What associations do the words “deep web” conjure in your mind? A place for godlike hackers where mere mortals should fear to tread? A den of iniquity? If so, it may come as a surprise that you use the deep web every single day. In fact, although the term deep web is easy to confuse with the show more ...
Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. The service, marketed in the underground under the name “SMS Bandits,” has been responsible for blasting out huge volumes of show more ...
A Trend Micro study revealed systemic challenges with security integration into business processes, with only 23% of firms prioritizing the alignment of security with key business initiatives.
Today, mail administrators, organizations, and ISPs worldwide suddenly found that their outgoing mail was being rejected as it reported as being listed in the blacklist at bl.spamcop.net.
Cyber-battles have come to every home and office, industrial control systems, public transportation, personal vehicles, and every piece of a nation’s physical and digital infrastructure.
As these ads look like legitimate campaigns for the company, including showing their standard URL when you hover over them, it is common for people to be tricked into clicking on them.
The ransomware incident encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency.
The cybercrime group behind the FonixCrypter ransomware has announced today on Twitter that they've deleted the ransomware's source code and plan to shut down their operation.
Web shells can be embedded on servers and can be used by attackers to launch arbitrary code. In as little as 15 bytes, web shells can enable remote administration of an infected machine or system.
Researchers believe they identified the same zero-day vulnerability that a mysterious threat actor used to gain access to SonicWall's internal network in a security breach disclosed on January 23.
According to the analyst firm, 40% of boards of directors will feature such a committee, overseen by a qualified board member, by 2025. This is up from less than 10% today.
The malicious updates delivered through NoxPlayer's compromised update mechanism included an unknown malware with monitoring capabilities and the extensively used Gh0st remote access trojan (RAT).
While ransomware attacks continue to pummel organizations, fewer victims have been paying a ransom, and when they do, on average they're paying less than before according to an assessment by Coveware.
Serco confirmed to Sky News that it had suffered an attack. However, it claimed that only its mainland European operations were impacted, meaning NHS Test and Trace was unaffected.
Typically, manufacturers install a software package on the device itself which allows the entire security suite to stem from metrics and instrumentation techniques that run on the device.
OwnBackup announced a Series D investment of $167.5 million co-led by Insight Partners, Salesforce Ventures, and Sapphire Ventures, with participation from existing investors.
The VC150’s administrative web interface is vulnerable to a stored Cross-Site Scripting vulnerability (CVE-2020-27262). Further, the device can be shut down via keystroke injection.
British Mensa, the society for people with high IQs, failed to properly secure the passwords on its website, prompting a hack on its website that has resulted in the theft of members’ personal data.
Whereas weaponized email attachments were a common feature of previous Trickbot campaigns, this one encourages users to click on a phishing link, which redirects them to a compromised server.
It is distributed as a warez copy of the CCleaner Windows utility. When executed, the ransomware will launch a legitimate CCleaner installer and copy itself to a random file name in the %Temp%folder.
A flaw can be harmless, but zero-days represent vulnerabilities that can be turned into weapons. And governments have been buying them and storing them in vaults, like vials of the bubonic plague.
The Babuk Locker ransomware group mainly focuses on enterprise networks instead of individuals, and their ransom demands range from $60,000 to $85,000.
Boston-based security operations company Rapid7 has been making moves into the cloud recently, and this morning it announced that it has acquired Kubernetes security startup Alcide for $50 million.
Instead of demanding an immediate ransom from victims, Danabot is focused on gaining persistence and stealing data that can be monetized later.
The Cybersecurity and Infrastructure Security Agency (CISA) says many of the victims of the threat group that targeted Texas-based IT management firm SolarWinds were not directly linked to SolarWinds.
Akamai has purchased Inverse to better identify IoT and mobile devices such as internet-enabled HVAC, lighting systems, medical equipment, robotics and printers in enterprise environments.
As the FBI warns, the agency has received multiple reports of such scam attempts where the fraudsters are targeting North Florida residents attempting to steal their personal information.
