Discord was originally created for gamers, but thanks to its handy system of “servers” (communities), channels, and private messages, it’s brought in all kinds of people, from study groups to common-interest clubs — including fans of cryptocurrency. On their servers, traders discuss the latest on show more ...
Facebook, Instagram, TikTok, and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. The coordinated action seized hundreds of accounts the companies say have played a major role in facilitating the trade and often lucrative resale of show more ...
The web shell provides attackers with tools to work with files and databases on the targeted server, collect sensitive information, infect files, and conduct brute force attacks.
An advisory by the NSA and the FBI shares information on how Drovorub works, how it can be detected, and how organizations can protect their systems against attacks involving the malware.
Vermont Labor Department officials remain on damage control a day after revealing a massive data breach involving tens of thousands of 1099-G unemployment tax forms sent to the wrong people.
The leaked database contains information of over 472,695 members, including their display name, email address, MD5 hashed passwords, optional Skype account names, optional birthday, and IP address.
Cloud security company Digital Defense will join HelpSystems’ growing cybersecurity portfolio to enable customers to access a more comprehensive security assessment toolkit.
Oxfam Australia told BleepingComputer they are investigating the breach and reported it to the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC).
Kaspersky has released a decryptor for the Fonix Ransomware (also known as Xinof and Fonixcrypter), which launched in June 2020, that allows victims to recover their encrypted files for free.
All the backdoored browser add-ons have been taken down by Google and Microsoft as of December 18, 2020, to prevent more users from downloading them from the official stores.
SonicWall issued a patch for two vulnerabilities in its Secure Mobile Access 100 series products featuring 10.x firmware, which malicious actors exploited in an attack against the firm last month.
Zero-day flaws are a problem because they may be exploited for long periods of time before they're detected and dealt with. There were 24 of them in 2020, four more than in 2019.
The TeamTNT gang has ramped up its attacks on the cloud over the past few months, this time launching a new malware campaign targeting Kubernetes clusters that culminated in a crytpojacking operation.
Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization's network.
Cisco has addressed multiple pre-auth RCE vulnerabilities affecting several small business VPN routers and allowing attackers to execute arbitrary code as root on successfully exploited devices.
Stormshield is a major provider of network security products to the French government, some used on sensitive networks, so it is being treated as a major security breach inside the French government.
Fraudsters had an early start anticipating the buzz surrounding tax filing season, with phishing campaigns impersonating the government agency as early as November 25, 2020, according to Bitdefender.
Major vulnerabilities have been discovered in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take complete control of a device's wireless communications.
Account takeover incidents as a share of fraudulent activity in the financial services industry rose by 19 percentage points in 2020 compared with 2019, according to new figures from Kaspersky.
Hackers involved in the recent breach of IT group SolarWinds, one of the largest cyber incidents in U.S. history, likely had access to the company’s email system for almost a year.
Alejandro Mayorkas, the new DHS secretary, says his priorities include reviewing all available intelligence on the SolarWinds supply chain hack and scrutinizing government's cybersecurity programs.
Researchers identified two security bugs. One was a rate-limiting bypass under a non-default configuration, which defeats the purpose of the plugin, and the other was an unauthenticated reflected XSS.
The DoD’s Cyber Crime Center will soon be accepting applications for a limited number of companies within the defense industrial base to benefit from security researchers already working for it.
The losses stemmed "primarily because of the Company's need to temporarily suspend its electronic data interfaces with its customers," Forward Air said in SEC documents filed today.
A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service (DDoS) attacks.
A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
The US Defense Advanced Research Projects Agency (DARPA) has reported back on its first ever security bug bounty program, saying the scheme has highlighted strengths as well as weaknesses.
As security practitioners, we need to consider a wider variety of possibilities for misuse of data and systems in our care, not just those that affect the majority of people.
The ENISA released its report on pseudonymisation for personal data protection, providing a technical analysis of cybersecurity measures in personal data protection and privacy.
An exploitable integer overflow and heap-based buffer overflow vulnerabilities exists in the PlanMaker document-parsing functionality of SoftMaker Office 2021's PlanMaker application.
According to a study by email security firm Avanan, email threats reported by users or other mechanisms take two to three hours of a SOC teams time per day, or 22.9% of a SOC team’s daily routine.
In a rapidly changing business environment, the role of the CISO has hugely expanded in its scope and responsibilities, a BT Security survey of over 7000 professionals from across the world reveals.
The security of open source software has rightfully garnered the industry’s attention, but solutions require consensus about the challenges and cooperation in the execution.
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals show more ...
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
Red Hat Security Advisory 2021-0417-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.1 serves as a replacement for Red show more ...
Red Hat Security Advisory 2021-0411-01 - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.
Ubuntu Security Notice 4721-1 - Simon McVittieg discovered that flatpak-portal service allowed sandboxed applications to execute arbitrary code on the host system. A malicious user could create a Flatpak application that set environment variables, trusted by the Flatpak "run" command, and use it to execute arbitrary code outside the sandbox.
Ubuntu Security Notice 4722-1 - It was discovered that ReadyMedia allowed subscription requests with a delivery URL on a different network segment than the fully qualified event-subscription URL. An attacker could use this to hijack smart devices and cause denial of service attacks. It was discovered that ReadyMedia show more ...
Red Hat Security Advisory 2021-0421-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, denial of service, and use-after-free vulnerabilities.
Red Hat Security Advisory 2021-0420-01 - Quay 3.4.0 release. Issues addressed include HTTP request smuggling, buffer overflow, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities.
A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service (DDoS) attacks. Called "Matryosh" by Qihoo 360's Netlab researchers, the latest threat has been found reusing the Mirai botnet framework and propagates through exposed Android Debug Bridge (ADB) interfaces to infect Android devices and ensnare
Phishing and Malware Among the major cyber threats, the malware remains a significant danger. The 2017 WannaCry outbreak that cost businesses worldwide up to $4 billion is still in recent memory, and other new strains of malware are discovered on a daily basis. Phishing has also seen a resurgence in the last few years, with many new scams being invented to take advantage of unsuspecting
Major vulnerabilities have been discovered in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take complete control of a device's wireless communications. The six flaws were reported by researchers from Israeli IoT security firm Vdoo. The Realtek RTL8195A module is a standalone, low-power-consumption Wi-Fi hardware module targeted at embedded devices used
Today's admins certainly have plenty on their plates, and boosting ecosystem security remains a top priority. On-premises, and especially remote, accounts are gateways for accessing critical information. Password management makes this possible. After all, authentication should ensure that a user is whom they claim to be. This initial layer of security is crucial for protecting one's entire
Mensa - the social club for people with high IQs - is accused of not being so smart about security, an Indian TV journalist gets an unbelievable job offer from Harvard, and we take a look at what's being going on with GameStop short selling. All this and much more is discussed in the latest edition of the show more ...
Repeat after me: you should be very careful when running tests not to accidentally "go live."
Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software. Read more in my article on the Tripwire State of Security blog.
French cybersecurity firm Stormshield has revealed that it has suffered a security breach, and hackers have accessed sensitive information.
Graham Cluley Security News is sponsored this week by the folks at Orca Security. Thanks to the great team there for their support! Public cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform keep their platforms secure, but customers are still responsible for securing the show more ...
