We kick off this week’s Kaspersky Transatlantic Cable podcast with a bit of a PSA from Facebook. With the social giant rolling out tools to help people get a COVID-19 vaccine, Dave and I have some misgivings, although we do both think you should get a vaccine. After that, we chat with Vladimir Kuskov, head of show more ...
71% of workers – including 68% in the US – admitted to sharing sensitive and business-critical company data using instant messaging (IM) and business collaboration tools, a Veritas report revealed.
There are questions about the way Clubhouse app handles users’ contacts. There are also questions over just how private users’ actions and audio content are on the app, too.
A researcher was able to add a fake package to the official list of Microsoft Azure SDK latest releases. Using this, attackers can position their malicious package as part of the Azure SDK suite.
The new funding, Vulcan Cyber says, will help it expand its platform with new vulnerability remediation solutions for both cloud and applications, as well as meet demand for its SaaS solution.
Although the attached PNG files hosted on Twitter represent valid images when previewed, merely downloading and changing their file extension was enough to obtain different content from the same file.
In theory, Android app permissions are a great way to ensure our safety and protect our privacy. In practice, however, these permissions aren’t always shown prominently or described in much detail.
A new report from cybersecurity company Trend Micro found that the pandemic was the main theme of nearly 16.5 million threats and attacks launched against its customers in 2020.
The FBI has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year.
Socure announced Tuesday that it has raised $100 million in a Series D funding round at a $1.3 billion valuation. The round was led by Accel, with participation from existing backers.
The National Atomic Energy Agency and Health Ministry websites briefly carried claims of a supposed nuclear waste leak coming from neighboring Lithuania and threatening Poland.
Unit 42 researchers observed attempts to exploit CVE-2020-9020, which is a Remote Command Execution (RCE) vulnerability in Iteris’ Vantage Velocity field unit version 2.3.1, 2.4.2, and 3.0.
The .com and .net sites have seen 2,746 downloads of the malicious Windows executable, and a second-stage malware was then pushed down 129 times. The .org site snared 529 downloads in just two days.
A popular line of small business routers made by Cisco Systems is vulnerable to a high-severity vulnerability which could allow a remote, authenticated attacker to execute code or restart devices.
29% of malware captured was previously unknown – due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection, according to an HP report.
Chinese nation-state hackers have been linked to an attack on the Parliament of Finland that took place last year and led to the compromise of some parliament email accounts.
Ransomware shows no sign of slowing down as the average ransom paid to cybercriminals by organizations that fall victim to these attacks has nearly tripled over the last year.
Remote Desktop Protocol (RDP) became a hot target for cybercrime as businesses shifted to remote work due to the COVID-19 pandemic. A year later, the trend shows no sign of slowing.
According to researchers at Cofense, a campaign began circulating in March that capitalized on Americans’ interest in the forthcoming $1,400 relief payments and other aid.
MITRE Engenuity will assess commercial cybersecurity products’ ability to detect the threat posed by the groups commonly known as Sandworm and Wizard Spider, who use data encryption in their attacks.
The latest cash injection attracted many returning investors, including Alphabet’s GV and Intel Capital, alongside new backers such as Silver Lake Waterman and T. Rowe Price Associates.
Security researchers found proof of malicious activity by MuddyWater APT that has aimed at UAE and Kuwait government agencies by utilizing the ScreenConnect remote management tool.
A wealthy British art collector was hit by a BEC attack costing him ~$8.35m. It had been sent to the family office that managed his finances by criminals impersonating a genuine art dealer.
Among other threats, email scamming proved to the most successful infection vector in the coronavirus era, Kaspersky finds. It also changed the way people understood cybersecurity.
The Mekotio trojan has been found using two separate emails as an initial infection vector which then abuses AutoHotKey (AHK) and the AHK compiler to steal users’ information.
Chile's Comisión para el Mercado Financiero (CMF) has disclosed that their Microsoft Exchange server was compromised through the recently disclosed ProxyLogon vulnerabilities.