The ransomware industry has certainly come a long way, from the early days of the AIDS Trojan to the modern, very business-like Ransomware-as-a-Service model preying on businesses of all sizes.
Some of the reasons why we should be serious about space cybersecurity are obvious, such as keeping ground-based systems running and addressing national defense concerns.
This archive contains all of the 231 exploits added to Packet Storm in January, 2021.
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
There is a heap buffer overflow in libgcrypt due to an incorrect assumption in the block buffer management code. Just decrypting some data can overflow a heap buffer with attacker controlled data and no verification or signature is validated before the vulnerability occurs.
Ubuntu Security Notice 4716-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.23 in Ubuntu 20.04 LTS and Ubuntu 20.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.33. In addition to show more ...
Gentoo Linux Security Advisory 202102-2 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 78.7.0 are affected.
Sudo versions prior to 1.9.5p2 suffer from buffer overflow and privilege escalation vulnerabilities.
Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information (kernel memory). Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly show more ...
Park Ticketing Management System version 1 suffers from a remote SQL injection vulnerability.
Red Hat Security Advisory 2021-0319-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 7 serves as a replacement for Red show more ...
Roundcube Webmail version 1.2 suffers from a file disclosure vulnerability.
Online Reviewer System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2021-0320-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 8 serves as a replacement for Red show more ...
Vehicle Parking Tracker System version 1.0 suffers from a persistent cross site scripting vulnerability.
Ubuntu Security Notice 4715-1 - Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their expected location.
Red Hat Security Advisory 2021-0318-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.5 on RHEL 6 serves as a replacement for Red show more ...
Whitepaper called Malware Hunting 101. Written in Vietnamese.
Online Reviewer System version 1.0 remote shell upload exploit that also leverages a remote SQL injection vulnerability that allows for authentication bypass.
User Management System version 1 suffers from a remote authenticated blind SQL injection vulnerability.
Red Hat Security Advisory 2021-0317-01 - This is a cumulative patch release zip for the JBoss EAP XP 1.0.4 runtime distribution. Issues addressed include a memory leak vulnerability.
MyBB Delete Account plugin version 1.4 suffers from a cross site scripting vulnerability.
MyBB Trending Widget plugin version 1.2 suffers from a cross site scripting vulnerability.
MyBB Thread Redirect plugin version 0.2.1 suffers from a cross site scripting vulnerability.
WordPress versions 5.0.0 and 4.9.8 and below remote code execution exploit that leverages path traversal and file inclusion vulnerabilities.
Red Hat Security Advisory 2021-0307-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
A "severe" vulnerability in GNU Privacy Guard (GnuPG)'s Libgcrypt encryption software could have allowed an attacker to write arbitrary data to the target machine, potentially leading to remote code execution. The flaw, which affects version 1.9.0 of libgcrypt, was discovered on January 28 by Tavis Ormandy of Project Zero, a security research unit within Google dedicated to finding zero-day bugs
Cybersecurity researchers today disclosed a new supply chain attack compromising the update mechanism of NoxPlayer, a free Android emulator for PCs and Macs. Dubbed "Operation NightScout" by Slovak cybersecurity firm ESET, the highly-targeted surveillance campaign involved distributing three different malware families via tailored malicious updates to selected victims based in Taiwan, Hong Kong,
We likely all agree that 2020 was a year we won't soon forget - for many reasons. One area particularly impacted last year was (and continues to be) cybersecurity. While Internet access allowed many businesses to continue functioning during the COVID-19 stay at home requirements, the unprecedented number of people accessing company assets remotely introduced many new challenges for
A financially-motivated threat actor notorious for its cryptojacking attacks has leveraged a revised version of their malware to target cloud infrastructures using vulnerabilities in web server technologies, according to new research. Deployed by the China-based cybercrime group Rocke, the Pro-Ocean cryptojacking malware now comes with improved rootkit and worm capabilities, as well as harbors
Karen Banks from Swadlincote in South Derbyshire, England, isn't very happy with whoever managed to post a message on an electronic traffic information sign in the neighbouring town of Burton.
