Gettr, the new social media network was hacked not once, but twice. Apart from releasing customers' data online, hackers enjoyed themselves by flooding the platform with Sonic the Hedgehog-themed pornography and tampering with users' profiles, according to Threat Post. Gettr can be described as another show more ...
It seems that Biden Administration's foreign policy contains unachievable objectives, according Rebekah Koffler, a former Defense Intelligence Agency officer cited by Fox News. Biden's naive approach involves pleading with Russia's leader, Vladimir Putin, to cooperate in combating Russian cybercrime. By show more ...
Following the hack of 4 New Square Chambers, the company won a court order preventing the hackers from publishing stolen data from a prior cyberattack, according to The Register. The attack carried on June 12 is essentially a breach that stole private data from the company. As expected, the cybercriminals threatened show more ...
Here at Kaspersky, we’ve been using AI in our mobile security solution for some time now. At the recent Mobile World Congress in Barcelona, Viktor Chebyshev of our Global Research and Analysis Team (GReAT) talked about why — and what we’ve achieved with the technology. A brief history of mobile malware show more ...
Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “PrintNightmare,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, show more ...
The lawsuit was based on the 2018 British Airways data breach, where the credit card details of 380,000 people were stolen thanks to a Magecart infection on its payment processing pages.
In most cases, the REvil ransomware group utilizes Cobalt Strike BEACON and RDP with previously compromised credentials to laterally move throughout compromised environments.
The transaction values Zerto at just over twice the funding raised by it. Zerto will be placed into the HPE Storage business unit, reporting to Tom Black, Senior Vice President and General Manager.
Users' names, profile descriptions, usernames, along with other non-public information such as email address, birth year, and location information, were among the leaked data.
The latest zero-day entails an attack chain that allows an unauthenticated intruder to execute code as root and install a permanent backdoor on the vendor’s network-attached storage NAS devices.
A researcher at Positive Technologies has described the potential impact of a recently addressed command injection vulnerability affecting SonicWall’s Network Security Manager (NSM) product.
In the past few weeks, ransomware groups targeted at least three North American insurance brokerages that offer policies to help others survive the very kind of attacks they themselves suffered.
The U.S. Innovation and Competition Act, passed by the Senate in June, includes two cyber-related acts – the Cyber Response and Recovery Act and the Safeguarding American Innovation Act.
Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability — known as "PrintNightmare" — that affects the Windows Print Spooler service.
Threat actors are trying to exploit the Kaseya ransomware attack crisis by targeting potential victims in a spam campaign pushing Cobalt Strike payloads disguised as Kaseya VSA security updates.
Health care entities should review system inventories to find PACS and ensure all vulnerabilities are patched or protected from public access, according to a recent HHS alert.
The hacker group has been tied to Russia’s foreign intelligence service and has previously been accused of breaching the Democratic National Committee in 2016 and SolarWinds more recently.
An analysis of off-the-shelf packages hosted on the NuGet repository has revealed 51 unique software components to be vulnerable to actively exploited, high-severity vulnerabilities.
In a series of tweets from Malwarebytes, researchers have disclosed that a malspam campaign is taking advantage of the Kaseya ransomware attack to drop Cobalt Strike.
China has reportedly warned local companies it will tighten oversight of data security and overseas listings days after unveiling Didi has been subject to a government cybersecurity review.
Kaseya’s attempt to recover its SaaS services has suffered a setback. The recent breach has seen its VSA services offline since July 2nd and over 1,000 ransomware infections.
In its advisory, the healthcare provider said that the attackers made a copy of the datasets, which include patient names, dates of birth, SSNs, health insurance details, and medical record numbers.
Zimperium will continue to support current whiteCryption customers and will integrate whiteCryption’s solutions into Zimperium’s Mobile Application Protection Suite (MAPS).
The versioning system shows that the malware used by WildPressure is still under active development. Besides commercial VPS, this time the operators used compromised legitimate WordPress websites.
The big mistake made by KPM was using the current system time in seconds as the seed into a Mersenne Twister PRNG, meaning different instances will generate the same password at a given time.
The Daines/Whitehouse bill calls for DHS to perform a study on the viability of allowing private entities to take “proportional” actions against hackers under the oversight of a federal agency.
Cybersecurity researchers have spotted a new Mirai-inspired botnet, mirai_ptea, abusing an undisclosed vulnerability in KGUARD's Digital Video Recorders (DVR). Mirai’s source code was leaked several years ago, and since then multiple variants are still getting spotted on the threat landscape.
