Every time you like something on a social network, join a community of neighborhood residents, publish your CV, or get caught on a street camera, the information accumulates in databases. You may have no idea how vulnerable leaving all those traces of information — every action on the Internet and almost every show more ...
A cyberattack on a clinic or hospital is literally a matter of life or death. In 2020, healthcare systems worldwide were already cracking under the strain of the COVID-19 pandemic, and the actions of cybercriminals only added to the load. One of the most significant threats of the past year for medical institutions show more ...
Dave and I start episode 199 of the Kaspersky Transatlantic Cable podcast with some good news in the infosec space: a researcher and his friend hunting bugs to help a family member pay for surgery. It’s not often we get a chance to talk about positive news, so this one is a bit of a breath of fresh air. From show more ...
Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes. In a 81-page report delivered to the Biden administration show more ...
The average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021, a Sophos survey reveals.
A software supply chain attack occurs when threat actors manage to compromise a vendor’s environment and poison their software, with the purpose of infiltrating the customers' systems.
The scheme first began last year in January and involves using a table to build a 2×2 grid of cells, and then filling them in with colors to make the table look just like the iconic Windows logo.
Water Pamola sent online shopping orders appended with a malicious XSS script to attack e-commerce administrators. These scripts were managed with an XSS attack framework called "XSS.ME."
The scam isn’t being spread by just one account, nor is there just one bogus support form. Multiple Twitter profiles lurk in the replies of anyone having a bad cryptocoin experience.
The author of WeSteal, a new commodity cryptocurrency stealer, makes no attempt to disguise the intent for his malware. The seller promises “the leading way to make money in 2021”.
While Click Studios has been notifying impacted customers, they also requested that they cease publishing screenshots of the company’s communications online as it can be used in related attacks.
A threat actor can abuse the Policy Store Transfer Service to acquire the encrypted Token Signing Certificate over the network, similar to the DCSync technique for Active Directory.
Wyoming's Department of Health (WDH) has announced the accidental exposure of personal health information belonging to more than a quarter of the state's population on GitHub.com
The criminals are preying on Britons’ worries about their financial information being compromised, and money stolen. However, ironically, this is exactly what the fraudsters hope to accomplish.
The files were published on a dark web portal managed by the DopplePaymer ransomware gang and also include personally identifiable information about state prisoners, their grievances, and cases.
Hackers are targeting Android phone users across the U.K via malicious text messages to steal banking information and credentials, and even lift passwords from devices.
Private messaging app Telegram is being exploited by cyberattackers who are delivering a ToxicEye RAT to take control over a hacker-operated Telegram account and leak critical data.
Tracked as CVE-2021-1448 and having a CVSS score of 7.8, the command injection bug is mitigated by the fact that authentication and local access are required for successful exploitation.
Experian fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity reported.
Scores of US hospitals and their patients are thought to have been affected after a "data security incident" at Elekta, a specialist provider of equipment for cancer treatments last week.
Openminded provides cybersecurity services including management, consultancy, and cloud & infrastructure solutions with a focus on risk analysis, remediation, and regulatory compliance.
The Ransomware Task Force, a collaboration of over 60 stakeholders, released its long-awaited ransomware framework on Thursday morning, advocating nearly 50 government and private sector strategies.
Several positive steps continue to be taken by organizations such as the European Union and the U.S. FTC to curb possible malicious uses and abuses of AI via new regulations.
Once Sodinokibi focuses on a potential victim, the attack goes into a more sophisticated operation by human actors who pave their way through the compromised networks to find data and exfiltrate it.
Threat detection and response solutions provider Vectra AI on Thursday announced that it has raised $130 million at a valuation of $1.2 billion, making the company the latest cybersecurity unicorn.
Europol claimed to wipe Emotet infection from hundreds of servers globally. The FBI, meanwhile, handed over 4.3 million email addresses to the Have I Been Pwned site to help mitigate infections.
The FBI, the DHS, and the CISA warned of coordinated attacks, in a joint alert, by the Russian Foreign Intelligence Service, aka APT29, against U.S. and foreign organizations.
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
Ubuntu Security Notice 4929-1 - Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote show more ...
Red Hat Security Advisory 2021-1468-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
NodeBB Emoji plugin version 3.2.1 suffers from an arbitrary file write vulnerability.
Ubuntu Security Notice 4928-1 - It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly show more ...
Red Hat Security Advisory 2021-1452-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The ceph-ansible package provides Ansible playbooks for show more ...
Cacti version 1.2.12 remote code execution exploit that leverages a remote SQL vulnerability.
Red Hat Security Advisory 2021-1448-01 - Red Hat Advanced Cluster Management for Kubernetes 2.0.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private show more ...
Fog Project version 1.5.9 suffers from a remote shell upload vulnerability.
A previously undocumented Linux malware with backdoor capabilities has managed to stay under the radar for about three years, allowing the threat actor behind to harvest and exfiltrate sensitive information from infected systems. Dubbed "RotaJakiro" by researchers from Qihoo 360 NETLAB, the backdoor targets Linux X64 machines, and is so named after the fact that "the family uses rotate
Hackers are scanning the internet for weaknesses all the time, and if you don't want your organization to fall victim, you need to be the first to find these weak spots. In other words, you have to adopt a proactive approach to managing your vulnerabilities, and a crucial first step in achieving this is performing a vulnerability assessment. Read this guide to learn how to perform vulnerability
Cybersecurity researchers on Wednesday exposed a new cyberespionage campaign targeting military organizations in Southeast Asia. Attributing the attacks to a threat actor dubbed "Naikon APT," cybersecurity firm Bitdefender laid out the ever-changing tactics, techniques, and procedures adopted by the group, including weaving new backdoors named "Nebulae" and "RainyDay" into their data-stealing
The maintainers of Composer, a package manager for PHP, have shipped an update to address a critical vulnerability that could have allowed an attacker to execute arbitrary commands and "backdoor every PHP package," resulting in a supply-chain attack. Tracked as CVE-2021-29472, the security issue was discovered and reported on April 22 by researchers from SonarSource, following which a hotfix was
An adversary known for its watering hole attacks against government entities has been linked to a slew of newly detected intrusions targeting various organizations in Central Asia and the Middle East. The malicious activity, collectively named "EmissarySoldier," has been attributed to a threat actor called LuckyMouse, and is said to have happened in 2020 with the goal of obtaining geopolitical
Google loses its domain in Argentina, how do gripe sites make their dough, and has John Deere solved the cybersecurity problem? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.
