
Red Hat Security Advisory 2020-5317-01 - PostgreSQL is an advanced object-relational database management system.
Car Rental Management System version 1.0 suffers from local file inclusion and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2020-5316-01 - PostgreSQL is an advanced object-relational database management system.
WordPress WP-FileManager plugin version 6.8 remote code execution exploit.
ChurchCRM version 4.2.1 suffers from a persistent cross site scripting vulnerability.
ChurchCRM version 4.2.0 suffers from a CSV formula injection vulnerability.
Online Voting System Project in PHP suffers from a persistent cross site scripting vulnerability.
NewsLister suffers from a persistent cross site scripting vulnerability.
EgavilanMedia User Registration and Login System with Admin Panel version 1.0 suffers from a persistent cross site scripting vulnerability.
DotCMS version 20.11 suffers from a persistent cross site scripting vulnerability.
Local Service Search Engine Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Online News Portal System version 1.0 suffers from a persistent cross site scripting vulnerability.
Bakeshop Online Ordering System version 1.0 suffers from a persistent cross site scripting vulnerability.
PRTG Network Monitor version 20.4.63.1412 suffers from a persistent cross site scripting vulnerability.
WonderCMS version 3.1.3 suffers from an authenticated remote code execution vulnerability.
WonderCMS version 3.1.3 suffers from an authenticated server-side request forgery vulnerability that allows for remote code execution.
Pharmacy Store Management System version 1.0 suffers from a remote SQL injection vulnerability.
ILIAS Learning Management System version 4.3 suffers from a server-side request forgery vulnerability.
Student Result Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
CISOs with small security teams hold an intensive juggling act. They're responsible for sustaining the company's security resilience, ensuring compliance is adhered to and implementing privacy controls. In between these tasks, they need to follow up on board updates, lead cross-team communications and collaboration, and fight fires that may or may not be related to cybersecurity. All the while,
Google Project Zero whitehat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "view all the photos, read all the email, copy all the private messages and monitor everything which happens on [the device]
Multiple botnets are targeting thousands of publicly exposed and still unpatched Oracle WebLogic servers to deploy crypto miners and steal sensitive information from infected systems. The attacks are taking aim at a recently patched WebLogic Server vulnerability, which was released by Oracle as part of its October 2020 Critical Patch Update and subsequently again in November (CVE-2020-14750) in
Cybersecurity researchers today took the wraps off a previously undocumented backdoor and document stealer that has been deployed against specific targets from 2015 to early 2020. Codenamed "Crutch" by ESET researchers, the malware has been attributed to Turla (aka Venomous Bear or Snake), a Russia-based advanced hacker group known for its extensive attacks against governments, embassies, and
Security researchers have warned of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users. If you're a Mac user, I really hope you're running anti-virus software.
