Cyber security aggregate rss news

Cyber security aggregator - feeds history

image for Delivery payment fra ...

 Threats

By 2019, 14.1% of all retail purchases in the world occurred online, and some digital buying statistics show 1.92 billion digital buyers worldwide having received goods through various delivery services. On the average, any given buyer receives 19 deliveries per year. The 2020 figures are likely to be significantly   show more ...

higher. In this year of self-isolation, it’s no longer uncommon for consumers to receive several deliveries in a single day, or to have a hard time keeping track of which parcels are at what stage of delivery. Scammers are taking advantage of the situation to solicit random people with e-mail messages asking them to pay a small extra amount, typically just a few bucks, to complete a delivery. The message makes it impossible to identify the parcel; the scammers are clearly counting on people to be overwhelmed or absent-minded, in a rush or simply curious. The recipient is pointed toward a fake postal service website where they can make the payment. Message from a delivery service The scam begins with an e-mail notification that appears to come from a well-known delivery service. The messages are sent out in various languages, and the names of the postal services with which the messages purportedly originated vary according to region. The imitations aren’t perfect: Among their other red flags, all of the phishing samples we reviewed were sent from random addresses unrelated to any of the official postal service e-mail addresses. Phishing e-mail messages in multiple languages appearing to come from various well-known postal services According to the notification, an order could not be delivered because of an incorrect address, extra charges for unforeseen expenses, or some other vaguely plausible reason. Phishing e-mails that look like messages from a postal service asking the recipient to pay extra for parcel delivery The recipient is then asked to pay a small amount (not exceeding €3), supposedly to ensure delivery. The senders provide a link to what looks like a delivery service website but is actually a phishing page. Users who fall for the trick click the link, go directly to the payment page, enter personal information and bank card details as requested, and finally provide a verification code from a text message. On the fake website, users are asked to enter some personal information, bank card details, and finally, a code from a text message to verify the transaction How to keep your cash safe Protecting your funds from scammers is absolutely within your reach. Follow these few basic rules of digital hygiene to keep your money for yourself: Keep basic track of your deliveries. If you place so many orders that you cannot remember them all, keep a running file or jot down a list of orders you have outstanding. Avoid clicking on links in e-mails, particularly if you’re not entirely sure they’re legit, and never enter personal or payment details on a page that opens from such a link. In case of doubt, contact the delivery service over the phone to find out what is going on. You can also find a parcel’s tracking number in the order or shipment confirmation and check the delivery status on the service’s official website. Install a reliable antivirus solution with protection from phishing and online fraud. For example, Kaspersky Internet Security promptly warns users about threats.

image for Ubiquiti: Change You ...

 Data Breaches

Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have   show more ...

exposed customer account information and credentials used to remotely manage Ubiquiti gear. In an email sent to customers today, Ubiquiti Inc. [NYSE: UI] said it recently became aware of “unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” although it declined to name that provider. The statement continues: “We are not currently aware of evidence of access to any databases that host user data, but we cannot be certain that user data has not been exposed. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted). The data may also include your address and phone number if you have provided that to us.” Ubiquiti has not yet responded to requests for more information, but the notice was confirmed as official in a post on the company’s user support forum. The warning from Ubiquiti carries particular significance because the company has made it fairly difficult for customers using the latest Ubiquiti firmware to interact with their devices without first authenticating through the company’s cloud-based systems. This has become a sticking point for many Ubiquiti customers, as evidenced by numerous threads on the topic in the company’s user support forums over the past few months. “While I and others do appreciate the convenience and option of using hosted accounts, this incident clearly highlights the problem with relying on your infrastructure for authenticating access to our devices,” wrote one Ubiquiti customer today whose sentiment was immediately echoed by other users. “A lot us cannot take your process for granted and need to keep our devices offline during setup and make direct connections by IP/Hostname using our Mobile Apps.” To manage your security settings on a Ubiquiti device, visit https://account.ui.com and log in. Click on ‘Security’ from the left-hand menu. 1. Change your password 2. Set a session timeout value 3. Enable 2FA Image: twitter.com/crosstalksol/ According to Ubiquiti’s investment literature, the company has shipped more than 85 million devices that play a key role in networking infrastructure in over 200 countries and territories worldwide. This is a developing story that may be updated throughout the day.

image for Researchers Test UNâ ...

 application development

Independent security researchers testing the security of the United Nations were able to compromise public-facing servers and a cloud-based development account for the U.N. and lift data on more than 100,000 staff and employees, according to a report released Monday. The post Researchers Test UN’s Cybersecurity,   show more ...

