Mathy Vanhoef, a Belgian researcher discovered several vulnerabilities in the Wi-Fi standard. Some of these flaws date back to 1997 and affects Wireless Routers used in the last 24 years. Vanhoef is a computer security postdoctoral researcher at New York University Abu Dhabi, and he published on Tuesday a study show more ...
According to Pradeo researchers, a new Android malware that impersonates the Google Chrome app has spread to hundreds of thousands of people in the last few weeks. The fake app is part of a sophisticated hybrid cyberattack campaign that also utilizes mobile phishing to extract credentials. The attack begins with a show more ...
Germany has banned Facebook to collect data on WhatsApp users within the country's borders. According to the Hamburg Data Protection and Freedom of Information Commission (HmbBfDI), the app's new data collection policies, as well as Facebook's aggressive efforts to persuade users to accept, tamper with the show more ...
A new report revealed a shift in cybercriminals' strategy during the COVID-19 pandemic, resulting in an increase in application-specific and Web application attacks. The cyberattacks accounted for 67% of all attacks last year. In the last two years, this number has more than doubled. According to the NTT report show more ...
Adobe has released an extensive Patch on Tuesday that contains security updates for 12 different apps. One of these apps, Adobe Reader, is currently being actively exploited. Adobe Experience Manager, Adobe InDesign, Adobe InCopy, Adobe Genuine Service, Adobe Illustrator, Adobe Acrobat and Reader, Magento, Adobe Creative Cloud Desktop A... (read more)
According to Egress' Outbound Email: Microsoft 365's Security Blind Spot report, 85% of Microsoft 365 users experienced email data breaches in the past 12 months. Working from home has increased the risk of an email data breach for Microsoft users. 67% of IT leaders report an increase in data breaches show more ...
The recent ransomware attack on Colonial Pipeline, the company that controls the pipeline network supplying fuel to a large chunk of the US East Coast, is one of the most high-profile in living memory. Understandably, the details of the attack have not been made public, but some scraps of information have found their show more ...
Episode 201 of the Kaspersky Transatlantic Cable podcast is the extended podcast we teased last week. More changes will come, but this will be a recurring theme and length. For our first story, Dave and I take a look at yet another cryptoscam involving Elon Musk, whose hosting of Saturday Night Live netted scammers show more ...
Manchester City win the Carabao Cup Final, many illegal streamers lose The COVID pandemic has led to a surge in content consumption as people stayed home and turned to Netflix, Youtube and other streaming services for entertainment. Not everyone agrees with paying for the latest episode or album, however, and this show more ...
Researchers last week spotted a phishing campaign that leveraged an online email authentication solution from Zix, in hopes that potential victims would be lulled into a false sense of security.
Realizing that one of their affiliates picked the wrong target with Colonial Pipeline, the DarkSide team said they will now evaluate all targets before they allow an affiliate to perform an attack.
The files include personal information such as SSNs, dates of birth, psychological assessments, driver’s licenses, fingerprints, polygraph tests, and residential, financial, and marriage history.
Windows users of Adobe Reader may be the only ones currently targeted. However, the bug affects eight versions of the software, including those running on Windows and macOS systems.
The computer systems of 50 Western Australian local government entities were probed and the result was the finding of 328 control weaknesses, with 33 considered as significant by the Auditor-General.
Several of the flaws relate to the ability to inject plaintext frames, as well as certain devices accepting any unencrypted frame or plaintext aggregated frames that look like handshake messages.
In 2020, The National Cyber Security Centre’s (NCSC) Active Cyber Defense (ACD) program managed to curb the online scam economy in a record-breaking takedown of 700,595 scams.
Microsoft has fixed 55 vulnerabilities, with four classified as Critical, 50 as Important, and one as Moderate. The three zero-day flaws patched today were publicly disclosed but not used in attacks.
Threat hunting is implemented by IT professionals to find dormant or active threats on their network to better understand and harness network visibility and threat actor entry points.
UK Home Secretary Priti Patel has promised a government review of the UK's 30-year-old Computer Misuse Act "this year" as well as condemning companies that buy off ransomware criminals.
Apple enterprise support services provider Jamf this afternoon said it will acquire nine-year-old startup Wandera of San Francisco, a provider of cloud-based software for "zero trust" security.
During this research, CPR detected several SSM documents that led to the discovery of over 5 million Personally identifiable information records and credit card transactions for several companies.
According to researchers at Pradeo, the attack starts with a basic “smishing” gambit. If they fall for it and click, a message comes up asking them to update the Chrome app.
The analysis, which aims to identify and assess risks and vulnerabilities introduced by 5G adoption, was published on Monday by the NSA, in partnership with the ODNI and the CISA.
The Qualys Research Team found 10 remotely exploitable and 11 locally security flaws, collectively known as 21Nails. Versions prior to Exim 4.94.2 are vulnerable to attacks exploiting 21Nails.
While it has been more than a year since the pandemic struck and the world lost more than 3 million lives, threat actors are still hell-bent on disrupting the networks of healthcare facilities, with no concern for human lives.
The CISA has published a report on the FiveHands ransomware deployed by an aggressively financially motivated group - UNC2447. The campaign involved extortion incidents between January and February.
While ransomware operators have adopted various extortion tactics to make their victims pay up, it's important to take a look at key statistics on victims paying or not paying the ransom.
