Following the data breach, Wegmans announces in a press release that two of its internal databases were open to outside access due to an undetected configuration issue, according to Security Magazine. The incident was first reported around April 19, 2021 by an outside security researcher. The leaked data includes show more ...
Medicaid's Ohio Department warned that an unknown individual accessed data in Maximus' care without authorization for two days in May. The organization apparently suffered a security incident that may have led to the theft of personal information, according to Info Security Magazine. Counting about 30,000 show more ...
New vulnerabilities have been found in NVIDIA's Jetson SoC framework that affects millions of graphics cards. These vulnerabilities may allow hackers to perform denial-of-service attacks and data theft, according to Threat Post. The chipmaker is patching 9 high-level vulnerabilities related to the manufacturing show more ...
The hackers behind Ragnar Locker managed to steal more than 1.5TB from ADATA and published more than 700GB of it online. The data was uploaded in the form of 13 password-protected archives, says Security Affairs. The cybercriminal gang says the 1.5TB stolen data contains sensitive information such as confidentiality show more ...
Getting pop-up notifications with important news or alerts may be convenient, but it can also be a nuisance when you’re trying to concentrate on your work or watch a movie. Over time, a lot of Windows 10 users develop an aversion to the bottom right corner of their computer screen, where something is always show more ...
Since its inception in August 2020, the DarkSide ransomware gang and its affiliates had launched a global crime spree affecting organizations in over 15 countries and different industry verticals. Recently, FireEye researchers revealed that UNC2465, one of the affiliates of the DarkSide ransomware group has shifted its focus to software supply attacks.
The Agent Tesla remote access trojan (RAT) is scurrying around the internet again, this time arriving via a phishing campaign that uses a COVID-19 vaccination schedule as a lure.
While investigating MobileInter, RiskIQ researchers identified several websites, services, and social media accounts connected to an authentication activity known as bit2check, a part of the card-skimming network.
The European Commission will present its plan on Wednesday to set up the "Joint Cyber Unit," which would allow national capitals hit by cyberattacks to ask for help from other countries and the EU.
On Saturday, the ransomware actor published on their leak site the download links to a new set of ADATA corporate documents, warning interested parties that the links would not survive for long.
NVIDIA has released updates to fix a total of 26 flaws impacting its Jetson SOM series that could be abused to escalate privileges and even lead to denial-of-service and information disclosure.
The SolarWinds hack, one of the largest cybersecurity incidents in U.S. history, may have been deterred or minimized if basic security measures had been put in place, a CISA official acknowledged.
The endpoint security solution provider SentinelOne has filed a registration statement on Form S-1 with the U.S. SEC to offer 32,000,000 shares of its Class A common stock to the public.
Discovered by Jun Kokatsu, the bug allowed crafty attackers to bypass Content Security Policy (CSP), an HTTP header that restricts external resources loaded and run on the web page.
A Senate bill, the International Cybercrime Prevention Act, would increase the criminal penalties for attackers who target U.S. critical infrastructure, such as power plants and hospitals.
The Tor Project has released Tor Browser 10.0.18 to fix numerous bugs, including a vulnerability that allows sites to track users by fingerprinting the applications installed on their devices.
The Indian government has set up the Citizen Financial Cyber Fraud Reporting and Management System to report, track - and ultimately freeze - the proceeds of cyberattack-induced financial theft.
Google Chrome for iOS now includes an additional experimental privacy feature that allows users to lock Incognito mode behind their iPhone's Face ID authentication feature.
App developers have been urged not to load code dynamically because of the heightened risk of code execution vulnerabilities. Recently, one such intent redirection flaw was fixed in the Google app.
Ping Identity on Monday announced it's acquired SecuredTouch, a fraud and bot detection firm based in Tel Aviv. The financial terms of the acquisition deal were not disclosed.
The current data shows there are 130 health systems actively exposing 8.5 million case studies. The data represents more than 2 million patients, with around 275 million images related to their exams.
When attackers gain access, they most often install cryptominer software or attempt to escape the container and compromise the host system, says Assaf Morag, lead data analyst at Aqua Security.
The information exposed in the incident included names, dates of birth, and Social Security numbers belonging to the state's Medicaid providers. Maximus said the breached data could have been stolen.
According to a new study, it takes five hours on average for the adversaries’ bots to scan a new honeypot. The fastest scan occurred after a few minutes, while the longest gap was 24 hours.
The Asia Pacific Network Information Centre (APNIC) has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, unsecured for three months.
The mitigations applied to prevent Spectre vulnerability exploits from computers hinder performance enough that disabling protection for the sake of speed may be preferable for some.
All malicious packages were published by the same account and tricked developers into downloading them thousands of times by using misspelled names of legitimate Python projects.
Most developers never update third-party libraries after including them in their software, a new report from Veracode reveals. 79% of libraries are never updated after being included in software.
While officials only described the incident as a “computer attack,” two Belgian radio and TV stations reported that the cyberattack was the work of the Ryuk ransomware gang.
