Attacks against container infrastructure have grown in both frequency and complexity over time, and this trend is expected to continue. When using vulnerability scanning apps, unsafe containers may be identified online in as little as a few hours, according to Cyware. Cyberattacks on companies' container show more ...
Russia filed fresh accusations against Facebook, Google, Telegram, and Twitter, claiming that they failed to delete unlawful material. The Kremlin argues that by controlling and limiting the influence of social media and technology giants, it can prevent foreign interference in internal affairs, according to Republic show more ...
Between tech support requesting access to your computer, concerned tax services specialists demanding payments, medical equipment suppliers “returning your call,” and many more — none legitimate — it’s a wonder anyone even answers their phone anymore. You’d be hard-pressed to find someone show more ...
Imagine waking up each morning knowing the identities of thousands of people who are about to be mugged for thousands of dollars each. You know exactly when and where each of those muggings will take place, and you’ve shared this information in advance with the authorities each day for a year with no outward show more ...
In this week’s episode of the podcast (#219) we speak with four cybersecurity professionals about what it means to be Queer in the industry: their various paths to the information security community, finding support among their peers and the work still left to do to make information security inclusive. All in honor show more ...
The proof-of-concept exploit code has been published online today for a vulnerability in the Windows Print Spooler service that can allow a total compromise of Windows systems.
The whole of nation approach to national security requires the involvement of C-suite executives along with information sharing to promote best practices in ransomware response.
The cybersecurity experts at Cyble along with 360 Core Security Lab have recently detected the PJobRAT spyware in dating and instant messaging apps stealing contacts, SMSes, and GPS data.
UofL Health, a healthcare system located in Kentucky is notifying more than 40,000 patients of an error that saw their personal health information (PHI) emailed to the wrong address.
The Hades ransomware group, which is involved in big game hunting against billion-dollar companies, has claimed to have hit at least seven victims since its discovery late last year.
The House Appropriations Committee included nearly $400 million more than last year for the Cybersecurity and Infrastructure Security Agency (CISA) in its budget proposal for the upcoming year.
Security researcher Imre Rad revealed that attackers can impersonate the metadata server from the targeted virtual machine's point of view to take over the virtual machine.
Officials from Cyberpion approached EA late last year to inform them of multiple domains that could be subject to takeovers as well as misconfigured and potentially unknown assets.
SafeDollar, an algorithmic stablecoin on the Polygon network, dropped in value to $0 after a cyberattack yesterday. The attack resulted in a loss of 202,230 USDC and 46,000 USDT.
Andrii Kolpakov, a Ukrainian national that was a supervisor of the FIN7 threat group, has been sentenced to seven years in prison. He was arrested in Spain in 2018 and extradited to the U.S. in 2019.
If left unpatched, the vulnerability allows attackers to bypass authentication and gain access to CRX Package Manager, leaving applications open to remote code execution (RCE) attacks.
The U.S. Government Accountability Office found areas where HHS could better coordinate its efforts to support department information sharing and overall health IT security.
The campaign was designed to deliver over 900 pieces of malware with highly dangerous capabilities, enabling the threat actor to conduct both digital and environmental monitoring of their victims.
The UN Security Council on Tuesday will hold its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' critical infrastructure.
The network intrusion was revealed by the technology outlet Version2, which obtained official documents from the Danish central bank through a freedom of information request.
The GAO is urging NASA's administrator to make multiple improvements to its cybersecurity and risk management policies to counter threats to it's network infrastructure and data, as per a new report.
UMC's found suspicious activity on its computer network in mid-June. UMC quickly restricted external access to servers and it continues to work with law enforcement to fully investigate the activity.
The Salvation Army in the UK was hit with ransomware. The organization refused to give any further information, such as the identity of the attackers, or the volume and type of data accessed by them.
The database includes full names, email addresses, workplace information, and other data available publicly on their LinkedIn profiles. The archive was posted on a hacker forum for anyone to access.
Anne Neuberger, the deputy national security advisor for cyber and emerging technology, said that the administration will soon formally attribute the exploitation of Exchange Server vulnerabilities.
