Kaspersky’s Global Research and Analysis Team (GReAT) has examined security in secondhand devices. The devices, which DACH research heads Marco Preuss and Christian Funk scrutinized for two months in late 2020, included used laptop computers and a variety of storage media such as hard drives and memory cards. show more ...
The unprecedented volume of unemployment insurance fraud witnessed in 2020 hasn’t abated, although news coverage of the issue has largely been pushed off the front pages by other events. But the ID theft problem is coming to the fore once again: Countless Americans will soon be receiving notices from state show more ...
The work of vulnerability research has changed a lot in the last two decades. In this episode, Security Ledger Podcast host Paul Roberts chats with the independent researcher known as “Sick Codes” about the growing risk of open source supply chain hacks, his method for bug hunting and what projects are in the show more ...
Firefox 85 has cracked down on so-called ‘supercookies’ by introducing cache partitioning that blocks cross-site tracking. Supercookies are much more difficult to delete and block than usual cookies.
Application Guard for Office (aka Microsoft Defender Application Guard for Office) blocks files downloaded from untrusted sources from gaining access to trusted resources by opening them in sandboxes.
Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.'
As virtual work environments have become more complex, the challenge of protecting sensitive data from accidental or intentional exposure and maintaining compliance has become more difficult.
Pro-Ocean uses known vulnerabilities to target cloud applications. Additionally, it attempts to remove other malware and miners including Luoxk, BillGates, XMRig, and Hashfish before installation.
Losses from cryptocurrency theft, hacks, and fraud fell 57% last year to $1.9 billion, but crime in the ‘decentralized finance’ space continued to grow, a report from CipherTrace showed.
When the vulnerability was first disclosed, Google stated that they would block HTTP and HTTPS access to TCP ports 5060 and 5061 to protect against this vulnerability in the release of Chrome 87.
The investment round will be used to focus on expanding its enterprise and midmarket client base. CybSafe is a SaaS product with a per-user-based, subscription licensing model.
Distributed Denial of Service (DDoS) attacks have more than doubled in the last year, along with a significant jump in attempts by attackers to threaten such attacks unless a ransom is paid.
In a data breach notification filed with the Vermont attorney general's office, USCellular states that retail store's employees were scammed into downloading software onto a computer.
TPG will acquire the stake from Thoma Bravo, the private equity investment firm that bought a majority interest in Centrify in 2018. Terms of the agreement were not disclosed.
The Woodland Trust has confirmed that it was hit with a cyberattack last month, describing the incident as "sophisticated" and "high level" – and it has taken many services offline.
The first step in social engineering is a misdirection: to excite the mind of the user and get them thinking about something emotional to disarm whatever skepticism they may have.
Researchers have spotted that all three Emotet epochs now deliver a payload that acts essentially as a self-destruct button for the poisonous botnet, nullifying its impact as of April 25, 2021.
The domain hijacking incident appears to have followed the age-old path of an attacker pouncing on a compromised account and swiping the domain rather than a simple expiration.
Libgcrypt 1.9.0, the newest version of a cryptographic library integrated in the GNU Privacy Guard (GnuPG) free encryption software, has a “severe” security vulnerability, warned Werner Koch.
With the release of iOS 14 last fall, Apple has added a new security system to iPhones and iPads to protect users against attacks carried out via the iMessage instant messaging client.
Discovered by researchers at WebARX, the recently addressed issues are caused by the lack of authorization on most AJAX methods, and impact all Popup Builder versions up to 3.71.
Tanium announced Thursday that it sold $150 million in common stock to the Ontario Teachers’ Pension Plan, Canada’s largest pension plan and an active investor in late-stage technology companies.
Bykea had exposed all its production server information and allowed access to over 200GB of data containing more than 400 million records showing people’s full names, locations, and more.
A data privacy tool has been developed to help ensure key datasets – such as those tracking COVID-19 – can be publicly shared with an extra layer of security for sensitive personal information.
The attacks began in early 2020 and threat actors breached internet service providers in the US, the UK, Egypt, Israel, Lebanon, Jordan, the Palestinian Authority, Saudi Arabia, and the UAE.
Emotet, one of the most active and dangerous botnets, has been taken down by international authorities, in an operation coordinated by Europol and Eurojust.
Manufacturing regularly appears as one of the industries most under threat on the global stage. Recently, several firms including a well-known crane and lifting manufacturer were compromised in targeted attacks.
