The better we understand the modus operandi and operational scale of cybercriminals, the more effectively we can combat them. In the case of ransomware, assessing the success and profitability of any particular criminal group is usually no easy task. Security vendors usually learn about such attacks by observing and show more ...
Two functions in the software could be exploited with specially crafted OBJ and AMF files to cause an out-of-bounds write condition or a buffer overflow, and then execute code on the victim machine.
Nozomi Networks Labs has discovered vulnerabilities in the Peer-to-Peer (P2P) feature of a commonly used line of security cameras – Reolink, including lack of encryption and credential leakage.
Financial services firms were hit hard over the past year, with 70% experiencing a successful attack and most of these blaming COVID-related conditions for the incident, according to Keeper Security.
Dnsmasq is a widely used open-source Domain Name System (DNS) forwarding application commonly installed on routers, operating systems, access points, and other networking equipment.
Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted.
As per a study by Emsisoft, the year 2020 witnessed over 560 US healthcare companies being hit by ransomware, causing EHR downtime, ambulance diversion, inaccessible lab tests, and more.
A suspected Chinese hacking group has been attacking the airline industry for the past few years with the goal of obtaining passenger data in order to track the movement of persons of interest.
Microsoft has warned security admins that starting with its February 9 security update, it will enable Domain Controller (DC) enforcement mode by default as a means of addressing the Zerologon flaw.
The warning was issued to all 194 member states as a Purple Notice after Interpol's Financial Crimes Unit has received reports of people around the world falling victim to this scam.
Vulnerabilities in 123contactform-for-wordpress WordPress plugin could allow attackers to arbitrarily create posts and inject malicious files to the website without any authentication.
Precision Spine Care, a Texas-based spinal care center, has warned of a potential data breach after an unauthorized individual gained access to an employee email account to fraudulently divert funds.
Over the weekend, a threat actor known as ShinyHunters shared a database for free on a hacker forum that he claims was stolen from Pixlr while he breached the 123rf stock photo site.
Threat actors reportedly targeted a Shabbat service, held in honor of Martin Luther King Jr., that was being broadcast live over the internet from Atlanta synagogue The Temple on January 15.
New research by New Zealand company Emsisoft has found that a cyber-blackmail tactic first debuted by ransomware gang MAZE has been adopted by over a dozen other criminal cyber-gangs.
The team of researchers at VpnMentor discovered 377,000 files stored in the misconfigured 32 GB AWS S3 bucket. The exposed data included private photos of users and also bot scripts.
Security experts have raised an alarm against a new threat, dubbed ElectroRat, luring Windows, Linux, and macOS users to download malicious applications to embezzle cryptocurrency.
Security researchers are reporting a threat group taking advantage of Microsoft and Google cloud services to pilfer data from a broad range of target organizations.
The new browser iteration arrives with patches for a total of 36 vulnerabilities. The flaws can be exploited if the user visits or is redirected to a specially crafted webpage.
Detections of cryptomining malware surged by 53% quarter-on-quarter in the final three months of 2020 as the value of Bitcoin soared higher than ever before, according to security firm Avira.
Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users' surroundings without permission before the person on the other end picked up the calls.
Ubuntu Security Notice 4697-2 - USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a show more ...
Ubuntu Security Notice 4689-3 - It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. It was discovered that the NVIDIA GPU show more ...
Ubuntu Security Notice 4701-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, or execute show more ...
Red Hat Security Advisory 2021-0034-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection, crlf injection, and information leakage vulnerabilities.
Backdoor.Win32.Whisper.b malware suffers from a remote stack corruption vulnerability.
Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 suffers from a persistent cross site scripting vulnerability.
Backdoor.Win32.Whirlpool.10 malware suffers from a remote stack buffer overflow vulnerability.
Backdoor.Win32.Zombam.geq malware suffers from a remote buffer overflow vulnerability.
Voting System version 1.0 suffers from a remote shell upload vulnerability.
Ubuntu Security Notice 4700-1 - Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code.
Church Rota version 2.6.4 suffers from an unauthenticated remote shell upload vulnerability.
113 bytes small Linux/x86 Socat bind shellcode.
Red Hat Security Advisory 2021-0079-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. Issues addressed include crlf injection and man-in-the-middle vulnerabilities.
Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWinds compromise, but rather due to a separate initial access vector that works by "abusing applications
In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incoming call. The vulnerability was deemed so severe that the iPhone maker removed the FaceTime group
The world of cybersecurity isn’t fair. Security teams need to secure everything, but attackers need only find one weak link. For most organizations, cloud workload security is dependent upon the installation and maintenance of security agents across all assets. Something that rarely happens, as Orca Security's new report reveals.