Enterprise application programming security startup Noname Security today announced it has raised $60 million in new funding amid fast growth. Insight Partners led the Series B round.
The plugin in question is ProfilePress (formerly named WP User Avatar) which facilitates the uploading of WordPress user profile images. The plugin has a total of more than 40,000 installs.
India's Department of Military Affairs (DMA) is planning to send up to 100 personnel to the US to train in the latest cybersecurity technology and artificial intelligence (AI) for future warfare.
The builder for the Babuk Locker ransomware was leaked online. This could allow any cybercriminal group to create their custom ransomware variants. The leak of such advanced ransomware is a grave cause of concern for cybersecurity experts. Thus, it is best for organizations to proactively apply security measures to avoid such threats.
MalwareHunterTeam is alerting about the Linux version of the REvil ransomware that purportedly targets VMware ESXi servers. By targeting virtual machines, REvil can encrypt multiple servers with just a single command. Experts recommend installing VMware (ESXi) in high-security mode and implementing additional layers of security.
According to researchers, Epsilon Red operations are ongoing and more than 3,500 Microsoft Exchange servers are still vulnerable. Written in Go, the latest Epsilon Red strain launches mass server exploitation campaigns and tries to expose companies’ information for revenue. Therefore, for ample protection, adequate protection against ransomware attacks must include a defense-in-depth protection strategy.
Red Hat Security Advisory 2021-2575-01 - The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically show more ...
Red Hat Security Advisory 2021-2566-01 - The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
Red Hat Security Advisory 2021-2569-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.
A KVM guest on AMD can launch a L2 guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nested_svm_vmrun. Executing vmrun from the L2 guest, will then trigger a second call to nested_svm_vmrun and corrupt svm->nested.hsave with data copied out of the L2 vmcb. For kernel versions that show more ...
Red Hat Security Advisory 2021-2574-01 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Issues addressed include a bypass vulnerability.
Apache Superset version 1.1.0 suffers from a time-based account enumeration vulnerability.
Red Hat Security Advisory 2021-2570-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.
Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.
Red Hat Security Advisory 2021-2595-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a null pointer vulnerability.
Red Hat Security Advisory 2021-2588-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities.
Red Hat Security Advisory 2021-2587-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, and information leakage vulnerabilities.
Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2021-2591-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include a heap corruption vulnerability.
Red Hat Security Advisory 2021-2584-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability.
Red Hat Security Advisory 2021-2583-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
phpAbook version 0.9i suffers from a remote SQL injection vulnerability.
GitHub on Tuesday launched a technical preview of a new AI-powered pair programming tool that aims to help software developers write better code across a variety of programming languages, including Python, JavaScript, TypeScript, Ruby, and Go. Copilot, as the code synthesizer is called, has been developed in collaboration with OpenAI, and leverages Codex, a new AI system that's trained on
A coordinated international law enforcement operation resulted in the takedown of a VPN service called DoubleVPN for providing a safe haven for cybercriminals to cover their tracks. "On 29th of June 2021, law enforcement took down DoubleVPN," the agencies said in a seizure notice splashed on the now-defunct site. "Law enforcement gained access to the servers of DoubleVPN and seized personal
Organizations today already have an overwhelming number of dangers and threats to look out for, from spam to phishing attempts to new infiltration and ransomware tactics. There is no chance to rest, since attack groups are constantly looking for more effective means of infiltrating and infecting systems. Today, there are hundreds of groups devoted to infiltrating almost every industry,
A proof-of-concept (PoC) exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. Identified as CVE-2021-1675, the security issue could grant remote attackers full control of vulnerable systems. Print Spooler manages the printing process in Windows, including loading
Police in the UK are warning WhatsApp users of a surge they have seen in attempts made by fraudsters to steal accounts. Read more in my article on the Hot for Security blog.
In 2020, cyber criminals used cloud applications, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain. How do we prevent these criminals from injecting chaos into our show more ...