The FBI says that cybercrime gangs are using search results and search engine ads to lure victims on phishing sites for financial institutions in order to collect their login credentials.
In July 2020, a cyber-enabled influence campaign, dubbed Ghostwriter, was spotted. It mainly targeted Poland, Lithuania, and Latvia. However, based on some developments reported by researchers, the campaign has been attributed to an uncategorized threat actor.
A Belgian security researcher has discovered a series of vulnerabilities that impact the WiFi standard, with some bugs dating back as far back as 1997 and affecting devices sold for the past 24 years.
The Series A funding round — which comes as VisibleRisk launches a new risk assessment service, Cyber Rating — will be used to expand the company’s workforce well into this year.
Tech giant SAP has released a total of six new security notes on its May 2021 Security Patch Day, along with updates for five other security notes, including three rated Hot News.
Existing investors, including Evolution Equity Partners, Notion Capital, AlbionVC, Cisco Investments and Paladin Capital Group, as well as new investor National Grid Partners, also participated.
Minister of Trade, Industry, and Energy Moon Seung-wook convened a meeting yesterday, saying it was needed considering the attack on Colonial Pipeline, one of the USA’s main oil transport facilities.
According to new data released by the FTC, the reported rate of identity theft in Kansas in 2020 was higher than that of any other state and more than three times greater than the national average.
In addition to providing builds of DARKSIDE ransomware, the operators of this service also maintain a blog accessible via TOR. This site is also used to pressure victims into paying ransoms.
Microsoft Exchange servers are once again under attack by the Lemon Duck cryptocurrency mining botnet, which recently beefed up its anti-detection capabilities. Organizations should stay vigilant against this threat and use reliable anti-malware defenses.
The U.S. security agencies have issued advisories against highly dangerous cyber threats from Russian Foreign Intelligence Service (SVR) operators (APT29, Cozy Bear, and Dukes), and the threat actors are adapting accordingly.
These fraudulent applications are aimed at exploiting the increased interest in trading apps, driven by the recent significant rise in the value of cryptocurrencies and interest in stock trading.
The energy sector worldwide is witnessing increasing cyber risks, with one of the largest fuel pipeline systems in the U.S. now becoming a ransomware attack victim. Such disruptions could lead to devastating outcomes.
The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation.
This Metasploit module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifTool versions 7.44 through 12.23 inclusive. The injection is used to execute a shell command using Perl backticks. The DjVu image can be embedded in a wrapper image using the HasselbladExif EXIF field.
The Container Manager Service creates an AppContainer process without impersonating the access token leading to privilege escalation.
The Container Manager Service does not impersonate the caller when granting access to virtual disk images leading to privilege escalation.
The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another user identity leading to privilege escalation.
Backdoor.Win32.Delf.zho malware suffers from bypass and code execution vulnerabilities.
Red Hat Security Advisory 2021-1547-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.115 and .NET Core Runtime 3.1.15. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2021-1546-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.203 and .NET Runtime 5.0.6. Issues addressed include a privilege escalation vulnerability.
Ubuntu Security Notice 4951-1 - Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement.
Ubuntu Security Notice 4949-1 - Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service or execute arbitrary code. Manfred Paul show more ...
Ubuntu Security Notice 4948-1 - Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service or execute arbitrary code. Manfred Paul show more ...
Ubuntu Security Notice 4950-1 - Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service or execute arbitrary code. Manfred Paul show more ...
Red Hat Security Advisory 2021-1544-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Red Hat Security Advisory 2021-1540-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a bypass vulnerability.
Chevereto version 3.17.1 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2021-1538-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a bypass vulnerability.
Ubuntu Security Notice 4947-1 - Kiyin discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the fastrpc driver in the Linux kernel show more ...
Ubuntu Security Notice 4946-1 - It was discovered that the DRM subsystem in the Linux kernel contained double-free vulnerabilities. A privileged attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schoenherr show more ...
Ubuntu Security Notice 4945-1 - It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service. Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle show more ...
Android NFC suffers from a type confusion vulnerability in nfa_rw_sys_disable.
Splinterware System Scheduler Professional version 5.30 suffers an unquoted service path vulnerability.
Odoo version 12.0.20190101 suffers from an unquoted service path vulnerability.
Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild. The list of updated applications includes Adobe Experience Manager, Adobe InDesign, Adobe Illustrator, Adobe InCopy, Adobe Genuine Service, Adobe Acrobat and Reader, Magento,
Microsoft on Tuesday rolled out its scheduled monthly security update with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. Of these 55 bugs, four are rated as Critical, 50 are rated as Important, and one is listed as Moderate in severity. Three of the vulnerabilities are publicly known, although, unlike
The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department (MPD) after negotiations with the DC Police broke down, warning that they intend to publish all data if their ransom demands are not met. "The negotiations reached a dead end, the amount we were offered does not suit us, we are posting 20 more personal files on officers
Three design and multiple implementation flaws have been disclosed in IEEE 802.11 technical standard that undergirds Wi-Fi, potentially enabling an adversary to take control over a system and plunder confidential data. Called FragAttacks (short for FRgmentation and AGgregation attacks), the weaknesses impact all Wi-Fi security protocols, from Wired Equivalent Privacy (WEP) all the way to Wi-Fi
