WildPressure has added a new type of malware to its arsenal to carry out cyberattacks against organizations in the energy sector. The malware is distributed by threat actors via compromised WordPress websites, according to Threat Post. Yesterday, Kaspersky cybersecurity researchers revealed new details about the show more ...
The Atomic Energy Research Authority South Korea has been subjected to a 12-day cyberattack that is certain to originate from North Korea, according to KBS World. On Thursday, the National Intelligence Service (NIS) revealed the hacking incident during a hearing before a House Committee on National Security. show more ...
According to new research provided by Trustwave, the code that REvil's cybercriminals used to launch a recent large-scale ransomware campaign was written in such a way that it avoids machines whose primary language is Russian or a related language, says NBC News. Ziv Mador, the vice president of security show more ...
Liad Mordekovitz and Ophir Harpaz uncovered a cyberattack that targeted several organizations and compromised servers to mine crypto or get data, says Israel Hayom. Approximately 2,000 companies were attacked and had their servers as a launching pad to carry out attacks on more organizations. Since the attacks were show more ...
In response to a data breach that exposed the personal information of more than 420,000 customers, British Airways (BA) has reached an out-of-court settlement with victims, according to IT Pro. The agreement with PGMBM, the company that had led the mediation between British Airways and the victims calls for the show more ...
This week on the podcast, Jeff’s on vacation, so Ahmed and I tackle some thorny cybersec issues on our own. We start with news that EA’s billion dollar franchise, Apex Legends, faced hacking concerns from gamers about the state of TitanFall, Respawn’s first foray into the FPS genre. From there, we show more ...
By the end of June, security researchers were actively discussing a vulnerability in the Windows Print Spooler service, which they dubbed PrintNightmare. The patch, released on June’s patch Tuesday, was supposed to fix the vulnerability, and it did — but as it happens, the issue involved two. The patch closed show more ...
Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears show more ...
Admins of on-premises Sage X3 ERP deployments should check they're not exposing the enterprise resource planning suite to the public internet in case they fall victim to a new vulnerability.
Payment operators are planning to set up a countrywide negative database that can be used across payments platforms and will serve as a repository of all fraudsters, types of frauds and fraud heat map across India.
The Babuk ransomware gang appears to be back in action after a hiatus as it was found targeting and encrypting multiple corporate networks. It indicates that businesses are still facing enormous threats from the gang and they must keep holding their protective shields tight.
Acquired for an unknown sum, the acquisition will see Sophos integrate Capsule8 technology, which is aimed at Linux cybersecurity, to its Adaptive Cybersecurity Ecosystem.
Researchers are urging everyone to patch multiple critical and high-severity vulnerabilities found in Windows Print Spooler, QNAP devices, and other systems.
Cybersecurity researchers on Thursday took the wraps off a new, ongoing espionage campaign targeting corporate networks in Spanish-speaking countries, specifically Venezuela, to spy on its victims.
The research wing of New Delhi-based think tank CyberPeace Foundation, along with Autobot Infosec Pvt Ltd, studied two such incidents on the name of SBI that were faced by some smartphone users.
The Security Legislation Amendment (Critical Infrastructure) Bill 2020 would allow government to provide "assistance" to entities in response to significant cyberattacks on Australian systems.
As per a 1Password survey, 64% of participants admitted that they reused corporate secrets between projects, while 36% are willing to share secrets over insecure channels for better speed and productivity.
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability, the fix for the remote code execution exploit in the Windows Print Spooler service can still be bypassed.
Anne Neuberger, the deputy National Security Advisor for Cyber and Emerging Technology, spoke to a bipartisan group of mayors virtually during a US Conference of Mayors event this week.
One tactic that some Magecart actors employ is the dumping of swiped credit card details into image files on the server to avoid raising suspicion which can be later downloaded using a GET request.
Most targeted industries are financial services and ecommerce, with consumers stating that of all scam messages they receive, 59% impersonate their bank or a retailer (36%), Callsign reported.
NanoLock Security has secured an $11 million Series B round from new investors OurCrowd, HIVE2040 (by Avnon Group), and Atlantica Group as well as current investors AWZ Ventures.
The most severe vulnerabilities affect the System component and could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
Researchers from Cisco Talos recently discovered multiple vulnerabilities in IOBit Advanced SystemCare Ultimate. These vulnerabilities all exist in a monitoring driver in the software.
As the U.S. looks at its vulnerable industries, the responsibility is falling on businesses to ensure that they are keeping the organization and employees safe and secure.
The office in charge of the U.S. military’s 3D printing left designs for defense technology vulnerable to theft by hackers and adversaries, according to a DODIG report made public on Wednesday.
The REvil gang used a level of planning and sophistication closer to high-level, government-backed hackers, rather than a mere criminal operation, several cybersecurity experts say.
