Once ubiquitous, used for playing multimedia content, producing animated banners and browser games, and more, Adobe Flash became obsolete over time and was superseded by newer technologies. Many content creators continued to use the familiar platform, though, so both Adobe and browser makers kept up their support. But show more ...
The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the show more ...
In this episode of the podcast (#199), sponsored by LastPass, we talk with Sareth Ben of Securonix about how massive layoffs that have resulted from the COVID pandemic put organizations at far greater risk of data theft. In our second segment, we’re joined by Barry McMahon, a Senior Global Product Marketing Manager show more ...
According to the terms of the agreement, archTIS will acquire a 100 percent stake in Nucleus Cyber in an all-stock deal for a total consideration of around US$7.1 million.
The most important of these use-after-free issues affect autofill, drag and drop, and media components, and are tracked as CVE-2021-21106, CVE-2021-21107, and CVE-2021-21108, respectively.
Columbia, Maryland-based cybersecurity company Owl Cyber Defense Solutions LLC announced Tuesday it has acquired Fairfax-based Trident’s Assured Collaboration Systems (ACS) product line.
Nvidia fixed a slew of high-severity flaws affecting its graphics driver, which could lead to denial of service attacks, privilege escalation, and tampering with or spying on sensitive data.
A newly identified malware attack campaign has been exfiltrating emails from targeted organizations using a JavaScript backdoor injected into a webmail system widely used in Taiwan.
This PsExec zero-day is caused by a named pipe hijacking vulnerability which allows attackers to trick PsExec into re-opening a maliciously created named pipe and giving it Local System permissions.
COVID-19 vaccines have been approved in some countries while many are conducting their trials. Cybercriminals are taking advantage of these much-awaited developments to steal credential and payment data from unsuspecting users.
The “customers,” also known as the attackers, contact Oski authors on underground forums to purchase the malware and, once purchased, they configure it and distribute it to their victims.
The Egregor ransomware first appeared on the threat landscape in September 2020, since then the gang claimed to have compromised over 150 firms, including Barnes and Noble, Kmart, Ubisoft, and more.
Nisos announced $6M in funding led by global cyber investor Paladin Capital Group. The investment enables Nisos to expand its marketing and operations, while extending its international footprint.
The operators of the Ryuk ransomware are believed to have earned more than $150 million worth of Bitcoin from ransom payments following intrusions at companies all over the world.
Application security pioneer F5 said it will acquire the privately-held, Volterra of Santa Clara, California, a maker of distributed multi-cloud application security and load-balancing software.
Cisco Talos discovered a denial-of-service bug in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic. It could be exploited by sending the target a series of malicious packets.
The vulnerability allows threat actors to recover the primary encryption key used by the hardware security key to generate cryptographic tokens for two-factor authentication (2FA) operations.
With the investigation ongoing, Judiciary said federal courts across the country will be adding new security procedures aimed at protecting highly sensitive confidential documents filed with courts.
The new Bureau of Cyberspace Security and Emerging Technologies (CSET) will help lead diplomatic efforts around these topics, including working to prevent cyber conflicts with adversarial nations.
First identified in 2014, Emotet has been regularly updated by its developers. The DHS has estimated that each incident involving Emotet costs organizations upwards of $1 million dollars to rectify.
A fleeceware app isn’t traditional Android malware in the sense that it doesn’t contain malicious code. Instead, the threat comes from excessive subscription fees that it might not clearly advertise.
The acquisition fits nicely with RedHat OpenShift, its container platform, but the company says it will continue to support StackRox usage on other platforms including AWS, Azure, and GCP.
The penetration testing toolkits have been used to host more than a quarter of all the malware C&C servers deployed in 2020, threat intelligence firm Recorded Future said in a report today.
The fake messages impersonate payment, package delivery and streaming services, government and healthcare organizations, popular IT providers, online retailers, hospitality organizations, and so on.
The Mozilla Firefox vulnerability (CVE-2020-16044) is separate from a bug reported in Google’s browser engine Chromium, which is used in the Google Chrome browser and Microsoft’s Edge browser.
Sensitive data stolen from Hackney Council in the UK has allegedly been published online, three months after the ransomware attack on the local authority that took place last year.
Researchers uncovered a new ransomware family called Babuk that has successfully encrypted systems of at least five online gambling companies in the first half of 2020.
Security researchers shed a light on an investigation report involving financially-motivated ransomware actors from China targeting multiple companies.
Cybersecurity researchers revealed a new QRat malspam campaign purporting to contain a scandalous video of the U.S. President Donald Trump.
Backdoor.Win32.NinjaSpy.c suffers from a remote stack buffer overflow vulnerability. The specimen drops a DLL named "cmd.dll" under C:WINDOWS which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP PUT requests with large payloads of characters, we can cause buffer overflow.
This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin version 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server.
Backdoor.Win32.Xtreme.yvp malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.
Cockpit version 234 suffers from an unauthenticated server-side request forgery vulnerability.
Backdoor.Win32.Agent.dcbh malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.
Online Doctor Appointment System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
dnsrecon version 0.10.0 suffers from a CSV injection vulnerability.
Ubuntu Security Notice 4687-1 - A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.
ECSIMAGING PACS version 6.21.5 suffers from a remote SQL injection vulnerability.
Curfew e-Pass Management System version 1.0 suffers from a cross site scripting vulnerability.
OX App Suite and OX Documents suffer from server-side request forgery and multiple cross site scripting vulnerabilities. Various versions are affected including 7.10.4 and 7.10.3.
Cockpit CMS versions prior to 0.6.1 suffer from a remote code execution vulnerability.
Life Insurance Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
WordPress Autoptimize plugin suffers from a remote shell upload vulnerability. The ao_ccss_import AJAX call does not ensure that the file provided is a legitimate zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to remote code execution.
This Metasploit module exploits an unauthenticated directory traversal vulnerability in Apache Flink version 1.11.0.
Employee Record System version 1.0 suffers from a remote shell upload vulnerability.
iBall-Baton WRA150N Rom-0 backup suffers from a file disclosure vulnerability.
Whitepaper called Ethical Hacking and Penetration Testing Guide. Written in Turkish.
ECSIMAGING PACS version 6.21.5 suffers from a remote code execution vulnerability.
A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government. Attributing the attack to APT37 (aka Starcruft, Ricochet Chollima, or Reaper), Malwarebytes said it identified a malicious document last December that, when opened, executes a macro in memory to install the aforementioned remote access tool (RAT). "The
Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication (2FA) device can clone it by exploiting an electromagnetic side-channel in the chip embedded in it. The vulnerability (