Cybercriminals shifted away from stealing individual consumers’ information in 2020 to focus on bigger, more profitable attacks on businesses, as per a report from the Identity Theft Resource Center.
Researchers from Synacktiv discovered multiple vulnerabilities in the source code shared by the projects that were due to a lack of user input sanitization, a technical write-up reads.
The issue affects Windows 7 through 10. Microsoft’s most recent effort to address the issue (CVE-2020-16902) was in October. A bypass, complete with PoC exploit code emerged in late December 2020.
Researchers have identified an updated malware variant used by the cybercrime gang Rocke Group that targets cloud infrastructures with crypto-jacking attacks. The malware is called Pro-Ocean, which was first discovered in 2019.
Researchers at GRIMM have discovered multiple vulnerabilities within the NITRO open-source library that the Department of Defense and federal intelligence community use to exchange, store and transmit digital images collected by satellites.
Initially starting life as a banking trojan, Trickbot evolved to become a highly popular form of malware among cybercriminals, particularly because its modular nature allowed for it to be used in many different kinds of attacks.
Gentoo Linux Security Advisory 202101-38 - A vulnerability was discovered in NSD which could allow a local attacker to cause a Denial of Service condition. Versions less than 4.3.4 are affected.
Ubuntu Security Notice 4714-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could show more ...
Metasploit Framework version 6.0.11 msfvenom APK template command injection exploit.
Packed.Win32.Katusha.o suffers from an insecure permissions vulnerability.
Backdoor.Win32.MiniBlackLash malware suffers from a denial of service vulnerability.
Online Voting System version 1.0 suffers from an authorization bypass vulnerability that allows for the password change of other users.
Red Hat Security Advisory 2021-0299-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.
BloofoxCMS version 0.5.2.1 suffers from a persistent cross site scripting vulnerability.
Gentoo Linux Security Advisory 202101-37 - A buffer overflow in VLC might allow remote attacker(s) to execute arbitrary code. Versions less than 3.0.12.1 are affected.
Gentoo Linux Security Advisory 202101-36 - A vulnerability in ImageMagick's handling of PDF was discovered possibly allowing code execution. Versions less than 6.9.11.41-r1 are affected.
Online Grading System version 1.0 suffers from a remote SQL injection vulnerability.
Backdoor.Win32.Mhtserv.b malware suffers from a missing authentication vulnerability.
Red Hat Security Advisory 2021-0298-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.
Quick.CMS versions 6.7 and below suffer from an authenticated remote code execution vulnerability.
Home Assistant Community Store (HACS) version 1.10.0 suffers from a path traversal vulnerability that allows for account takeover.
Backdoor.Win32.Zhangpo malware suffers from a denial of service vulnerability.
Backdoor.Win32.Zetronic malware suffers from a denial of service vulnerability.
MyBB Hide Thread Content plugin version 1.0 suffers from an information leakage vulnerability.
Red Hat Security Advisory 2021-0297-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability.
If an application uses iconv() with an attacker specified character set, there's an assertion in the gconv buffer management code that can be triggered, crashing the application. The crash only occurs with ISO-2022-JP-3 encoding.
A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan (RAT) to break into companies worldwide and extract valuable information. In a new report published by the ClearSky research team on Thursday, the Israeli cybersecurity firm said it identified at least 250 public-facing web servers since early 2020 that have
Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor," the improved sandbox system for iMessage data was disclosed by Samuel Groß, a security researcher with Project Zero, a team of security researchers at Google
The pressure on small to medium-sized enterprises to protect their organizations against cyberthreats is astronomical. These businesses face the same threats as the largest enterprises, experience the same (relative) damages and consequences when breaches occur as the largest enterprises but are forced to protect their organizations with a fraction of the resources as the largest enterprises.
Fraudsters found a way during the recent holiday season to take advantage of users' "Out of office" messages to sneak messages into business inboxes. Read more in my article on the Bitdefender Business Insights blog.
Anyone buying a home security camera is probably buying it with the intention of increasing their security, not decreasing it. And yet once again an internet-enabled CCTV camera has proven itself to be vulnerable to attack, allowing Peeping Toms to spy on unsuspecting users who believe they are safe in the privacy of their home. Read more in my article on the Bitdefender BOX blog.
