This past Christmas, researcher Niels Teusink of the Dutch company EYE reported a vulnerability in Zyxel equipment: an undocumented admin-level account called “zyfwp” with a hard-coded password in a number of hardware firewalls and wireless controllers. The firmware code contains the password, which is show more ...
Like countless others, I frittered away the better part of Jan. 6 doomscrolling and watching television coverage of the horrifying events unfolding in our nation’s capital, where a mob of President Trump supporters and QAnon conspiracy theorists was incited to lay siege to the U.S. Capitol. For those trying to show more ...
Newly promoted Brig. Gen. Robert Powell will serve as a deputy commanding general of cyber for the 335th Signal Command, specializing in overseeing the unit’s cyber activities.
This sample is using the known technique of blurring images in documents to encourage users to enable macros. While quite simple this is fairly common and effective against users.
Hack the Army 3.0, whose goal is to help the U.S. Army secure its digital assets and protect its systems against cyberattacks, takes place between January 6 and February 17.
The DOJ learned of the hack on December 24th, at which point it closed the vulnerability. It said it doesn’t have any evidence that suggests the hackers accessed any classified information.
Scammers have been impersonating Singapore government officials since December in what police on Tuesday (Jan 5) described as a new variant of bank-related phishing scams.
Russian hackers may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic, to gain access to federal government and private sector systems in the United States.
The latest funding comes in the form of $65m in debt financing from US investment firm Keybanc Capital Markets, the Irish Times reports. Sysnet also announced the acquisition of NuArx.
President-elect Joe Biden plans to pluck a career intelligence official from the National Security Agency to serve in a newly created cybersecurity role on his National Security Council.
After hacking masked credit and debit card data of crores of Juspay users, the same hacker possibly known as 'ShinyHunters' is now selling databases belonging to three more Indian companies.
According to court documents, the six conspirators placed credit card skimming devices on gas pumps located in Northampton County within the Eastern District of Virginia.
The UK’s vital ‘goal-line’ protection against such threats has also been well covered, especially since the creation of the UK’s innovative National Cyber Security Centre (NCSC).
The DDoSecrets group is also offering to privately share an additional 1.9 terabytes of data from more than a dozen other firms with selected journalists or academic researchers.
For months hackers have been poking around computer networks at U.S. government departments, Fortune 500 companies, and possibly higher education institutions and research organizations -- undetected.
New research from security firm Veritas found that 86% of public sector respondents targeted with ransomware refused to pay, compared to an average of 43% across all verticals.
A recent psychological study found that people are more likely to reveal personal and confidential information in less-formal settings, such as casual conversation or on social networks.
In the shadow of the recent Conti ransomware attack on Advantech, the question of just how long the golden goose of ransomware can continue to pay dividends is on everyone’s minds.
The Dridex banking trojan first appeared in 2014 and is still one of the most prevalent malware families. In March 2020, Dridex topped the list of the most wanted malware.
Program slicing is a way of abstracting code into smaller groups of statements called slices. Slices are formed by following how a particular variable’s value affects or is affected by other variables
The recent campaign has targeted German, Italian and Japanese speakers. TA551 has historically pushed different families of information-stealing malware like Ursnif and Valak.
The use of scalping bots was once the domain of tickets for sporting events or concerts. But recently, it has become increasingly prevalent in e-commerce and online retail.
Multiple malware authors are using the "Ezuri" crypter and memory loader to make their code undetectable to antivirus products. Source code for Ezuri, written in Golang, is available on GitHub.
The risk of these supply chain hacks is much higher than previously acknowledged, due to the high level of connectivity across different critical infrastructure sectors in the economy.
The Git server, a Bitbucket instance, was taken offline yesterday after the data started circulating on Monday in the form of torrent links shared on Telegram channels and hacking forums.
Lacework, which provides automated containerized workload defense, intrusion detection, and compliance solutions, announced its $525 million Series D funding round valuing it at over $1 billion.
This vulnerability in the user interface of FortiWeb allowed an unauthenticated, remote attacker to execute arbitrary SQL queries or commands before it was resolved, an advisory from Fortinet admits.
Dragos has hired Steve Applegate, former VP and Deputy CISO at PepsiCo, as Chief Information Security Officer (CISO). The cybersecurity veteran took to LinkedIn to share the news this week.
Seven years ago, Mozilla opened a bug post to discuss whether the backspace key should be disabled but decided at the time not to make any changes. Now, it is finally disabled to prevent data loss.
In the early hours of October 1, 2019, Alabama’s DCH Health System fell victim to an extended ransomware attack which forced it to close all three of its state hospitals.
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
Dovecot versions 2.2.26 through 2.3.11.3 suffer from a bypass issue. When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using a specially crafted command. The attacker must have valid credentials to access the mail server.
Dovecot versions 2.3.11 through 2.3.11.3 suffer from a denial of service condition related to MIME parsing.
Ubuntu Security Notice 4684-1 - Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20. show more ...
Ubuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 4686-1 - It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2020-5388-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.2.11 serves as a replacement for Red Hat support show more ...
Ubuntu Security Notice 4683-1 - Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
Sonatype Nexus version 3.21.1 suffers from an authenticated remote code execution vulnerability.
H2 Database version 1.4.199 JNI code execution exploit. This exploit utilizes the Java Native Interface to load a a Java class without needing to use the Java Compiler.
Gitea version 1.7.5 suffers from a remote code execution vulnerability.
The NVIDIA graphics driver suffers from information disclosure and code execution vulnerabilities. Affected builds include 460.79, 460.89, 457.71, 457.30, 457.09, and 456.71.
PaperStream IP (TWAIN) version 1.42.0.5685 suffers from a local privilege escalation vulnerability.
Rocket.Chat versions 3.7.1 and below suffers from an email address enumeration vulnerability.
The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected
End-user passwords are one of the weakest components of your overall security protocols. Most users tend to reuse passwords across work and personal accounts. They may also choose relatively weak passwords that satisfy company password policies but can be easily guessed or brute-forced. Your users may also inadvertently use breached passwords for their corporate account password. The National
The cybercrime gang behind the PYSA ransomware has released files which they claim to have stolen from the London borough council of Hackney during an attack last year.
