Last year, there were 65,000 ransomware attacks in the United States or more than seven per hour. And it is only going to get worse, according to NPR. What was once considered a nuisance is quickly becoming a national security concern as cybercriminals attack critical components of the nation's infrastructure. show more ...
As part of an international law enforcement investigation, the U.S. Department of Justice (DoJ) announced Thursday that it has disrupted and shut down the infrastructure of the stolen credentials marketplace known as Slilpp, according to The Hacker News. More than a dozen people have been charged or arrested in show more ...
Exec Survey and iGov Survey conducted a study highlighting how more than 200 individual companies are enabling seamless business continuity in the United Kingdom amidst rapid societal change. The survey also analyzed common security challenges today, and what policies and procedures are to be prioritize in the next 6 show more ...
Cybersecurity experts revealed a new cyber espionage cell responsible for a series of targeted operations against diplomatic facilities and telecommunications companies in Africa and the Middle East since at least 2017. The campaign, dubbed BackdoorDiplomacy, involves targeting vulnerabilities in devices exposed to show more ...
Hackers claiming to be from Iran attacked the websites of Sierra Leone Commercial African Bank and the United States Federal Depository Library Program and posted pro-Iranian comments and graphics, says Iran Briefing. Google search results showed Sierra Leone Commercial Bank's website as "H4ck3D IRANIAN show more ...
Multiple significant security weaknesses have been discovered in Samsung's pre-installed Android apps. Recently disclosed flaws might have given cybercriminals access to personal data without the users' knowledge and allowed them to take control of the devices, according to The Hacker News. Sergey Toshin, show more ...
Edward Don, a food delivery company, was hit by a ransomware attack that forced the company to lock down part of its network to prevent the infection from spreading, according to Bleeping Computer. Edward Don is a major distributor of foodservice equipment and supplies, including kitchen accessories, bar supplies, show more ...
The hackers claimed to have obtained source code for games such as FIFA 21 as well as the proprietary Frostbite game engine. Frostbite engine serves as the basis for many high-profile titles, says BBC. Vice was the first news site to report on the hack, saying that around 780 GB of data has been stolen. According show more ...
According to two people familiar with the matter, Cox Media Group's television and radio stations in the US were the targets of a cyberattack last week, with some stations still suffering the consequences, says CNN. The sources did not specify whether it was a ransomware attack or another type of cyberattack, show more ...
In almost every post about Android, we recommend installing apps from official sources only, and that won’t change anytime soon. A recent example illustrates why: Scammers were spreading a banking Trojan disguised as popular media players, a fitness app, a book reader, and one that hit close to home, Kaspersky show more ...
The Australian government has flagged its intention to mandate the Essential Eight mitigation strategies, despite many entities not fully wrapping their heads around the Top Four.
From Samsung alone, a researcher collected close to $30,000 since the start of the year, for disclosing 14 issues. The other three vulnerabilities are currently waiting to be patched.
The decree, seen by Reuters, unifies under the prime minister’s authority many aspects of digital security which are currently dispersed among several ministers and state bodies.
A hacker group going by the name of "Dark Leak Market" had claimed that they have a database of about 150 million Indians who registered themselves on the CoWIN portal and are reselling it.
Foodservice equipment supplier Edward Don has suffered a ransomware attack that has caused the company to shut down portions of the network to prevent the attack's spread.
The Quantum Key Distribution (QKD) technology deployed in this demonstration harnesses the properties of quantum physics to facilitate guaranteed secure distribution of cryptographic keys.
The malicious link was shared through WhatsApp, SMS, and email on June 9. Some officials even received phone calls where the caller said he was calling from an Army Hospital.
Cisco’s Smart Install protocol is still being abused in attacks — five years since it issued its first warning — and there are still 18,000 internet-exposed devices that could be targeted by hackers.
The executive order for bolstering cybersecurity of the federal government contains provisions for enhancing supply chain security akin to FDA efforts to improve the cybersecurity of medical devices.
The new cyberespionage group has been behind a series of targeted attacks against diplomatic entities and telecommunication companies in Africa and the Middle East since at least 2017.
Google has rolled out an update for its Chrome web browser to fix a bunch of security flaws, including a zero-day vulnerability that is known to be actively exploited by threat actors.
Lawmakers in the US state of Texas have passed a bill requiring notices to be published online of any data breaches involving the personal information of 250 or more Lone Star State residents.
Security flaws in the desktop conferencing IoT gadget can allow remote attackers to install all kinds of malware and move laterally to other parts of enterprise networks.
The US Justice Department partnered with international law enforcement to take down an online marketplace offering stolen login credentials for various accounts including bank and online payment.
Since the start of the pandemic, employees have been engaging in poor cybersecurity practices on work devices, with business owners and C-level executives also failing to maintain cyber hygiene.
A cybercriminal group with a rotating list of names has resurfaced with a new email attack campaign threatening to launch a DDoS attack against target organizations that refuse to pay a ransom.
