Following recent scams involving fake cryptocurrency exchanges and fake news sites, we recently uncovered a third campaign, one using fake DEX exchanges and aimed at cryptocurrency enthusiasts on the Discord messaging app. Here’s how the new scheme works. A word about cryptocurrency exchanges First, what’s show more ...
During this week’s Kaspersky Transatlantic Cable podcast, Dave and I venture everywhere from the courtroom to the streets to the home. We kick off the episode at the intersection of military and automotive industry. In this story from Vice, a contractor was looking to sell the US military access to the billions show more ...
Agent Tesla is an extremely popular "malware-as-a-service" RAT used to steal information such as credentials, keystrokes, clipboard data, and other information from its operators' targets.
While total fraud losses climbed to $56 billion, identity fraud scams accounted for $43 billion of that. Traditional identity fraud losses totaled $13 billion, Javelin Strategy & Research reveals.
Most cybercriminals are financially motivated. Today's breaches are mainly driven by attackers who encrypt systems and demand a ransom or steal sensitive information to sell on the Dark Web.
The email includes an invoice renewal stating that it has already been processed via credit card. The amount usually is in the $300 to $500 range, which is a lot more than the normal charge.
UK's National Cyber Security Centre issues advice on how to protect networks from cybercriminals after a spike in ransomware attacks causing disruption across the education sector over the past month.
The vulnerability has the potential to allow data access and denial of service attacks between different network slices on a mobile operator’s 5G network, exposing enterprise customers to attacks.
The FBI has seen a recent increase in phone calls that spoof the Bureau’s phone number as part of various scams, but most recently in trying to obtain banking data or gift card/wire transfer payments.
According to the report on phishing by cybersecurity firm Kaspersky, Brazil tops a list of five countries with the highest rate of users targeted for data theft throughout last year.
More than 20TB of sensitive customer data has been accidentally leaked online by FBS, a popular online trading broker, after it misconfigured an Elasticsearch cloud database.
STIBNITE gains initial access via credential theft websites spoofing Azeri government organizations, and spearphishing campaigns using variants of malicious Microsoft Office documents.
The UK’s National Fraud & Cyber Crime Reporting Center (Action Fraud) is warning citizens about a National Insurance scam targeting their personally identifiable information (PII).
Bitdefender researchers have identified a new version of an already-known vulnerability scanner that looks for a specific flaw in the “Ultimate GDPR & CCPA Compliance Toolkit” plugin for WordPress.
Over 75% of cybersecurity awareness professionals are spending less than half their time on security awareness, implying awareness is too often a part-time effort, according to a SANS report.
Head of the Australian Cyber Security Centre (ACSC) Abigail Bradshaw has told senators "10s of organizations" have so far reached out to her agency regarding vulnerable Microsoft Exchange servers.
The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunterTeam report.
Under the deal, IoT cybersecurity firm Cybeats has become a wholly-owned subsidiary of Relay and has placed all its technologies, trade secrets, and intellectual property into Relay’s care.
Ransomware victims paid attackers at least $144.35 million in bitcoin between 2013 and 2019, according to a recent FBI bulletin that likely fails to account for millions of dollars.
A recent phishing scheme used fake Microsoft Office 365 update messages to target financial executives and others in an effort to harvest their credentials, according to the security firm Area 1.
A third-party claims administrator of health and social services programs for the elderly paid a ransom to Netwalker attackers about a month before law enforcement disrupted the gang in January.
Facebook’s head of cyberespionage said it had found and removed fewer than 500 accounts that sent malicious links to Uyghurs as part of “an extremely targeted operation.”
Kryptos Logic found nearly 100,000 active web shells during internet scans of ProxyLogon, the most serious of four vulnerabilities in Microsoft's Exchange Server software disclosed earlier this month.
A new threat identified as XcodeSpy has emerged to target macOS users. The malware spies on Mac users of Xcode IDE by delivering the EggShell backdoor.
Weeks after the disclosure of the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed.
