At the beginning of 2021, Adobe Flash officially ceased to exist. Some fans of old browser-based games got misty, but most infosec experts breathed a sigh of relief as the world got ready to live without the distinguished but now dead technology. Is the world ready, though? It turns out that not everyone switched to show more ...
In this special episode of the Kaspersky Transatlantic Cable podcast, Jeff and I got to chat with Tara Seals and Lindsey O’Donnell from Threatpost. We talked about the recent Capitol Hill attacks and what they mean in the context of digital privacy, data security, and even free speech. More topics of discussion show more ...
Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week’s news about a hacker who tried to poison a Florida town’s water supply was understandably front-page material. But for security nerds who’ve been warning about this sort of show more ...
In a recent CSIS survey, 82% of IT decision-makers said their organizations suffered from a shortage of cybersecurity skills, and 71% said that it had resulted in direct and measurable damage.
Last month, security researchers disclosed the CVE-2021-3156 vulnerability, that allowed them to gain root privileges on multiple Linux distributions, including Debian, Ubuntu, and Fedora 33.
Unit 42 researchers today have shared info on a new polymorphic and "highly sophisticated" malware dubbed BendyBear, linked to a hacking group with known ties to the Chinese government.
Microsoft issued fixes for 56 flaws, including a critical vulnerability exploited in the wild. In all, 11 are listed as Critical, 43 are listed as Important, and two are Moderate in severity.
Avast is joining the Electronic Frontier Foundation, the National Network to End Domestic Violence, Operation Safe Escape, Weisser Ring other leading companies in the fight against digital tracking.
North Korean hacking attacks on cryptocurrency exchanges reportedly netted an estimated $316m in cryptocurrency in 2019 and 2020, according to a report by Japan’s Nikkei.
On 18 January 2021, MAS issued the revised guidelines to address technology and cyber risks in view of the growing use of cloud technology, APIs, and software development by financial institutions.
Microsoft published a white paper on a new technique called a "dependency confusion" or a "substitution attack" that can be used to poison the app-building process inside corporate environments.
The disastrous Russian hack of federal government networks last year relied on a powerful new trick: Digital spies penetrated so deeply that they were able to impersonate any user they wanted.
As the HelloKitty ransomware is not particularly active, there is not much information about it. It is named after a mutex named 'HelloKittyMutex' used when the malware executable is launched.
A newly discovered variant of the LodaRAT malware, which has historically targeted Windows devices, is being distributed in an ongoing campaign that now also hunts down Android devices and spies on victims.
Adobe has released security updates that aim to address 50 vulnerabilities affecting its Adobe Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver products.
VMware researchers reveal it thwarted almost 240 million attempted cyberattacks against the healthcare sector during 2020, in which Cerber ransomware accounted for 58% of the ransomware attacks.
The numbers are not getting better for healthcare firms trying to keep patient data out of hackers' hands. Healthcare breaches went up 36% in second half of 2020, according to analysis by CI Security.
The San Francisco-based BeyondID, a provider of identity and access management services, announced it closed a Series A funding round of $9 million. The financing was provided by Tercera.
The unsecured database belonging to American cable and internet giant Comcast included dashboard permissions, logging, client IPs, @comcast email addresses, and hashed passwords.
A Siemplify research study showed how the shift to remote work during the COVID-19 pandemic has affected SecOps analysts’ ability to perform their jobs and the impact on overall security postures.
These vulnerabilities in the Accusoft ImageGear library could be exploited by an attacker to cause various conditions, including an out-of-bounds write, to eventually execute code.
Late last year more than 100 firms were threatened with DDoS attacks unless they paid off a group that variously posed as Fancy Bear and Lazarus, the industry group FS-ISAC said.
A web hosting company named No Support Linux Hosting announced today it was shutting down after a hacker breached its internal systems and compromised its entire operation.
Remote access to industrial facilities can be architected safely. But the best architecture can also be circumvented by attackers with unapproved software such as TeamViewer.
The new malware, security researchers say, appears to have been designed to expand the capabilities of Foudre, but released as a separate component, most probably to be deployed only when needed.
Researchers from CrowdStrike connected the dots between Shifu, Wyatt, and Pixi to the DEFRAY777 ransomware attacks and found that all these activities were connected to a single group.
Malware-tainted files are disguised as cracked software or gaming software in order to target gamers – an attractive target for miscreants because they typically use high specification PCs.
A security researcher has found a more versatile and effective version of the Zeoticus ransomware with elevated capabilities such as executing payloads without connectivity or remote commands.
The list of high-severity flaws includes a privilege escalation issue in the Intel Solid State Drive (SSD) Toolbox, and a denial-of-service (DoS) flaw in the XMM 7360 Cell Modem.
Security experts stumbled across an unusual DNS query that eventually led to the discovery of a multi-step obfuscated malware using nslookup.exe to hide the actual malicious intent.
The malware attack campaign, first observed in mid-December, carries pharmaceutical-themed invoices that contain references to a series of websites hosted on the “shop” domain.
Researchers revealed that there is a perpetual threat in the utility sector about the next vulnerability to be exploited by cybercriminals. Several prominent incidents manifest the claim.
Vulnerabilities in the communications protocols used by millions of Internet of Things (IoT) and operational technology (OT) devices could allow cyber attackers to intercept and manipulate data.
This Metasploit module exploits an authenticated Java deserialization that affects a truckload of Micro Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation, Universal CMDB, Hybrid Cloud Management and Service Management Automation. However, this module was only tested show more ...
Microsoft Windows has a privilege escalation vulnerability. When a process is running in a server silo, the checks for trusted hive registry key symbolic links is disabled leading to elevation of privilege.
Adobe Magento Commerce versions prior to 2.4.2 suffer from a cross site scripting vulnerability.
b2evolution CMS version 6.11.6 suffers from a cross site scripting vulnerability.
b2evolution CMS version 6.11.6 suffers from an open redirection vulnerability.
Ubuntu Security Notice 4713-2 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.
Ubuntu Security Notice 4727-1 - Alexander Popov discovered that multiple race conditions existed in the AF_VSOCK implementation in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 4728-1 - Gilad Reti discovered that snapd did not correctly specify cgroup delegation when generating systemd service units for various container management snaps. This could allow a local attacker to escalate privileges via access to arbitrary devices of the container host from within a compromised or malicious container.
Online Car Rental version 1.0 suffers from a remote shell upload vulnerability.
Backdoor.Win32.Aphexdoor.LiteSock malware suffers from a buffer overflow vulnerability.
Node.JS node-serialize remote code execution exploit.
Microsoft on Tuesday issued fixes for 56 flaws, including a critical vulnerability that's known to be actively exploited in the wild. In all, 11 are listed as Critical, 43 are listed as Important, and two are listed as Moderate in severity — six of which are previously disclosed vulnerabilities. The updates cover .NET Framework, Azure IoT, Microsoft Dynamics, Microsoft Edge for Android,
Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. "A local attacker may be able to elevate their privileges," Apple said in a security advisory. "This issue was addressed by updating to sudo version 1.9.5p2." Sudo is a common utility built into most Unix and
In what's a novel supply chain attack, a security researcher managed to breach over 35 major companies' internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution. The technique, called dependency confusion or a substitution attack, takes advantage of the fact that a piece of software may include components from a mix
A previously known Windows remote access Trojan (RAT) with credential-stealing capabilities has now expanded its scope to set its sights on users of Android devices to further the attacker's espionage motives. "The developers of LodaRAT have added Android as a targeted platform," Cisco Talos researchers said in a Tuesday analysis. "A new iteration of LodaRAT for Windows has been identified with