According to Group-IB, fraud accounts for 73% of all online attacks. 56% are scams that result in the victims disclosing sensitive data and 17% are phishing attacks involving theft of payment details.
Electronic Arts, the maker of popular video games including FIFA, Madden, Sims, and others, said Thursday that it was investigating an intrusion that led to the leak of game source code and tools.
Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions.
Hackers claiming to be from Iran attacked the websites of Sierra Leone Commercial African Bank and the United States Federal Depository Library Program and posted pro-Iranian comments and graphics.
Hackers stole data, including customer emails, phone numbers, and addresses, from McDonald’s computer systems in the U.S., South Korea, and Taiwan, according to the Wall Street Journal.
Internal company data leaked during a February security breach is now being circulated on the internet, Polish video games maker CD Projekt said in a statement published on Thursday.
Proofpoint reported about a new DDoS extortion activity by a threat actor group called Fancy Lazarus. It was observed extorting funds from various organizations operating in the energy, financial, and manufacturing sectors, among others.
Experts took the wraps off of activities of Gelsemium APT, which uses state-of-the-art supply chain attack techniques against targets, including electronics manufacturers, in East Asia and the Middle East. Its attack strategy indicates that the group is predetermined about its targets and could be a potential threat for the organizations on its radar.
The DOJ has seized approximately $2.3 million ransom amount in BTC paid to DarkSide by Colonial Pipeline last month. The FBI used a bitcoin private key to prevent the transaction.
The REvil ransomware gang recently attacked JBS, the world’s largest meat processing company. The attack forced the company to shut down its Australian and North American IT systems.
tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump.
NetSetManPro version 4.7.2 suffers from a privilege escalation vulnerability.
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the show more ...
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant show more ...
Accela Civic Platform version 21.1 suffers from a cross site scripting vulnerability.
Backdoor.Win32.Zombam.gen malware suffers from a buffer overflow vulnerability.
WordPress Database Backups plugin version 1.2.2.6 suffers from a cross site request forgery vulnerability in the databased backup download functionality.
Ubuntu Security Notice 4987-1 - It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code.
Grocery Crud version 1.6.4 suffers from a remote SQL injection vulnerability.
Ubuntu Security Notice 4986-3 - USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem. It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause show more ...
OpenEMR version 5.0.0 authenticated remote shell upload exploit.
Backdoor.Win32.Zombam.gen malware suffers from a code execution vulnerability.
Backdoor.Win32.Zombam.gen malware suffers from a cross site scripting vulnerability.
WoWonder Social Network Platform version 3.1 suffers from an authentication bypass vulnerability.
Zenario CMS version 8.8.52729 suffers from authenticated blind and error-based remote SQL injection vulnerabilities.
Red Hat Security Advisory 2021-2380-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Cerberus FTP Web Service version 11 suffers from a persistent cross site scripting vulnerability.
Microsoft SharePoint Server version 16.0.10372.20060 suffers from a GetXmlDataFromDataSource server-side request forgery vulnerability.
Ability FTP server version 2.34 APPE denial of service exploit.
Solar-Log 500 version 2.8.2 suffers from password disclosure vulnerabilities.
Solar-Log 500 version 2.8.2 suffers from an incorrect access control vulnerability.
The U.S. Department of Justice (DoJ) Thursday said it disrupted and took down the infrastructure of an underground marketplace known as "Slilpp" that specialized in trading stolen login credentials as part of an international law enforcement operation. Over a dozen individuals have been charged or arrested in connection with the illegal marketplace. The cyber crackdown, which involved the joint
Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices. "The impact of these bugs could have allowed an attacker to access and edit the victim's contacts, calls, SMS/MMS, install arbitrary apps with device
Organizations' cybersecurity capabilities have improved over the past decade, mostly out of necessity. As their defenses get better, so do the methods, tactics, and techniques malicious actors devise to penetrate their environments. Instead of the standard virus or trojan, attackers today will deploy a variety of tools and methods to infiltrate an organization’s environment and attack it from
A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a malicious unprivileged local attacker to bypass authorization and escalate permissions to the root user. Tracked as CVE-2021-3560 (CVSS score: 7.8), the flaw affects polkit versions between 0.113 and 0.118 and was discovered by GitHub security researcher Kevin Backhouse, who said
Cybersecurity researchers on Thursday took the wraps off a new cyberespionage group that has been behind a series of targeted attacks against diplomatic entities and telecommunication companies in Africa and the Middle East since at least 2017. Dubbed "BackdoorDiplomacy," the campaign involves targeting weak points in internet-exposed devices such as web servers to perform a panoply of cyber
Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. "FLoC is premised on a compelling idea: enable ad targeting without exposing users to risk," said Eric Rescorla, author of TLS standard
Criminals are caught in a encrypted chat trap, should you trust Apple’s repair team with your sexy snaps, and do you think the FBI should be able to tell who has been reading the USA Today website? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” show more ...
