A software package available in the official NPM repository turned out to be a front for a program aimed at stealing stored credentials from the Chrome web browser, according to The Hacker News. After being reported yesterday, the malicious package was removed from the repository. The malicious package is called show more ...
An emergency conference on cyber security was organized by French President Emmanuel Macron on Thursday to review the need for further government action in the area of cybersecurity strategies. This occurs in the wake of reports that spyware was planted on his cell phone and that government employees were also show more ...
Joseph O'Connor, a British citizen aged 22, was arrested on a US warrant in Estepona, Spain, for his alleged involvement in the Twitter hack in July 2020. According to The Hacker News, after the massive social media platform hack, 130 accounts of businesses, politicians, and celebrities were compromised. The show more ...
President Joe Biden and senior officials of the state will meet with business sector leaders on Aug. 25 to discuss ways to improve cybersecurity, says Reuters. At this time, it is not yet known which CEOs from the business sector will attend the event. According to a spokesperson for the White House National show more ...
With Ahmed on vacation, the Kaspersky Transatlantic Cable podcast returns this week to its original lineup. Dave and I kick off this week’s episode with a look at the latest from REvil and its victims. (Spoiler alert: Despite the quiet, things are not great.) From there, we head to Southeast Asia, where show more ...
Senate Homeland Security and Governmental Affairs Committee announced the launch of a bipartisan investigation into the recent string of debilitating ransomware attacks against U.S. companies.
Over 60% of Android apps contain security vulnerabilities, with the average number of bugs per-app totaling a whopping 39 vulnerabilities, according to data based on a report by CyRC.
Oracle on Tuesday announced the availability of a total of 342 new security patches as part of its July 2021 Critical Patch Update (CPU), with more than half of the flaws allowing remote attacks.
The US House of Representatives on Tuesday approved five bipartisan measures designed to enhance various aspects of the nation’s cybersecurity following recent major cyberattacks.
Apple's iPhones are a lot less secure than Apple says, according to a new report. "Apple has a major blinking red five-alarm-fire problem with iMessage security," one cybersecurity researcher said.
The attempted resolution of the flaw (CVE-2021-22898) failed to address an almost identical bug in the software which also presented an information disclosure or potential data leak vulnerability.
Since at least June 2020, Pulse Secure devices at U.S. government agencies, critical infrastructure entities, and private sector organizations have been the target of attacks from threat actors.
Analysis by Secureworks CTU researchers suggests that an Iranian threat group, possibly Oilrig, was responsible for the activity that started with the compromise of the Exchange Servers.
The vulnerability tracked as CVE-2020-36239 can give remote attackers arbitrary code execution abilities, due to a missing authentication flaw in Jira's implementation of Ehcache.
Organizations should take aggressive steps to implement prescriptive ransomware advice as well as take a look at additional ransomware resources to limit the blast radius of an attack.
First spotted in the wild in 2007, the earliest known version of the ZeuS Trojan was caught stealing sensitive information from systems owned by the United States Department of Transformation.
A report earlier this year revealed that 2020 marked a record-breaking year for cyberattacks against schools. The trend, however, continues this year; a barrage of attacks has already targeted several K-12 schools.
The flaw, which is rated 9.8 out of a maximum of 10 on the CVSS severity scale, affects WebLogic Server versions 11.1.2.4 and 11.2.5.0 and exists within the Oracle Hyperion Infrastructure Technology.
Link shortener services were seen pushing “calendar” files to iOS devices and distributing Android malware. One such malware named Android/FakeAdBlocker also executes additional payloads.
The threat actor with the alias “bl4ckt0r” published the TicketClub Italy database with over 340,957 users for sale and released several meaningful data dumps which may confirm the breach.
Zscaler analyzed 575 million device transactions, along with 300,000 IoT-specific malware attack attempts. This revealed that IoT malware has witnessed a rise of 700% as compared to pre-pandemic numbers.
Zscaler’s ThreatLabZ research team recently observed a new Joker malware variant that was distributed via 11 different apps on Google Play Store.
The news came one day after the FBI released a private industry alert urging organizations working with the Tokyo 2020 Summer Olympics to prepare for a wave of cyberattacks.
For some patients, a Social Security number was also included, the healthcare provider said in a statement. Financial account, insurance, and payment card information was not involved, it added.
The leaked information includes patients’ names, IDs, email addresses, password hashes, Medicare Advantage Plan listings, medical treatment data, and more. The data dates back to 2019.
The August meeting comes as the White House is scrambling to help companies protect against ransomware attacks from Russia-based criminal syndicates and as the administration also confronts an aggressive cybersecurity threat from China.