Find Data on 100k appeared first...Read the whole entry... » Related StoriesPodcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan HuntEpisode 199 COVID’s Other Legacy: Data Theft and Enterprise InsecurityEpisode 197: The Russia Hack Is A 5 Alarm Fire | Also: Shoppers Beware!

 Companies to Watch

Hinton previously spent 13 years in various leadership positions at IBM, most recently as vice president and IBM distinguished engineer, and CISO for it’s Cloud and Cognitive Software business unit.

 Breaches and Incidents

“This cyber attack has … brought many of our activities to a halt, and this explains some delays in the management of accounts payable and invoicing,” Communauto CEO Benoît Robert said in a statement.

 Breaches and Incidents

Parler, a social network platform in the news lately, has been hit by a massive data scrape. Security researchers collected swaths of user data before the network went dark Monday morning after Amazon, Google, and Apple booted the platform.

 Feed

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the pre-built jar release.

 Feed

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

 Feed

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

 Feed

Ubuntu Security Notice 4688-1 - It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. It was discovered that Jasper incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Jasper   show more ...

incorrectly handled certain JPC encoders. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

 Feed

Anchor CMS version 0.12.7 suffers from a markdown persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version was discovered by Sinem Sahin in September of 2020.

 Feed

Red Hat Security Advisory 2021-0050-01 - This release of Red Hat Quay v3.3.3 includes: Security Update: quay: persistent XSS in repository notification display quay: email notifications authorization bypass. Issues addressed include bypass and cross site scripting vulnerabilities.

 Feed

Red Hat Security Advisory 2021-0053-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.1 ESR. Issues addressed include a use-after-free vulnerability.

 Feed

Gentoo Linux Security Advisory 202101-5 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 87.0.4280.141 are affected.

 Feed

Red Hat Security Advisory 2021-0056-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include a null pointer vulnerability.

 Feed

Code16 is a compilation of notes from research performed by Cody16. This issue discusses setting up your browser with extensions for inspection of payloads while pentesting, fuzzing, and more.

 Feed

Code16 is a compilation of notes from research performed by Cody16. This issue discusses creating web modules for Metasploit, a mass scanner for WordPress plugins, Learning Arduino, and more.

 Feed

Red Hat Security Advisory 2021-0055-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.1 ESR. Issues addressed include a use-after-free vulnerability.

 Feed

A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American companies. Andrei Tyurin was charged with computer intrusion, wire fraud, bank fraud, and illegal online

 Feed

Cybersecurity researchers, for the first time, may have found a potential connection between the backdoor used in the SolarWinds hack to a previously known malware strain. In new research published by Kaspersky researchers today, the cybersecurity firm said it discovered several features that overlap with another backdoor known as Kazuar, a .NET-based malware first documented by Palo Alto

 Data loss

In their attempt to extort as much money as quickly as possible out of companies, ransomware gang know some effective techniques to get the full attention of a firm's management team. And one of them is to specifically target the sensitive information stored on the computers used by a company's top executives,   show more ...

in the hope of finding valuable data that can best pressure bosses into approving the payment of a sizeable ransom. Read more in my article on the Tripwire State of Security blog.

 Security threats

The biographies of outgoing US President Donald Trump and his Vice President Mike Pence were mysteriously changed on the official US State Department website at some point on Monday. Visitors to www.state.gov were unable to view facts about the country's top politicians, as somebody appeared to have mysteriously wiped them - only to be replace them with a solitary line detailing the end of their term.

2021-01
Aggregator history
Monday, January 11
FRI
SAT
SUN
MON
TUE
WED
THU
JanuaryFebruaryMarch