If you were to look at the statistics, every week a new organization is targeted by a ransomware attack. Nevertheless, a new study from eSentire's security research team and Dark Web researcher Mike Mayes reveal that the events we see in the news are just a fraction of the true number of victims. According to show more ...
Check Point Research (CPR) discovered that mobile app developers potentially exposed personal data of over 100 million users through a few misconfigurations of third-party cloud providers. Personal data included email addresses, chat messages, location, passwords, and images and could be gathered from 23 Android apps. show more ...
The cybercriminal group, known as DarkSide, received about $90 million in Bitcoin after launching a massive ransomware attack on the pipeline industry. FireEye's previous investigation into DarkSide's affiliate scheme found that its developers took a 25% cut for payments under $500,000 and a 10% cut for show more ...
It has been claimed that Amazon's Ring doorbell camera is building the largest corporate-owned private surveillance network that the United States has ever seen. Lauren Bridges, a Ph.D. candidate at the University of Pennsylvania, gave The Guardian a stark warning. Since partnering with over 1,800 local law show more ...
Welcome to episode 202 of the Kaspersky Transatlantic Cable podcast. While much of the cyberworld will be juggling sales pitches and panels at RSA, we’re focusing on stories that will have more of an immediate impact on your security needs. We open the episode discussing the latest with DarkSide. Are they dead? show more ...
There’s a certain reliability to everyday objects. Take a TV remote for example: It’s hard to imagine one eavesdropping on conversations, but cybersecurity researchers J. J. Lehman and Ofri Ziv from Israeli company Guardicore got one to do just that. They reported their findings at RSA Conference 2021. How show more ...
There are several PoCs readily available, including complete videos on YouTube, so users of the Pega Infinity enterprise software platform are being advised to update their installations.
This week, the European Council announced its decision to extend for one year the framework for sanctions against cyberattacks that threaten the European Union and its member states.
When you click the link to visit the fake Royal Mail page, there’s a fair bit of code for detecting potential VM use. It tests for WebGL renders and whether site visitors have a display or not.
Instead of demanding millions of dollars to recover files, the threat actors priced their ransom demands at only $500, which led to many businesses paying the ransom to recover their files.
Britive, a Los Angeles, California-based provider of a management platform to secure privileged access for multi-cloud enterprises, raised $10m in its Series A funding led by Crosslink Capital.
"There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation," the search giant said in an updated alert.
Google is tapping parent company Alphabet's VirusTotal, a malware research website Google bought in 2012, for a new capability within Google Workspace's Alert Center to provide real-time alerts.
BEC and phishing attacks are major security issues plaguing enterprises, and they continue to be a threat as attackers find new ways to infiltrate victims' inboxes and trick them into sending funds.
Researchers say that the existing abuse of Cobalt Strike has been linked to campaigns ranging from ransomware deployment to surveillance, data exfiltration, and creating malleable C2 architectures.
In February, researchers began reporting a call center-based method of distributing BazarLoader. It utilizes trial subscription-themed emails that encourages potential victims to call a phone number.
Officials from the Cybersecurity and Infrastructure Security Agency announced a new initiative to fight firmware vulnerabilities at the RSA Conference Wednesday afternoon.
As policymakers try to respond to incidents, they're finding out that the problem is larger than cybercriminals extorting corporations and governments to regain access to their own data.
This data breach majorly affected the applicants whose CVs containing personal information were leaked due to misconfigured AWS S3 buckets, reports the research team at Website Planet.
Cyberattackers on average have 11 days after breaching a target network before they're being detected, according to Sophos – and often when they are spotted it's because they've deployed ransomware.
The U.S. House Committee on Homeland Security has passed five bipartisan bills on Monday to bolster defense capabilities against cyberattacks targeting U.S. organizations and critical infrastructure.
According to the report, the fake Microsoft Authenticator extension was made available on April 23 this year after failing to be spotted by Google’s security systems and has reached 448 users.
