This week on the Kaspersky Transatlantic Cable podcast, Dave and I focus on crime — meaning everything from dumb criminals to statistics and ransomware. The first story we look at travels from Italy to the Dominican Republic and back again. In this case, we have a mafia member who was on the run from Italian law show more ...
The Clop ransomware gang has purportedly uploaded a selection of documents, including scans of Shell employees’ US visas as well as a passport page and files from its American and Hungarian offices.
This flaw is a medium severity reflected XSS vulnerability affecting Ivory search plugin version 4.6.0 and below. Researchers recommend updating the plugin to its latest patched version 4.6.1.
Breaking a regular website usually costs below $10,000, while custom databases are priced between $100 and $20,000, or between $5 and $50 per 1,000 entries, a Positive Technologies report said.
New research by security firm Acronis has found that running multiple protection and cybersecurity solutions simultaneously did not prevent data loss in many organizations last year.
Researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan.
A report by the RUSI and BAE Systems warns that the 'perfect storm' of conditions have come together and allowed ransomware attacks to run rampant against organizations around the world.
Living Security announced it has closed a $14 Million Series B round to continue its expansion beyond cybersecurity awareness training and further develop its human risk management platform.
According to a survey by Kaspersky, About 46% of UK ransomware victims paid the ransom last year, yet even for an unfortunate 11% of those that paid, it did not guarantee the return of stolen data.
VMware has published security updates to address a high severity vulnerability in vRealize Operations that could allow attackers to steal admin credentials after exploiting vulnerable servers.
President Joe Biden on Monday sent a letter to the House of Representatives and the Senate to extend an executive order regarding sanctions issued in response to cyberattacks.
Confidential corporate information is no less sensitive than the personal data of an individual, and there are massive financial and reputational risks from potential blackmail or disclosure of data.
Cybercriminals hacked into Maharashtra Industrial Development Corporation (MIDC) server and demanded Rs 500 crore on Tuesday afternoon. Work at all 16 regional offices was stopped.
Critical infrastructure protection firm OPSWAT has secured $125 million growth funding from Brighton Park Capital, to accelerate its global growth, invest in R&D, and pursue strategic acquisitions.
A whistleblower involved in the response to a data breach suffered by networking equipment provider Ubiquiti Networks has claimed the incident was downplayed and could be described as "catastrophic."
A new report by WEF reveals that boards of directors need to play a more active role in protecting their organization from cyber risks – and provides a solution to this fragmentation.
According to Xinhua, the suspects tricked the State Taxation Administration platform’s identity verification system by manipulating photos with a widely available app that turns photos into videos.
The recently patched vulnerabilities in Microsoft Exchange have sparked new interest among cybercriminals, who increased the volume of attacks focusing on this particular vector.
According to a new Security Signals report released Tuesday by Microsoft, a whopping 80 percent of businesses reported “at least one firmware attack” in the past two years.
Abnormal Security researchers who spotted these attacks in the wild earlier this month said that they bypassed Office 365 security and landed in the mailboxes of between 5,000 and 50,000 targets.
Some 68% of businesses across six Asian markets say they have been breached, up from 32% in 2019, with an average 60.83% admitting to taking more than a week to remediate cybersecurity attacks.
61% of firms have experienced cybersecurity incidents in their smart factories and are struggling to deploy the technology needed to effectively manage cyber risk, as per a Vanson Bourne survey.
A hacking group associated with the Iranian government targeted senior medical researchers in the U.S. and Israel over the past few months, new research released Wednesday found.
To compromise the PHP codebase, two malicious commits were pushed to a Git repository maintained by the PHP development team.
Avast researchers have found a total of 204 fleeceware apps on both Apple and Google stores which have earned an estimated over $400 million to date for their developers.
New York's Department of Financial Services (DFS) warns of an ongoing series of attacks resulting in the theft of personal information belonging to hundreds of thousands of New Yorkers.
Two high-ranked players of the Apex Legends game have been banned from the platform for cheating by launching distributed denial-of-service (DDoS) attacks on an Xbox server.
The unsecured database contained over 2,000 CSV and TXT files, each with thousands of entries on medical records, children’s legal guardians, caseworkers, doctors, and other child welfare specialists.
In a recent update, the infamous Cl0p ransomware group claimed to gain access to financial documents and passport information belonging to students and staff from six top universities in the US.
Talos detected a new cryptor used in several different malware campaigns hidden in files that users would usually download to install cheat codes into video games or other visual and game mods.
These files are named jquery-migrate.js and jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are in fact malicious.
Last year, 15 ransomware families used the double-extortion approach, in comparison to only one in 2019. In addition, around 40% of newly discovered ransomware families utilized the tactic in 2020.
The China-linked Calypso APT group was observed to be targeting vulnerable Microsoft Exchange servers to deploy web shells and eventually load the PlugX malware.
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and show more ...
Backdoor.Win32.Burbul.b malware suffers from bypass and man-in-the-middle vulnerabilities.
IRC-Worm.Win32.Silentium.a malware suffers from an insecure permissions vulnerability.
Red Hat Security Advisory 2021-1050-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.
Red Hat Security Advisory 2021-1051-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host show more ...
Gentoo Linux Security Advisory 202103-4 - A vulnerability in SQLite could lead to remote code execution. Versions less than 3.34.1 are affected.
Gentoo Linux Security Advisory 202103-3 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.1.1k are affected.
DD-WRT 45723 UPNP buffer overflow proof of concept exploit.
Gentoo Linux Security Advisory 202103-2 - A vulnerability in Redis could lead to remote code execution. Versions less than 6.0.12 are affected.
Gentoo Linux Security Advisory 202103-1 - Multiple vulnerabilities have been found in Salt, the worst of which could allow remote attacker to execute arbitrary commands. Versions less than 3000.8 are affected.
CourseMS version 2.1 suffers from a persistent cross site scripting vulnerability.
Ubuntu Security Notice 4898-1 - Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A remote show more ...
Red Hat Security Advisory 2021-0943-01 - This release of Red Hat build of Eclipse Vert.x 4.0.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include an information leakage vulnerability.
Ubuntu Security Notice 4897-1 - Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service.
Ubuntu Security Notice 4896-1 - It was discovered that lxml incorrectly handled certain HTML attributes. A remote attacker could possibly use this issue to perform cross-site scripting attacks.
Zabbix version 3.4.7 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2021-0956-01 - ed Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.23. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2021-1044-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management, and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This show more ...
Red Hat Security Advisory 2021-1039-01 - MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. Issues addressed include a code execution vulnerability.
Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan. Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attacks undertaken by APT10 (aka Stone Panda or Cicada) using previously undocumented malware to deliver
You're fully aware of the need to stop threats at the front door and then hunt any that got through that first gate, so your company installed an EPP/ EDR solution. But like most companies, you've already come across its shortcoming – and these are amplified since you have a small security team. More than likely, you noticed that it has its share of detection blind spots and limitations for
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the Web. And now, with its FREE show more ...
“I solemnly swear to back up my important documents and precious memories on March 31st.” Are you taking the pledge this World Backup Day? Now in its tenth year, World Backup Day remains one of our favorite reminders of the risks of not backing up the data we hold dear. According to the World Backup Day site, show more ...
