A new STRRAT version has been found by a group of Microsoft cybersecurity specialists. It is a Java-based malware that is disguised like ransomware to rob personal data stored on infected computers. This is yet another threat to be addressed, as the harm it causes is very significant. As noted by ZDNet, the show more ...
Last month, security researchers revealed that a notorious malware family exploited a never seen before flaw. The vulnerability enabled macOS security defenses to be bypassed and run unimpeded. There are indicators that macOS might have targeted again in the future. Jamf claims it has found evidence for a show more ...
The FBI has related the Conti ransomware community to at least 16 cyberattacks in the United States aimed at disrupting healthcare and first responder networks. 911 dispatchers, law enforcement officers, and emergency care services have all been targeted in the last year as medical services struggled to handle the show more ...
The Bluetooth core and mesh profile specifications may be exploited by cybercriminals as legit devices and perform man-in-the-middle (Mit-) attacks. According to the Carnegie Mellon CERT Coordination Center, "Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks show more ...
In a panel discussion at RSA Conference 2021 about Web attacks and online fraud, researchers discussed lessons drawn from studies of cybercriminal tactics and attacks on large organizations. One speaker, former law enforcement officer Dan Woods, talked about his experience training as a CAPTCHA farm worker. The work show more ...
Jeremy O’Sullivan, co-founder of the IoT analytics company, Kytch brings us the cautionary tale of his company’s travails with the commercial ice cream machine manufacturer, Taylor, whose equipment is used by the likes of Burger King and McDonalds. The post Episode 215-1: Jeremy O’Sullivan of Kytch On The Tech show more ...
An easy-to-exploit bug impacting the WordPress plugin ReDi Restaurant Reservation allows unauthenticated attackers to pilfer reservation data and customers' personally identifiable information.
Restoration work is continuing. "All of our computer systems - with a few exceptions - are down right now," Michael Derringer, the city's CIO, said at a press conference on Thursday.
It appears that stolen API keys for cryptocurrency trading apps are being used by cybercriminals to easily empty their victims’ accounts on all major cryptocurrency exchanges.
Presented at the International Conference on Learning Representations (ICLR), the technique neutralizes optimization techniques that speed up the operation of deep neural networks.
The White House, highlighting cybersecurity as "one of the preeminent challenges of our time," underscored how President Joe Biden’s American Jobs Plan would increase the country’s cyber defenses.
The outfit behind the Colonial Pipeline ransomware attack had a blog, a user-friendly interface, and a sliding fee scale for helping hackers cash in on stolen information.
Apple has released security updates to patch three macOS and tvOS zero-day flaws exploited in the wild, with the former being abused by the XCSSET malware to bypass macOS privacy protections.
In its breach notification letter, Bose said that it "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment."
The vulnerability, tracked as CVE-2021-29956 and assessed as “low” impact by Mozilla, existed in the free open-source Thunderbird email client between version 78.8.1 and version 78.10.1.
Vulnerabilities identified by security researchers with Cisco’s Talos unit in Trend Micro Home Network Security devices could be exploited to elevate privileges or achieve arbitrary authentication.
The Indonesian government has blocked access inside its borders to Raid Forums, a well-known cybercrime forum, in an attempt to limit the spread of a sensitive data leak.
Several versions of JSWorm were released as part of each “rebranded” variant that altered different aspects of the code, renamed file extensions, cryptographic schemes, and encryption keys.
The GAO found that while the cyber insurance market boomed in recent years, rising premiums and difficulty in quantifying the costs and losses from cyber incidents pose obstacles to further adoption.
In the past, Moscow has faced numerous allegations of cyberattacks that resulted in multiple sanctions and the expulsion of its diplomats. The term "hacker" has almost become synonymous with Russia.
Adversaries could exploit newly discovered security weaknesses in Bluetooth Core and Mesh Profile Specifications to masquerade as legitimate devices and carry out man-in-the-middle (MitM) attacks.
