For episode 189 of the Kaspersky Transatlantic Cable podcast, Jeff and I talked about some stories you might have missed this week. We start with an article from Threatpost looking at recent research on the vulnerabilities of health apps to various forms of attack. From there, it’s a story about iMessage, show more ...
You’ve read our thousand and one articles on guarding your network from every threat under the sun. But sometimes, despite all precautions, an infection gets in. Now is the time for cool heads and quick, decisive actions. Your response will help determine whether the incident becomes a deadly headache for the show more ...
Joshua Corman, the Chief Strategist for Healthcare and COVID on CISA’s COVID Task Force, joins us to talk about the myriad of cyber threats facing healthcare and the vaccine distribution system and how the federal government is working to counter them. The post Episode 204: Josh Corman of CISA on securing the show more ...
Crypto-mining malware, called WatchDog, has been running under the radar for more than two years – in what researchers call one of the largest and longest-lasting Monero cryptojacking attacks to date.
The acquisition of Componolit will provide AdaCore with a further foothold to expand its growing market share in Germany where the requirement for high-assurance software is increasing rapidly.
The owners of a popular barcode scanner Android application that became a malicious nuisance on millions of devices with one update insist that a third-party buyer was to blame.
The Chatham County network was hit on Oct. 28 with ransomware that originated in a phishing email with a malicious attachment, The News & Observer of Raleigh reported Tuesday.
The Denver-based security operations vendor said the funding will support continued investment in both product and team expansion as Red Canary works to fulfill rapidly growing customer demand.
Security experts are warning of a new COVID-19 vaccine phishing scam, this time using NHS-branded emails to trick users into handing over their personal and financial details.
Yesterday, Kia Motors America was suffering a nationwide IT outage that affected their mobile UVO Link apps, phone services, payment systems, owner's portal, and internal sites used by dealerships.
One of the first malware samples tailored to run natively on Apple's M1 chips has been discovered, suggesting that threat actors have begun adapting to target the latest generation of Macs.
Singtel has confirmed that the personal details of 129,000 customers, as well as the financial information of its former employees, have been compromised in a recent security breach.
The first attack spotted by ANSSI experts dates back to the end of 2017 and the campaign continued until 2020. Threat actors mainly targeted IT service providers, particularly web hosting.
In its Quarterly Ransomware Report for Q3 2020, Coveware notes that nearly half of the ransomware attacks it had tracked during that quarter had included the threat to leak unencrypted data.
The Hey messaging service analyzed its traffic following a request from the BBC and discovered that roughly two-thirds of emails sent to its users' private email accounts contained a "spy pixel."
The MITRE ATT&CK framework is a well known and widely used knowledge base of cyber adversary tactics, techniques and procedures, and is based on observations on real-world attacks.
Delivered through phishing emails, the Masslogger trojan’s latest variant is contained within a multi-volume RAR archive using the .chm file format and .r00 extensions, said Switchzilla researchers.
The acquisition of the Hanover-based firm was announced today, though terms of the deal were not disclosed. Baird acted as exclusive financial adviser to Bridges on the transaction.
Ninja Forms contains four critical security vulnerabilities that together make it possible for a remote attacker to take over a WordPress site and create various kinds of problems.
Already overwhelmed by the pandemic, hospitals and healthcare facilities have also had to face the added chaos of locked IT systems, delayed care and substantial recovery costs.
The California Department of Motor Vehicles announced Wednesday that a third-party company it shares data with has had a security breach. It is unclear if any DMV information was compromised.
CrowdStrike, a provider of cloud-delivered endpoint and cloud workload protections, has agreed to acquire Humio, a provider of high-performance cloud log management and observability technology.
A California medical imaging group practice says vulnerabilities in its picture archiving and communications system left patient data at risk of unauthorized access for more than a year.
The White House team leading the investigation into the SolarWinds hack is worried that the breach of 100 US companies has the potential to make the initial compromise a headache in future.
In a new report, Zscaler revealed the widespread use of Discord to host multiple payloads, including the Epsilon ransomware, Redline stealer, XMRig miner, and Discord token grabbers.
Hackers attacked military-run government websites in Myanmar on Thursday (Feb 18) as a cyber war erupted after authorities shut down the Internet for a fourth straight night.
The French information security agency (ANSSI) linked Russian group Sandworm with a three-year-long stealthy operation involving a breach of several French entities by exploiting an IT monitoring tool.
Purdue University and MITRE are combining their expertise and capabilities to form a new public-private partnership focusing on key areas of national safety and security.
Microsoft has announced that the SolarWinds hackers could gain access to source code for a limited amount of components used by Azure, Intune, and Exchange. The investigation also determined that the accessed code did not contain any credentials.
Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns.
A user on a popular hacking forum is selling a database that purportedly contains more than 257,000 user records from orakulas.lt (now known as Olybet.lt), a Lithuanian online betting service.
Ubuntu Security Notice 4739-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Ubuntu Security Notice 4738-1 - Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer fields. A show more ...
Backdoor.Win32.Agent.aak malware suffers from a buffer overflow vulnerability.
Batflat CMS versions 1.3.6 and below suffer from a remote code execution vulnerability.
Ubuntu Security Notice 4737-1 - It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the Bind AppArmor profile.
Apport version 2.20 suffers from a local privilege escalation vulnerability.
Red Hat Security Advisory 2021-0423-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.17. Issues addressed include cross site scripting, denial of service, deserialization, and traversal vulnerabilities.
Backdoor.Win32.Agent.aak malware suffers from code execution and cross site request forgery vulnerabilities.
Backdoor.Win32.Agent.aak malware suffers from a hardcoded credential vulnerability.
Gitea version 1.12.5 suffers from a remote code execution vulnerability.
The U.S. Department of Justice (DoJ) on Wednesday indicted three suspected North Korean hackers for allegedly conspiring to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses. The three defendants — Jon Chang Hyok, Kim Il, and Park Jin Hyok — are said to be members of the Reconnaissance General Bureau, a military intelligence division of
One of the first malware samples tailored to run natively on Apple's M1 chips has been discovered, suggesting a new development that indicates that bad actors have begun adapting malicious software to target the company's latest generation of Macs powered by its own processors. While the transition to Apple silicon has necessitated developers to build new versions of their apps to ensure better
Facebook - angry that the Australian government wants it and other tech giants to pay for content reposted from media outlets - has blocked users in Australia from sharing or viewing news content on the platform. And in characteristic style, they've made a right pig's ear of it. The drongos.
The folks at Genetec were kind enough to invite me onto their "Engage" podcast recently, discussing some of the steps you can take to better protect yourself online.
The FBI is hoping that its hunt for Capitol rioters will go viral, a cryptocurrency con lets its perpetrator live the high life... for a while, and just what does Facebook have against cows and a team of cricketers? All this and much more is discussed in the latest edition of the award-winning "Smashing show more ...
The United States Department of Justice has charged three North Korean computer programmers with a range of cyber attacks that made headlines around the world. Read more in my article on the Tripwire State of Security blog.