The Dutch Institute for Vulnerability Disclosure (DIVD) said in blog posts this week that it had discovered seven vulnerabilities in Kaseya's system in April and confidentially informed the company.
Phishing scammers posing as customers are contacting live-chat support agents with phony issues or problems and tricking them into opening up malicious documents, according to security experts.
Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third-party vendor.
Consumers around the world fear that businesses are now compromising online security in their efforts to deliver seamless digital experiences, according to research by Trulioo.
Four of the flaws have been given a Common Vulnerability Scoring System (CVSS) base score of 9.8, spotlighting the critical need to urgently apply the provided patch or workarounds.
Gentoo Linux Security Advisory 202107-19 - An inefficient regular expression could be exploited to cause a Denial of Service condition. Versions less than 2.11.3 are affected.
Wyomind Help Desk version 1.3.6 suffers from remote shell upload, cross site scripting, and directory traversal vulnerabilities.
Gentoo Linux Security Advisory 202107-18 - A buffer overflow in BladeEnc might allow arbitrary code execution. Versions less than 0.94.2-r1 are affected.
ASProtect embeds a runtime DLL that is susceptible to memory corruption. Crash testcase provided.
Gentoo Linux Security Advisory 202107-17 - A file named by an attacker being utilized by Mechanize could result in arbitrary code execution. Versions less than 2.7.7 are affected.
Online Covid Vaccination Scheduler System version 1.0 suffers from a remote shell upload vulnerability.
Gentoo Linux Security Advisory 202107-16 - Multiple vulnerabilities have been found in Privoxy, the worst of which could result in Denial of Service. Versions less than 3.0.32 are affected.
102 bytes small Linux/x86 bindshell shellcode with dynamic port binding.
Gentoo Linux Security Advisory 202107-15 - A buffer overflow in blktrace might allow arbitrary code execution. Versions less than 1.2.0_p20210419122502 are affected.
Employee Record Management System version 1.2 suffers from a persistent cross site scripting vulnerability.
Gentoo Linux Security Advisory 202107-14 - rclone uses weak random number generation such that generated passwords can be easily cracked. Versions less than 1.53.3 are affected.
Ubuntu Security Notice 5008-2 - USN-5008-1 fixed a vulnerability in avahi. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. Various other issues were also addressed.
WordPress SP Project and Document Manager plugin version 4.21 suffers from a remote shell upload vulnerability.
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to run arbitrary code
Humans are an organization's strongest defence against evolving cyber threats, but security awareness training alone often isn't enough to transform user behaviour. In this guide, usecure looks at why Human Risk Management (HRM) is the new fix for building a security-savvy workforce. Don't be fooled... Businesses are investing more than ever into strengthening their employee security awareness
This week, PrintNightmare - Microsoft's Print Spooler vulnerability (CVE-2021-34527) was upgraded from a 'Low' criticality to a 'Critical' criticality. This is due to a Proof of Concept published on GitHub, which attackers could potentially leverage for gaining access to Domain Controllers. As we reported earlier, Microsoft already released a patch in June 2021, but it wasn't enough to stop
A cyber-espionage group has been observed increasingly targeting Indian government personnel as part of a broad campaign to infect victims with as many as four new custom remote access trojans (RATs), signaling a "boost in their development operations." Attributed to a group tracked as SideCopy, the intrusions culminate in the deployment of a variety of modular plugins, ranging from file
Four security vulnerabilities have been uncovered in the Sage X3 enterprise resource planning (ERP) product, two of which could be chained together as part of an attack sequence to enable adversaries to execute malicious commands and take control of vulnerable systems. These issues were discovered by researchers from Rapid7, who notified Sage Group of their findings on Feb. 3, 2021. The vendor
Cybersecurity researchers on Thursday took the wraps off a new, ongoing espionage campaign targeting corporate networks in Spanish-speaking countries, specifically Venezuela, to spy on its victims. Dubbed "Bandidos" by ESET owing to the use of an upgraded variant of Bandook malware, the primary targets of the threat actor are corporate networks in the South American country spanning across
A ransomware gang has exploited a security hole in software used by many businesses, and are demanding $70 million for a decryption tool. Plus we take a close look at TikTok, and a website which seems to have entirely ripped-off Twitter. All this and much more is discussed in the latest edition of the award-winning show more ...
Security researchers report that a notorious North Korean hacking group has been targeting engineers working in the defence industry. Read more in my article on the Tripwire State of Security blog.
Cybersecurity analysts are charting both a rise in ransomware incidents and in amounts cybercriminals are demanding from businesses to restore their data. That’s bad news in itself, but what’s often overlooked are the additional ways – beyond payments victims may or may not choose to make– victims pay for show more ...