A high volume of attacks is actively targeting macOS and other Apple products as, according to a recent report, Mac malware detections for companies have increased up to 31%.
Cisco has addressed a critical arbitrary program execution vulnerability impacting several versions of the Cisco Jabber client software for Windows, macOS, Android, and iOS.
The company said the intrusion was detected “recently” and only a “limited number” of IT systems were disrupted. No other information has been provided regarding the impact.
PsExec is a Sysinternals utility designed to allow admins to perform tasks on remote computers, such as launching executables and displaying the output on a local computer or creating reverse shells.
Red Hat Security Advisory 2021-0992-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.
Ubuntu Security Notice 4890-1 - Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information. Piotr Krysiuk discovered that the BPF subsystem in the show more ...
Red Hat Security Advisory 2021-0996-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.
This Metasploit module exploits an unauthenticated arbitrary file upload in FortiLogger via an insecure POST request. It has been tested on versions prior to 5.2.0 in Windows 10 Enterprise.
Ubuntu Security Notice 4889-1 - Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict show more ...
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
Linksys EA7500 version 2.0.8.194281 suffers from a cross site scripting vulnerability due to an old jQuery version.
Backdoor.Win32.DarkKomet.gozu malware suffers from an insecure permissions vulnerability.
Ubuntu Security Notice 4888-1 - Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. Douglas Bagnall discovered that ldb, when used with Samba, show more ...
Red Hat Security Advisory 2021-0991-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.
Red Hat Security Advisory 2021-0994-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.
Genexis Platinum-4410 version P4410-V2-1.31A suffers from a persistent cross site scripting vulnerability.
Worm.Win32.Ngrbot.acno malware suffers from an insecure permissions vulnerability.
Red Hat Security Advisory 2021-0989-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.
Red Hat Security Advisory 2021-0993-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.
Whitepaper that discusses XXE exploitation via file uploads.
Worm.Win32.Recyl.dp malware suffers from an insecure permissions vulnerability.
Red Hat Security Advisory 2021-0995-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.9.0. Issues addressed include a spoofing vulnerability.
Red Hat Security Advisory 2021-0990-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.9.0 ESR. Issues addressed include a spoofing vulnerability.
Red Hat Security Advisory 2021-0988-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include a buffer overflow vulnerability.
Ovidentia version 6 suffers from a remote SQL injection vulnerability.
Moodle version 3.10.3 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2021-0833-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.404. Issues addressed include denial of service and integer overflow vulnerabilities.
Dolibarr ERP/CRM version 11.0.4 authenticated file upload restrictions bypass exploit that achieves remote code execution.
Red Hat Security Advisory 2021-0986-01 - The release of Red Hat AMQ Online 1.7.0 serves as a replacement for earlier AMQ Online releases, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include information leakage and traversal vulnerabilities.
Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS. Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a
Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey,
More than a week after Microsoft released a one-click mitigation tool to mitigate cyberattacks targeting on-premises Exchange servers, the company disclosed that patches have been applied to 92% of all internet-facing servers affected by the ProxyLogon vulnerabilities. The development, a 43% improvement from the previous week, caps off a whirlwind of espionage and malware campaigns that hit
When your organization invests in a new product or service, it is essential that you take advantage of all the features it has to offer. This will help you to maximize your return on investment (ROI). If you have purchased or are thinking about purchasing a self-service password reset (SSPR) tool, one of the most important things you will need to do is make sure that 100% of users are registered
PC manufacturer Acer might have received a $50 million ransom demand, a warning spreads on Facebook about a trick being used by hackers, and why are the City of London's police not happy about Sci Hub? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Alex Eckelberry.
Organisations hit by ransomware attacks are finding themselves paying out more than ever before, according to a new report. According to the research, the average payment following a ransomware attack in 2020 rocketed up 171% to $312,493 compared to $115,123 in 2019. And it’s not just the case that the criminals show more ...
British fashion retailer FatFace has been hacked. Whoops! I said it. Sorry. I'm not sure they wanted anyone to talk about it, so maybe I shouldn't have mentioned it.
