A recent academic study identified several privacy and security risks associated with recycling mobile phone numbers that could be used to stage a range of attacks, such as account takeovers, phishing, and spam attacks. This can go as far as denial of service, as it discourages victims to sign up for online services show more ...
According to Which?, millions of people might be using outdated routers, putting them at risk of being hacked. The consumer watchdog examined 13 models offered to customers by internet service providers such as EE, Sky, and Virgin Media, and discovered that more than two-thirds had flaws. It is estimated that show more ...
According to a report from TechCrunch, an outdated version of Peloton’s API, the program that enables the company’s bikes and recall treadmills to communicate with its servers, might have revealed private customer profiles. Peloton claims to have over 3 million subscribers and over 1 million connected fitness show more ...
Cisco patched critical security bugs in vManage and HyperFlex HX, which could have enabled remote attackers to run commands as root or create unauthorized administrator accounts. Attackers may remotely execute arbitrary code, escalate privileges, trigger denial of service conditions, and more on unpatched servers. show more ...
Since the onset of the COVID-19 pandemic, many companies have moved much of their workflows online and learned to use new collaboration tools. In particular, Microsoft’s Office 365 suite has seen a lot more use — and, to no one’s surprise, phishing now increasingly targets those user accounts. Scammers show more ...
It’s here — episode 200 of the Kaspersky Transatlantic Cable has landed. This week, Dave and Jeff chat about a new ransomware taskforce whose purpose is to stem the surge of ransomware attacks. From there, they look at issues surrounding Google’s ad network and scams — and why Google just can’t show more ...
Persona, a San Francisco, Calif.-based identity verification firm, today announced that it has raised $50 million in Series B funding. The company has now raised over $68 million to date.
The study was undertaken by Princeton University's Kevin Lee and Prof. Arvind Narayanan, who is one of the executive committee members at the Center for Information Technology Policy.
Vanta intends to use the new $50 million Series A funding round towards meeting customer demand, as well as launching new products and opening a second office in New York.
A local authority in East London has committed a privacy blunder by emailing what appear to be thousands of residents – while forgetting to use the BCC field and exposing all of the email addresses.
This type of malware infects devices and then collects user credentials from web browsers, FTP, and email clients, data that is later uploaded to command and control (C&C) servers.
Cisco has fixed critical SD-WAN vManage and HyperFlex HX software security flaws that could enable remote attackers to execute commands as root or create rogue admin accounts.
The expansion allows for research and reporting of vulnerabilities related to all DOD publicly-accessible networks, frequency-based communication, IoT, industrial control systems, and more.
One Peak Partners is leading this Series C, with previous investors Susquehanna Growth Equity (SGE), Vertex Ventures Israel, Vertex Growth, and Dell Technologies Capital also participating.
VMware has released security updates to address a critical severity vulnerability in vRealize Business for Cloud that enables unauthenticated attackers to remotely execute malicious code.
A study into the use and popularity of the Internet's TLDs over a 10-year period shows that many newer TLDs may present more of a security nuisance for organizations than anything else.
A fraudulent website impersonating a vaccine-developing biotechnology company to allegedly steal data has been seized by the United States Attorney's Office for the District of Maryland.
A pair of related phishing campaigns this year took the unusual step of intentionally avoiding malicious links or attachments in its emails to avoid getting flagged by security tools.
Faxton St. Luke’s Healthcare (FSLH) was notified on March 30, 2021, that Capture RX, a third-party business associate, experienced a data breach on February 6, 2021, affecting 17,655 patients of FSLH.
The Biden administration and Congress are mobilizing to confront ransomware attacks on critical organizations such as schools and hospitals, which officials have labeled a national security threat.
To protect the memory stack from cyberattackers, Google revealed that its Chrome 90 has adopted a new Windows 10 security feature called "Hardware-enforced Stack Protection".
Researchers at Palo Alto Networks have detailed vulnerabilities in the JET database engine that can be exploited to execute malicious code on systems running Microsoft’s SQL Server and IIS web server.
Avaddon, which originated in Russia, is behind the breach and is threatening to release a trove of sensitive information including images of passports, driver’s licenses, and employment contracts.
These attacks begin with an emailed link that when clicked loads not a phishing site but the user’s actual Office 365 login page — whether that be at microsoft.com or their employer’s domain.
A new malicious campaign, masquerading as shipping notices from DHL, was found deploying the latest Buer malware loader variant written in Rust. The new update in Buer helps attackers evade detection and increase successful click rates.
Security threats in PHP or its components can have a big impact. Lately, a vulnerability was found in the PHP Composer that could have allowed an attacker to execute arbitrary commands and backdoor every PHP package.
Hackers infiltrated the systems of Rubin Central Design Bureau for Marine Engineering, a Russian submarine design firm, using a new malware called PortDoor. It is suspected that Chinese actors could be behind the attack.
REvil is a fierce threat with its smart hacking tactics and techniques. The ransomware now spreads via exploit kits, RDP servers, backdoored software installers, and scan-and-exploit methods. Apply adequate security measures to stay protected.
The "Spam protection, AntiSpam, FireWall by CleanTalk" plugin is installed on more than 100,000 sites and is mainly used to weed out spam and trash comments on website discussion boards.
