So, you’ve downloaded the latest Candy Ninja: Battle Royale to while away a couple of hours on your iPhone or iPad, but the first thing you see when you open the app is a prompt: “Allow “Candy Ninja” to track your activity across other companies’ apps and websites?” What exactly show more ...
Disclosed in a filing with the SEC, the breach is described as involving an authorized third party obtaining login credentials from an unknown source and then attempting to access customer accounts.
Tenable Holdings has completed its acquisition of Active Directory security startup Alsid SAS. The deal, first announced in February, was officially closed on April 26 with a cash payment of $98m.
Cybercriminals target Rogers customers with a new SMS phishing campaign pretending to be refund alerts from Rogers owing to last week's Canada-wide wireless network outage.
In March, threat intelligence experts warned of a new version of the ransomware that featured a faster encryption process, VoIP calling, and modules to target virtual machines.
Microsoft security researchers have discovered over two dozen critical remote code execution vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems.
The data breach originated from an unsecured cloud storage account Paleohacks was using to store the private data and personal details of over 70,000 customers and users.
The new government breaches involve a popular virtual private network (VPN) known as Pulse Connect Secure, which hackers were able to break into using some known security flaws.
The command injection vulnerability was discovered by researchers from SonarSource who warn that it flaw could have been potentially exploited to conduct a supply-chain attack.
Babuk – the allegedly Russian-speaking ransomware gang targeting D.C.’s Metropolitan Police Department – posted on the dark web a message that it was shutting down, only to reverse course later.
The bill has bipartisan support, and is sponsored by Sens. Jacky Rosen (D-Nev.) and Marsha Blackburn (R-Tenn.) in the Senate, alongside Reps. Jimmy Panetta (D-Calif.) and Ken Calvert (R-Calif.).
Popular hacking forum OGUsers has been hacked for its fourth time in two years, with hackers now selling the site's database containing user records and private messages.
In a letter to the House Committee on Appropriations, two members of the Cyberspace Solarium Commission are asking for an increase in funding for the CISA in the fiscal year 2022.
The documents posted Wednesday ran into the hundreds of pages and included names, Social Security numbers, phone numbers, financial and housing records, job histories, and polygraph assessments.
The FiveHands ransomware deployed in UNC2447 attacks was first observed during October 2020. It is also very similar to HelloKitty ransomware, both of them rewrites of DeathRansom ransomware.
Middle market companies possess a lot of valuable data but continue to lack appropriate levels of protective controls and staffing, according to a report from RSM US and the U.S. Chamber of Commerce.
This week, the organization said the vulnerabilities impact ISC Berkeley Internet Name Domain (BIND) 9, widely used as a DNS system and maintained as an open-source project.
Hundreds of third-party apps in Android devices were given access to sensitive data logged by contact-tracing apps built on Google and Apple's API, according to security researchers.
Hackers with suspected ties to China repeatedly took advantage of vulnerabilities in Pulse Secure VPN, a widely used remote connectivity tool, to gain access to government agencies and defense firms.
Experts from Kaspersky explained that in February 2019, multiple antivirus companies received a collection of malware samples, some of them cannot be associated with the activity of known APT groups.
In perhaps one of the biggest phishing incidents targeting some of the world’s largest news organizations, hackers have created fake replica websites of news portals of 900 global news portals.
Brazil's Tribunal de Justiça do Estado do Rio Grande do Sul was hit with an REvil ransomware attack yesterday that encrypted employee's files and forced the courts to shut down their network.
Banca di Credito Cooperativo (BCC), one of the largest Italian cooperative credit banks, was hit by a cyberattack allegedly carried out by one of the most aggressive ransomware gangs, Darkside.
This Metasploit module exploits a command injection vulnerability on login that affects Micro Focus Operations Bridge Reporter on Linux, versions 10.40 and below. It is a straight up command injection, with little escaping required, and it works before authentication. This module has been tested on the Linux 10.40 version.
This Metasploit module abuses a known default password on Micro Focus Operations Bridge Reporter. The shrboadmin user, installed by default by the product has the password of shrboadmin, and allows an attacker to login to the server via SSH. This module has been tested with Micro Focus Operations Bridge Manager 10.40. show more ...
OX App Suite versions 7.10.4 and below suffer from cross site scripting and server-side request forgery vulnerabilities. OX Guard versions 2.10.4 and below suffer from a denial of service vulnerability.
Ubuntu Security Notice 4930-1 - Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour.
Piwigo version 11.3.0 suffers from a remote SQL injection vulnerability.
Backdoor.Win32.Agent.oj malware suffers from a code execution vulnerability.
Microsoft Windows can dupe users into trusting executables with DLL hijacking and privilege escalation issues.
Backdoor.Win32.Agent.oj malware suffers from a buffer overflow vulnerability.
Moodle version 3.6.1 suffers from a persistent cross site scripting vulnerability.
Backdoor.Win32.Agent.kte malware suffers from a buffer overflow vulnerability.
Backdoor.Win32.Agent.gmug malware suffers from a heap corruption vulnerability.
Red Hat Security Advisory 2021-1469-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
GNU wget versions prior to 1.1.8 arbitrary file upload and code execution exploit.
Backdoor.Win32.Agent.ggw malware suffers from a bypass vulnerability.
Worm.Win32.Delf.hu malware suffers from an insecure permissions vulnerability.
HEUR.Trojan.Win32.Bayrob.gen malware suffers from an insecure permissions vulnerability.
Whitepaper discussing shortcut hotkey exploitation. Written in Hebrew.
A new SAFER bypass was discovered that affects older versions of windows.
Microsoft researchers on Thursday disclosed two dozen vulnerabilities affecting a wide range of Internet of Things (IoT) and Operational Technology (OT) devices used in industrial, medical, and enterprise networks that could be abused by adversaries to execute arbitrary code and even cause critical systems to crash. "These remote code execution (RCE) vulnerabilities cover more than 25 CVEs and
Perhaps due to the nature of the position, the InfoSec leadership roles tend to be solitary ones. CISOs, or their equivalent decision-makers in organizations without the role, have so many constant drains on their attention – keeping their knowledge fresh, building plans to secure their organizations further – that they often find themselves on an island. It’s even more challenging for
Click Studios, the Australian software firm which confirmed a supply chain attack affecting its Passwordstate password management application, has warned customers of an ongoing phishing attack by an unknown threat actor. "We have been advised a bad actor has commenced a phishing attack with a small number of customers having received emails requesting urgent action," the company said in an
An "aggressive" financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS. The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an "improper SQL command neutralization" flaw in the SSL-VPN SMA100 product (CVE-2021-20016, CVSS score 9.8) that
DigitalOcean, the popular cloud-hosting provider, has told some of its customers that their billing details were exposed due to what it described as a "flaw." Read more in my article on the Hot for Security blog.
