For the 182nd edition of the Kaspersky Transatlantic Cable podcast, Dave and I tackle the biggest story of 2021 so far: the ramifications of the insurrection at the US Capitol, which include Twitter bans and plenty more. To kick off the podcast, we talk about an op-ed on ZDNet about the cybersecurity fallout of last show more ...
Dubbed Rogue, the Trojan is the work of Triangulum and HeXaGoN Dev, known Android malware authors that have been selling their malicious products on underground markets for several years.
According to the Government organization, one of its data systems has been breached by an unidentified hacker, commercially and personally-sensitive information might have been accessed by the attackers.
An Iranian espionage group known as Charming Kitten has used the recent winter holiday break to attack targets from all over the world using a very sophisticated spear-phishing campaign that involved not only email attacks but also SMS messages.
The vulnerability is part of a number of patches issued by Cisco addressing 67 high-severity CVEs. This included flaws found in Cisco’s AnyConnect Secure Mobility Client, as well as Cisco RV110W, RV130, RV130W, and RV215W small business routers.
Gaming company Capcom has discovered that the number of customers whose data may have been compromised following a recent cyber-attack is much higher than previously thought.
Two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable websites and/or take control of a website.
A newly uncovered Russian-based cybercrime operation has helped classified ads scammers steal more than $6.5 million from buyers across the US, Europe, and former Soviet states.
Brad Smith, president of Microsoft, warned of the increasing cyber-threats to society as technology plays a more powerful role in our lives during his keynote address at the Consumer Electronics Show (CES) 2021.
Someone has set up a website named SolarLeaks where they are offering to sell gigabytes of files allegedly obtained as a result of the recently disclosed SolarWinds breach.
Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries.
When exploited, this vulnerability can be triggered by a single-line command to instantly corrupt an NTFS-formatted hard drive, with Windows prompting the user to restart their computer to repair the corrupted disk records.
The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.
Treasury’s Office of Foreign Assets Control identified the firm, Barkat Ventures, as an arm of an organization that the supreme leader of Iran controls called EIKO, short for Execution of Imam Khomeini’s Order.
Internet of Things devices are highly susceptible to attacks, breaches, and flaws emanating from issues within the TCP/IP network communications architecture. Here's an overview of what you need to know to mitigate risks.
On the heels of a previously-reported cyberattack on the European Medicines Agency (EMA), cybercriminals have spilled compromised data related to COVID-19 vaccinations onto the internet.
Ubuntu Security Notice 4692-1 - Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS show more ...
Red Hat Security Advisory 2021-0114-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.111 and .NET Core Runtime 3.1.11.
Red Hat Security Advisory 2021-0110-01 - This release of Red Hat Integration - Camel K - Tech-Preview 2 serves as a replacement for tech-preview 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include an XML injection vulnerability.
Ubuntu Security Notice 4691-1 - Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2021-0030-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Red Hat Security Advisory 2021-0106-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that show more ...
Red Hat Security Advisory 2021-0105-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This show more ...
Online Movie Streaming version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Online Hotel Reservation version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2021-0145-01 - Red Hat OpenShift Serverless Client kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Red Hat OpenShift Serverless Client kn 1.12.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.12.0, and includes show more ...
Backdoor.Win32.Ketch.a suffers from a remote stack buffer overflow vulnerability.
Cisco RV110W version 1.2.1.7 vpn_account denial of service proof of concept exploit.
Red Hat Security Advisory 2021-0136-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a denial of service vulnerability.
Laravel version 8.4.2 suffers from a debug mode remote code execution vulnerability.
Backdoor.Win32.Ketch.i malware suffers from a remote stack buffer overflow vulnerability.
Online Shopping Cart version 1.0 suffers from a remote SQL injection vulnerability.
Nagios XI version 5.7.x authenticated remote code execution exploit.
Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubbed "Operation Spalax" — began in 2020, with the modus operandi sharing some similarities to an APT
Graham Cluley Security News is sponsored this week by the folks at Orca Security. Thanks to the great team there for their support! You’re probably familiar with the shared responsibility model. The basic idea is that public cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud show more ...
Penile penal problems, identifying rioters in Washington DC, and can a sticker protect you from radiation? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner. And don't miss our featured interview with CrowdSec's Philippe Humeau.
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. Read more in my article on the Tripwire State of Security blog.