Since January 2021, Roaming Mantis has been targeting Japanese users with a new malware called SmsSpy. The malicious code infects Android users using one of two variants based on the version of OS.
The infection chain starts with an URL in the email body that downloads a zip archive containing an Excel file that uses XLM 4.0 macros to download the 2nd stage from the compromised web servers.
Qualcomm MSM is a series of 2G, 3G, 4G, and 5G capable system on chips (SoCs) used in roughly 40% of mobile phones by multiple vendors, including Samsung, Google, LG, OnePlus, and Xiaomi.
The Series B round, led by JMI Equity, will help the company expand its platform. Previous investors ForgePoint Capital and Gula Tech Adventures also participated in the latest financing round.
According to multiple documents found by Recorded Future’s Insikt Group, Unit 61419 of the Chinese People’s Liberation Army (PLA) bought small batches of different antivirus products in early 2019.
Researchers from Proofpoint detected more than 180 different malicious open authorization (OAuth) applications attacking 55% of their customers with a success rate of 22%.
The organization, which provides aged care, disability supports, health care, and crisis response services throughout the Australian state, suffered the attack on Sunday, 25 April 2021.
A new Windows malware called Pingback has been found using DLL hijacking attack to target Microsoft Windows 64-bit systems. The malware takes the advantage of ICMP for its command-and-control activities.
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
Red Hat Security Advisory 2021-1509-01 - Jetty is a 100% Java HTTP Server and Servlet Container. Issues addressed include a resource exhaustion vulnerability.
Red Hat Security Advisory 2021-1429-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an XML injection vulnerability.
Red Hat Security Advisory 2021-1499-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private show more ...
Red Hat Security Advisory 2021-1366-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.9. Issues addressed include a denial of service vulnerability.
Gentoo Linux Security Advisory 202105-1 - Multiple vulnerabilities have been found in Exim, the worst of which allows remote attackers to execute arbitrary code. Versions less than 4.94.2 are affected.
Xmind version 2020 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Tagstoo version 2.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Marky version 0.0.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
StudyMD version 0.3.2 suffers from a cross site scripting vulnerability that can lead to remote code execution.
SnipCommand version 0.1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Moeditor version 0.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Markdownify version 1.2.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Freeter version 1.2.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Markdown-Explorer version 0.1.1 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Markright version 1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Anote version 1.0 suffers from a cross site scripting vulnerability that can lead to remote code execution.
Backdoor.Win32.NinjaSpy.c malware suffers from a code execution vulnerability.
Backdoor.Win32.Floder.gqe malware suffers from an insecure permissions vulnerability.
Trojan.Win32.Siscos.bqe malware suffers from an insecure permissions vulnerability.
Red Hat Security Advisory 2021-1515-01 - Openshift Logging Bug Fix Release. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.
Ubuntu Security Notice 4938-1 - It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files.
Ubuntu Security Notice 4936-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was show more ...
Red Hat Security Advisory 2021-1511-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 7 and 8. Issues addressed include an information leakage vulnerability.
b2evolution version 7-2-2 suffers from a remote SQL injection vulnerability.
WordPress WP Super Edit plugin version 2.5.4 suffers from an arbitrary file upload vulnerability.
Red Hat Security Advisory 2021-1512-01 - PostgreSQL is an advanced object-relational database management system.
Ubuntu Security Notice 4937-1 - Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution.
Schlix CMS version 2.2.6-6 suffers from a remote code execution vulnerability.
Schlix CMS version 2.2.6-6 suffers from a persistent cross site scripting vulnerability.
This whitepaper discusses Pass The Hash attacks as well as the tooling needed to perform the attacks.
Ubuntu Security Notice 4934-2 - USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026 only affected Ubuntu 16.04 ESM. It was discovered that Exim contained multiple security issues. An attacker could use these issues to show more ...
When Spectre, a class of critical vulnerabilities impacting modern processors, was publicly revealed in January 2018, the researchers behind the discovery said, "As it is not easy to fix, it will haunt us for quite some time," explaining the inspiration behind naming the speculative execution attacks. Indeed, it's been more than three years, and there is no end to Spectre in sight. A team of
Networking equipment major Cisco has rolled out software updates to address multiple critical vulnerabilities impacting HyperFlex HX and SD-WAN vManage Software that could allow an attacker to perform command injection attacks, execute arbitrary code, and gain access to sensitive information. In a series of advisories published on May 5, the company said there are no workarounds that remediate
Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm's mobile station modems (MSM) that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. "If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and
InfoSec leaders tend to be a specific type. Their jobs require them to think of possible threats, take actions that may not pay immediate results, plan for unknown security risks, and react quickly when emergencies arise, often before the morning's first coffee. The high-stakes position also means that CISOs need to keep their knowledge and skills sharp – you can never really know what's around
Signal tried to run targeted ads on Instagram that showed users *how* they had been targeted, and revealed the extraordinary amount of data Facebook collects about users.
How did the SCAM cryptocurrency become a success? Why is Google allowing government rip-off ads to still appear on search results? And why on earth is everyone suddenly spending millions of dollars on NFTs? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" show more ...
The US Defense Department and third-party military contractors are being advised to strengthen the security of their operational technology (OT) in the wake of security breaches, such as the SolarWinds supply chain attack. Read more in my article on the Tripwire State of Security blog.