Cisco Talos said a recent surge in activity signals a boost in the APT's development of techniques, tactics, and tools, with multiple, new remote access trojans (RATs) and plugins now in play.
White House Press Secretary Jen Psaki added that the recent REvil ransomware attack on Florida-based IT company Kaseya is not yet attributed to anyone, specifically not to the Russian government.
In their investigation of the Charming Kitten group, IBM X-Force researchers investigated attackers' operational security errors to reveal the inner details of how they function and launch attacks.
A legal services firm, 4 New Square Chambers, hit by a ransomware attack has responded by getting a British High Court order demanding the criminals do not share stolen data.
Bogus cryptomining apps for Android available for download on Google Play are estimated to have scammed more than 93,400 victims to date, researchers said, stealing at least $350,000.
Given the mass migration to remote work, even more critical business data is being shared by email. Users receive hundreds of emails a day, and sifting through them is time-consuming and exhausting.
Ubuntu Security Notice 5006-1 - It was discovered that PHP incorrectly handled certain PHAR files. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was show more ...
Gentoo Linux Security Advisory 202107-10 - A bug in TCG TPM2 Software Stack may result in information disclosure to a local attacker. Versions less than 2.4.3 are affected.
Red Hat Security Advisory 2021-2666-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged show more ...
Okta Access Gateway version 2020.5.5 suffers from multiple authenticated remote root command injection vulnerabilities.
Red Hat Security Advisory 2021-2668-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Gentoo Linux Security Advisory 202107-13 - Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code. Versions less than 2.66.8 are affected.
WordPress Plainview Activity Monitor plugin version 20161228 authenticated remote code execution exploit.
Gentoo Linux Security Advisory 202107-12 - Multiple vulnerabilities have been found in Schism Tracker, the worst of which could result in denial of service. Versions less than 20190805 are affected.
Red Hat Security Advisory 2021-2465-01 - This release of Red Hat build of Eclipse Vert.x 4.1.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include a traversal vulnerability.
Red Hat Security Advisory 2021-2663-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
Ubuntu Security Notice 5007-1 - Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash.
Gentoo Linux Security Advisory 202107-11 - A vulnerability in OpenDoas could lead to privilege escalation. Versions less than 6.8.1 are affected.
Rocket.Chat 3.12.1 unauthenticated NoSQL injection to remote code execution exploit.
Red Hat Security Advisory 2021-2664-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
Gentoo Linux Security Advisory 202107-9 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 89.0 are affected.
Docker Dashboard suffers from a remote command execution vulnerability. The fix is added in commit 79cdc41.
Online Covid Vaccination Scheduler System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
Red Hat Security Advisory 2021-2658-01 - The linuxptp packages provide Precision Time Protocol implementation for Linux according to IEEE standard 1588 for Linux. The dual design goals are to provide a robust implementation of the standard and to use the most relevant and modern Application Programming Interfaces offered by the Linux kernel.
MikroTik RouterOS version 6.x suffers from having multiple null pointer dereference vulnerabilities and a reachable assertion failure.
Ubuntu Security Notice 5008-1 - Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. It was show more ...
Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability — known as "PrintNightmare" — that affects the Windows Print Spooler service and can permit remote threat actors to run arbitrary code and take over vulnerable systems. Tracked as CVE-2021-34527 (CVSS score: 8.8), the remote code execution flaw impacts all supported editions of Windows.
A malicious campaign that has set its sights on industrial-related entities in the Middle East since 2019 has resurfaced with an upgraded malware toolset to strike both Windows and macOS operating systems, symbolizing an expansion in both its targets and its strategy around distributing threats. Russian cybersecurity firm attributed the attacks to an advanced persistent threat (APT) it tracks as
An analysis of off-the-shelf packages hosted on the NuGet repository has revealed 51 unique software components to be vulnerable to actively exploited, high-severity vulnerabilities, once again underscoring the threat posed by third-party dependencies to the software development process. In light of the growing number of cyber incidents that target the software supply chain, there is an urgent
Security teams whose organizations are outside the Fortune 500 are faced with a dilemma. Most teams will have to choose between deploying either a network traffic analysis (NTA) or network detection and response (NDR) tool or an endpoint detection and response (EDR) tool to supplement their existing stacks. On the other hand, some organizations are getting the best of both options by switching
Many thanks to the great team at Recorded Future, who are sponsoring my website this week. Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the web. And now, with its FREE Cyber Daily email all IT security show more ...
While the world continues to wait for Kaseya to issue an update to patch VSA installations against a vulnerability exploited by the REvil ransomware gang, security researchers spotted a malware campaign which is taking advantage of the vacuum.