The number of attempted attacks observed against vulnerable Microsoft Exchange Servers is doubling every few hours. Security teams and malicious actors are continuously outwitting each other.
The FBI received 791,790 cybercrime complaints in 2020—300,000 more than 2019— resulting in a loss of over $4.2 billion.
Security vulnerabilities in Tutor LMS, a WordPress plugin installed on more than 20,000 sites, open the door to information theft and privilege escalation, according to researchers.
Trustwave researchers have spotted a new malspam campaign that is exploiting icon files to deceive victims into executing the NanoCore RAT.
Text-messaging management services are now being misused for as little as $16 to covertly redirect text messages from users to hackers, giving cybercriminals access to two-factor codes/login SMSes.
The extent and severity of ransomware attacks witnessed an all-time high in 2020 and there’s no reason to believe that it is going to be any different this year.
TrickBot uses person-in-the-browser attacks to steal information, such as login credentials. Some of TrickBot’s modules spread the malware laterally across a network by abusing the SMB protocol.
Press secretary Jen Psaki confirmed in a statement that the National Security Council (NSC) has established a “unified coordination group” to respond to Microsoft Exchange Server vulnerabilities.
Red Hat Security Advisory 2021-0933-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle.
Red Hat Security Advisory 2021-0931-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add show more ...
Red Hat Security Advisory 2021-0934-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.
Ubuntu Security Notice 4881-1 - It was discovered that containerd incorrectly handled certain environment variables. Contrary to expectations, a container could receive environment variables defined for a different container, possibly containing sensitive information.
Adobe Reader suffers from a CoolType arbitrary stack manipulation vulnerability.
Hestia Control Panel version 1.3.2 suffers from an arbitrary file write vulnerability.
SEO Panel version 4.8.0 suffers from a remote blind SQL injection vulnerability.
VFS for Git version 1.0.21014.1 suffers from an unquoted service path vulnerability.
Red Hat Security Advisory 2021-0937-01 - An update for rubygem-em-http-request is now available for Red Hat OpenStack Platform 13 (Queens). Issues addressed include a man-in-the-middle vulnerability.
rConfig version 3.9.6 suffers from a remote shell upload vulnerability.
Red Hat Security Advisory 2021-0916-01 - A highly-available key value store for shared configuration. Issues addressed include denial of service and resource exhaustion vulnerabilities.
VestaCP version 0.9.8 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting was discovered in this version in February of 2016 by Necmettin COSKUN.
Sony Playstation 4 (PS4) versions prior to 7.55 webkit jailbreak exploit.
Red Hat Security Advisory 2021-0915-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle.
Red Hat Security Advisory 2021-0922-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a buffer overflow vulnerability.
Microsoft Exchange 2019 proxylogon server-side request forgery to arbitrary file write exploit.
FastStone Image Viewer version 7.5 stack-based buffer overflow exploit with ASLR and DEP bypass.
Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a website in certain scenarios. The flaws were uncovered in Elementor, a website builder plugin used on more than seven million sites, and WP Super Cache, a tool used to serve cached pages of a WordPress site. According to Wordfence
When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or script that is configured to log into the system using an old password. Perhaps the most easily
Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes. "After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No wonder they wanted to hide it," the company
Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career.Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferation of malware becomes increasingly destructive. Once upon a time, a computer virus might cause
A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution (RCE) without the need for prior access to a privileged account. The flaws, which were discovered by independent security researchers Simon Scannell and Carl Smith, were reported to the MyBB Team on February 22, following which it released an
The FBI is reminding organisations of the serious threat posed by business email compromise (BEC) scams, declaring that it caused over $1.8 billion worth of losses to businesses last year. Read more in my article on the Tripwire State of Security blog.
How are cheerleaders being creeped out by deepfakes? What might Tinder tell potential dates about your murky past? And how should companies respond to the press when a security breach occurs? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Yvonne Eskenzi.