Mozilla has begun rolling out a new security feature for its Firefox browser in nightly and beta channels that aims to protect users against a new class of side-channel attacks from malicious sites.
Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to legitimate.
"We have identified a scam that used a phishing attack to gain access to Domain's administrative systems to engage with people who have made rental property enquiries," the company's CEO told ZDNet.
GlobalPlatform has expanded its Trusted Execution Environment (TEE) security certification scheme to enable evaluation of discrete technologies that come together to make up a complete TEE solution.
Researchers from the Wordfence Threat Intelligence discovered a Time-Based Blind SQL Injection vulnerability in WP Statistics, which is a WordPress plugin with over 600,000 active installs.
The findings come from a study of 23 Android apps on the Google Play Store, some of which garnered 10,000 to 10 million downloads, such as Astro Guru, iFax, Logo Maker, Screen Recorder, and T'Leva.
Owners of Eufy home security cameras were warned this week of an internal server bug that allowed strangers to view, pan, and zoom in on their home video feeds for approximately one day.
Joseph Blount, Colonial Pipeline’s CEO, told the Wall Street Journal he authorized the payment because the firm didn’t know the extent of the damage and wasn’t sure how long it would take to recover.
Google is launching a new capability in Chrome to alert users when a password is compromised and automate the process of updating to a new one. The feature runs on Google's Duplex technology.
The integer overflow vulnerability exists in the way macOS SMB server processes SMB3 compounded packets. An attacker could exploit this vulnerability by sending a specially crafted packet.
A malware campaign that has been undergoing constant development in its toolsets since February now boasts of four different malware versions - all of which start with an AHK executable that leads to the different VBScripts.
In case studies published by Armorblox, it highlighted two Amazon vishing attacks intent on stealing customer credit card details -- and how the use of voice messages can bypass existing spam filters.
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on show more ...
Red Hat Security Advisory 2021-2063-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.7 serves as a replacement for Red Hat show more ...
Red Hat Security Advisory 2021-2064-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.7 serves as a replacement for Red Hat show more ...
Red Hat Security Advisory 2021-2065-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.7 serves as a replacement for Red Hat show more ...
Red Hat Security Advisory 2021-2061-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a bypass vulnerability.
Acer Updater Service version 1.2.3500.0 suffers from an unquoted service path vulnerability.
Acer Backup Manager Module version 3.0.0.99 suffers an unquoted service path vulnerability.
Proof of concept exploit for the HTTP protocol stack remote code execution vulnerability related to a use-after-free dereference in http.sys.
Google on Wednesday updated its May 2021 Android Security Bulletin to disclose that four of the security vulnerabilities that were patched earlier this month by Arm and Qualcomm may have been exploited in the wild as zero-days. "There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation," the search giant said in an
An investigation undertaken in the aftermath of the Oldsmar water plant hack earlier this year has revealed that an infrastructure contractor in the U.S. state of Florida hosted malicious code on its website in what's known as a watering hole attack. "This malicious code seemingly targeted water utilities, particularly in Florida, and more importantly, was visited by a browser from the city of
Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors. "By not following best-practices when configuring and integrating third-party cloud-services into applications, millions of users' private data was exposed," Check Point researchers said in an analysis published today and shared with
If there's one thing all great SaaS platforms share in common, it's their focus on simplifying the lives of their end-users. Removing friction for users in a safe way is the mission of single sign-on (SSO) providers. With SSO at the helm, users don't have to remember separate passwords for each app or hide the digital copies of the credentials in plain sight. SSO also frees up the IT's bandwidth
The Colonial Pipeline attack has shone light on the activities of the Darkside ransomware gang, we take a skeptical look at cryptocurrencies and the blockchain, and Eufy security cameras suffer an embarrassing security failure. All this and much more is discussed in the latest edition of the award-winning show more ...
With all the headlines about ransomware attacks hitting companies hard, you might think there's only bad news around the subject. Well, think again. Read more in my article on the Tripwire State of Security blog.