Transnet, which operates major South African ports, and a huge railway network that transports minerals and other commodities for export, confirmed its IT applications were experiencing disruptions and it was identifying the cause.
A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts.
Group-IB’s Amsterdam-based team has identified the individuals behind the Dutch-speaking syndicate that develops, sells and rents sophisticated phishing frameworks and shared their findings with the authorities.
Google Cloud this week announced a new set of services aimed at help federal, state, and local government organizations in the United States to implement Zero Trust architecture.
A systems management and monitoring application, Dell OpenManage Enterprise provides administrators with a comprehensive view of Dell EMC servers, network switches, and storage in their environment.
Microsoft has released a workaround for a privilege elevation flaw that affects all versions of Windows 10 and could give attackers the ability to access data and create new accounts on systems.
Leading US insurance company CNA Financial has provided a glimpse into how Phoenix CryptoLocker operators breached its network, stole data, and deployed ransomware payloads in a ransomware attack that hit its network in March 2021.
An APT actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal, indicating an upgraded arsenal designed to compromise victims.
An investigation by Sophos researchers found that more than half of network traffic generated by malware uses TLS encryption, and 20 percent of that involved communication with legit online services.
A Japanese security firm said it discovered an Olympics-themed malware sample that contains functionality to wipe files on infected systems and appears to be targeted at Japanese PCs.
A study from computer scientists at Columbia Engineering reveals a way to encrypt personal images on popular cloud photo services without requiring any changes to – or trust in – those services.
Trend Micro researchers recently found the mechanism used to steal the data, and learned that it contains valuable and sensitive information that can be used for various purposes.
A new report suggests the scale of the surveillance problem is far greater than feared—and has placed added pressure on mobile tech makers, particularly Apple, from security researchers seeking remedies.
More than 700 organizations were attacked with ransomware and had their data posted to data leak sites in Q2 of 2021, according to a new research report from cybersecurity firm Digital Shadows.
Gartner reckons that hackers will have turned computer systems into weapons to the point that they could injure or kill humans by 2025, and it will cost businesses $50 billion to remediate across IT systems, litigation, and compensation.
Multiple threat actors originating from China are targeting multiple entities and businesses including government, education, politics, military, financial, and critical infrastructure firms to pilfer sensitive data. Despite repeated accusations, the frequency and aggression of these attacks have increased greatly.
Bitdefender took the wraps off of an ongoing worldwide attack campaign involving MosaicLoader malware packaged within pirated software and advertised via search engine results. One of the most recommended ways to avoid such threats being downloaded on your systems is to refrain from downloading cracked software.
Red Hat Security Advisory 2021-2866-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource show more ...
Red Hat Security Advisory 2021-2865-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2021-2736-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only show more ...
Red Hat Security Advisory 2021-2779-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, show more ...
Red Hat Security Advisory 2021-2780-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug show more ...
Red Hat Security Advisory 2021-2777-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and show more ...
Red Hat Security Advisory 2021-2778-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug show more ...
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
Gentoo Linux Security Advisory 202107-50 - A vulnerability in Singularity could result in remote code execution. Versions less than 3.7.4 are affected.
Gentoo Linux Security Advisory 202107-49 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 91.0.4472.164 are affected.
Oracle on Tuesday released its quarterly Critical Patch Update for July 2021 with 342 fixes spanning across multiple products, some of which could be exploited by a remote attacker to take control of an affected system. Chief among them is CVE-2019-2729, a critical deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services that's remotely exploitable without
A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts. Joseph O'Connor, 22, has been charged with intentionally accessing a computer without authorization and obtaining information from a protected computer, as well as for making extortive communications. The Spanish
An advanced persistent threat (APT) actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal, indicating an upgraded arsenal designed to compromise victims. "To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks," Trend Micro researchers Zhengyu
Organizations today must give attention to their cybersecurity posture, including policies, procedures, and technical solutions for cybersecurity challenges. This often results in a greater burden on the IT service desk staff as end-users encounter issues related to security software, policies, and password restrictions. One of the most common areas where security may cause challenges for
Spy software known as Pegasus has been used to carry out surveillance on the smartphones of journalists, activists, and political leaders. Can a “Freedom Phone” be trusted? And a ransomware-hit law firm demonstrates how not to keep its customers informed. All this and much more is discussed in the latest show more ...
Police in Spain have arrested a British man in connection with what many consider the worst hack in Twitter's history. Read more in my article on the Tripwire State of Security blog.
17 domains used in Business Email Compromise (BEC) scams have been seized by Microsoft's Digital Crimes Unit (DCU), following an investigation by the software giant into attacks that could have stolen millions of dollars from innocent firms. Read more in my article on the Hot for Security blog.