Pondurance, a Managed Detection and Response (MDR) service provider, today announced the acquisition of Rockwall, Texas-based advisory and assessment services provider Bearing Cybersecurity.
While investigating samples of NukeSped, a remote access trojan (RAT), Trend Micro came across several Bundlore adware samples using the same fileless routine that was spotted in NukeSped.
Transmit Security said it has a pre-money valuation of $2.2 billion, and will use the new funds to expand its reach and investing in key global areas to grow the organization.
The US Securities and Exchange Commission (SEC) has reportedly opened a probe into whether some companies that were affected by the SolarWinds breach failed to disclose that fact.
Cofense has observed an Office 365 credential phishing campaign, masquerading as an Outlook Security update email from the IT Security department to lure employees to open a “New Policy” PDF.
Experts uncovered an attack campaign that targets users of pirated software. The Vigilante malware blocks users' access to websites hosting pirated software. Users are requested to stay protected by avoiding the download of pirated software or clicking on links from unknown users.
DarkRadiation ransomware has started targeting Linux and Docker containers. It relies on messaging service Telegram for C2C communications. Experts suggest attackers are probably trying to use low-profile tools to stay hidden from security agencies.
Nuclear energy and arms-related organizations are under attack from several other APT groups across the globe. A North Korean APT group recently breached the internal network of the Korea Atomic Energy Research Institute (KAERI), South Korea through a vulnerability in a VPN server last month.
Cyberespionage campaigns spread across several years were linked to the Chinese military group PLA Unit 69010. Dubbed RedFoxtrot, the threat actor focused on gathering military intelligence from various countries. Learn how PLA-affiliated groups are operating and targeting victims.
Unlike the Windows version of the malware that targets any Windows endpoint, Darkside Linux version is mostly targeting ESXi servers and is believed to be deployed manually.
Maryland labor officials said Monday that they have found 508,000 “potentially fraudulent” unemployment claims in the past six weeks, the latest response from the Hogan administration.
Red Hat Security Advisory 2021-2523-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include integer overflow and use-after-free vulnerabilities.
Ubuntu Security Notice 4995-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the UI, bypass security show more ...
WordPress Admin Columns plugin versions below 5.5.2 Pro and 4.3.2 Pro suffers from a cross site scripting vulnerability.
Ubuntu Security Notice 4996-2 - USN-4996-1 fixed several vulnerabilities in OpenEXR. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker show more ...
Remote Mouse GUI version 3.008 suffers from a local privilege escalation vulnerability.
ASUS DisplayWidget Software version 3.4.0.036 suffers from an unquoted service path vulnerability.
Red Hat Security Advisory 2021-2522-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only show more ...
Responsive Tourism Website version 3.1 suffers from a remote code execution vulnerability.
Red Hat Security Advisory 2021-2519-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host show more ...
Phone Shop Sales Managements System version 1.0 suffers from an insecure direct object reference vulnerability.
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
Customer Relationship Management System version 1.0 suffers from a remote code execution vulnerability.
Fedora with Gnome has an issue where it is not using fscaps safely.
Ubuntu Security Notice 4996-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
Solaris SunSSH version 11.0 on x86 libpam remote root exploit.
Ubuntu Security Notice 4994-2 - USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Antonio Morales discovered that the Apache mod_auth_digest module incorrectly handled certain Digest nonces. A remote attacker could possibly use show more ...
Dlink DSL2750U suffers from a reboot command injection vulnerability.
Websvn version 2.6.0 suffers from a remote code execution vulnerability.
Wise Care 365 version 5.6.7.568 suffers from an unquoted service path vulnerability.
U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module (SOM) series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure. <!--adsense--> Tracked from CVE‑2021‑34372 through CVE‑2021‑34397, the flaws affect products Jetson TX1, TX2 series,
Cybersecurity researchers have disclosed a new ransomware strain called "DarkRadiation" that's implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control (C2) communications. "The ransomware is written in Bash script show more ...
Cybersecurity researchers have disclosed a critical unpatched vulnerability affecting Pling-based free and open-source software (FOSS) marketplaces for Linux platform that could be potentially abused to stage supply chain attacks and achieve remote code execution (RCE). "Linux marketplaces that are based on the Pling platform are vulnerable to a wormable [cross-site scripting] with potential for
Some sweltering residents of Texas are reporting that they are unable to lower the temperature on their Wi-Fi enabled “smart” thermostats after it was mysteriously raised, and they are struggling to understand why. Read more in my article on the Bitdefender BOX blog.
A bizarre bug has been discovered in iOS that can cause an iPhone to crash when it attempts to join a Wi-Fi network with a particular name. Read more in my article on the Hot for Security blog.
Preventing breaches begins with understanding and protecting your attack surface. For most enterprises, their attack surface is huge. To help wrangle it, security professionals have struggled for years to use tools such as network mapper (nmap) or vulnerability scanners to discover and test the security of show more ...