A data poisoning attack aims to modify a machine learning model’s training set by inserting incorrectly labeled data with the goal of tricking it into making incorrect predictions.
The personal details of 13 million DailyQuiz users have been leaked online earlier this year after a hacker breached the quiz builder’s database and stole its content, which he later put up for sale.
Of the 1,000 organizations whose GitHub accounts were analyzed by a researcher, more than one in five – 212 – contained at least one dependency confusion-related misconfiguration in their codebase.
Pulse Secure issued a workaround for a critical RCE vulnerability in its Pulse Connect Secure VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges.
Decade-old botnets continue to adapt to the current threat landscape, as seen in the case of wide-ranging malicious activities of the resilient Phorpiex botnet. Though, for many years, the Phopiex botnet has had the same internal infrastructure with C2 mechanisms and source code.
The group uses a combination of its own custom toolsets and readily available offensive security software to deploy either a destructive wiper or a custom wiper-turned-ransomware variant.
Microsoft is warning against a malware campaign by STRRAT, a RAT first spotted in June 2020. It camouflages as ransomware and supports various features such as logging keystrokes, collecting browser passwords, and running remote commands and PowerShell. Organizations should stay alert and offer training to their employees to spot phishing emails.
Does the CodeCov supply chain attack has echoes of SolarWinds? More victims surface with time in yet another months-long ripple effect of a supply chain attack. Users of Codecov are suggested to perform a thorough scan of their CI-CD pipelines and change their secret keys and passwords.
The potentially exposed information includes names, dates of birth, postal addresses, telephone numbers, and email addresses, SSNs, driver’s license, passport, and tribal ID numbers.
The Series C round was led by March Capital. Existing investors Accel, Balderton Capital, Latitude, and Sequoia Capital also participated, along with new investor Schroder Adveq.
Victim losses from healthcare-related eCrime in the U.S. rose by 2,473 percent during 2020 as the COVID-19 pandemic swept through the nation and world, CrowdStrike reveals.
Most of the compromised nodes were from China and the United States — identified in the ISP list, which had Chinese and US-based providers as the highest hits, including some CSPs.
In the first quarter of 2021, the number of DDoS attacks dropped by 29% compared to the same period in 2020, but increased by 47% compared to the fourth quarter in 2020, says a Kaspersky report.
Japanese dating app operator Net Marketing Co. said Friday personal data of 1.71 million users, including names and face photos, was likely leaked due to unauthorized access to its server.
Insecure data storage is the most common security flaw in Android apps. Recently, security analysts listed down 23 Android applications leaking personal data of over 100 million users due to misconfigurations in third-party cloud services.
The QImageReader class can read out-of-bounds when converting a specially-crafted TIFF file into a QImage, where the TIFF tile length is inconsistent with the tile size. This could potentially allow an attacker to determine values in memory based of the QImage pixels, if QT is used to process untrusted images.
Red Hat Security Advisory 2021-2104-01.tt - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, and information leakage vulnerabilities.
WordPress Cookie Law Bar plugin version 1.2.1 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2021-2099-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Gadget Works Online Ordering System version 1.0 suffers from a persistent cross site scripting vulnerability.
Adversaries could exploit newly discovered security weaknesses in Bluetooth Core and Mesh Profile Specifications to masquerade as legitimate devices and carry out man-in-the-middle (MitM) attacks. "Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during
Apple on Monday rolled out security updates for iOS, macOS, tvOS, watchOS, and Safari web browser to fix multiple vulnerabilities, including an actively exploited zero-day flaw in macOS Big Sur and expand patches for two previously disclosed zero-day flaws. Tracked as CVE-2021-30713, the zero-day concerns a permissions issue in Apple's Transparency, Consent, and Control (TCC) framework in macOS
Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges. "Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user,"
Apple Mac users are being advised to update their operating system as a matter of priority, after malicious hackers have discovered a way of bypassing privacy protections. Read more in my article on the Hot for Security blog.
