Cybercriminals have managed to hack into an online platform used for buying and selling guns, creating a database of 111,000 entries, some of which containing information about the CRM used by gun shops across the UK, according to The Register. Guntrader is a platform very much like Gumtree where private individuals show more ...
Tokyo 2020 Olympic Games event volunteers and ticket holders' credentials were allegedly stolen after a data breach, according to a statement last week from a Japanese government official, says Computer Weekly. According to an official, who spoke on the condition of remaining anonymous, the stolen credentials were show more ...
The minister in charge of the New Zealand government's Office of Communications Security, Andrew Little, openly accused China of funding malicious cyber activities via a gang called APT40, according to Teiss. In a statement posted on the New Zealand government's official website, Little said the government show more ...
The software vendor Kaseya said on Thursday that it has obtained a universal decryptor for unlocking systems and helping clients to recover data, according to The Hacker News. This happened almost three weeks after the broad-based supply chain ransomware attack on the company. It is unclear at this time whether show more ...
Law enforcement officials in the Netherlands have arrested two suspects of a Dutch cybercriminal organization that engaged in developing, renting, and selling advanced phishing frameworks to other actors in a scheme known as fraud-as-a-service, according to The Hacker News. The attacks mainly targeted users in show more ...
As part of further tactic enhancements, a malware strain known to target macOS has been updated once again to include features that allow it to gather and exfiltrate sensitive information saved in different applications, including Telegram and Chrome, according to The Hacker News. XCSSET was discovered in August show more ...
On Saturday, a web-based petition for an investigation into the US Biological Laboratory in Fort Detrick, Maryland, suffered two cyberattacks allegedly carried out by US hackers, according to China Daily. The good news is that the servers had withstood the attack and caused very little damage, although further attacks show more ...
At a time when businesses worldwide were shedding money because of the pandemic, Zoom saw revenue growth of 370% in just one quarter, becoming a household name and a verb in the process. But right from the start the service faced pointed questions about security, and to their credit, the developers did their best to show more ...
Joseph “PlugwalkJoe” O’Connor, in a photo from a paid press release on Sept. 02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor. One day after last summer’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” show more ...
Cybersecurity lapses at major companies have led to class-action lawsuits and settlements in the hundreds of millions of dollars, including those involving Target, Home Depot, and others.
The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1B ($1.18B) in ransomware payments.
Both Dahua and Hickvision, two of China’s largest security camera makers, are no longer members of the Security Industry Association (SIA), the largest trade organization for surveillance vendors.
What GitLab sets out to achieve with the new open source tool -- named Package Hunter -- is the detection of malicious code that would execute within an application’s dependencies.
The information that may have been exposed includes names, dates of birth, and Social Security numbers, as well as the health insurance contract numbers and routing numbers for direct deposit.
A spammer has flooded the forum of the Babuk ransomware group with explicit GIFs after the Babuk gang failed to pay a $5,000 ransom demand the threat actor made on Friday.
The seller claims the secret database contains 3.8 billion phone numbers and each number is ranked by a score (Number of Clubhouse users who have this phone number in their phonebook).
According to THORChain, the decentralized exchange has become a victim of a sophisticated attack on its ETH router. The protocol took to Twitter to announce the hack and loss it suffered.
Speaking to local radio, the Deputy Mayor said that a malicious virus had been installed, with hackers asking for a “ransom” to “unlock” the files, although it wasn't said how much or if he was paid.
According to Kaspersky researchers, a majority of these fake Win 11 installers pose as a downloadable file appearing to be a genuine MS Windows installer as far as size and structure are concerned.
A fake PDF file masquerades as a Japanese-language report on Olympics-related cyberattacks, for example. Opening it activates malware that infects the user's computer and deletes files.
Organizations are becoming increasingly dependent on APIs to power web and mobile applications that make it easier for customers to consume services via connected devices or apps.
Taiwan says it has been able to defend against the overwhelming majority of attacks. Successful breaches number in the hundreds, while only a handful are what the government classifies as "serious."
The PetitPotam technique can potentially impact most of the supported Windows versions, it was successfully tested against Windows 10, Windows Server 2016, and Windows Server 2019 systems.
High-ranking government officials around the world, including US allies' national security officials, were targeted using spyware from NSO Group, according to WhatsApp head Will Cathcart.
Sophos has announced it’s acquiring Braintrace, a cybersecurity startup that provides organizations visibility into suspicious network traffic patterns. Terms of the deal were not disclosed.
Although the issue was reported in December 2020, given the difficulty of reproducing the bug, it isn't until this month that a fix was rolled out to the Android users of the encrypted messaging app.
Vulnerabilities in biometric access control devices manufactured by IDEMIA could lead to remote code execution (RCE), denial of service, and arbitrary file read/write, researchers have warned.
The MITRE Top 25 list is compiled from NIST’s NVD database and the CVSS scores for each CVE, with a formula applied to score each weakness based on prevalence and severity.
Malware authors are increasingly using rarely spotted programming languages such as Go, Rust, Nim and DLang in order to create new tools and to hinder analysis, researchers have found.
As explained by SecureTeam and Outflank, HTML smuggling is a technique that allows threat actors to assemble malicious files on users’ devices by clever use of HTML5 and JavaScript code.
Multiple cyberattacks have been found targeting Windows OS. Its users were targeted, almost on a daily basis, with some new malware, vulnerability, or attack vector. Therefore, the best solution is to always stay updated and frequently install the latest patches.
Red Hat Security Advisory 2021-2881-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.
Gentoo Linux Security Advisory 202107-55 - Multiple vulnerabilities have been found in libsdl2, the worst of which could result in a Denial of Service condition. Versions less than 2.0.14-r1 are affected.
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php, making it possible to show more ...
Backdoor.Win32.Nbdd.bgz malware suffers from a buffer overflow vulnerability.
Backdoor.Win32.Bifrose.acci malware suffers from a buffer overflow vulnerability that can allow for code execution.
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by using text/csv show more ...
It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. It was discovered that the virtual file system implementation in the Linux kernel show more ...
Gentoo Linux Security Advisory 202107-54 - Multiple vulnerabilities have been found in libyang, the worst of which could result in a Denial of Service condition. Versions less than 1.0.236 are affected.
Backdoor.Win32.PsyRat.b malware suffers from a code execution vulnerability.
NoteBurner version 2.35 suffers from a denial of service vulnerability.
Backdoor.Win32.PsyRat.b malware suffers from a denial of service vulnerability.
Backdoor.Win32.Agent.cu malware suffers from a code execution vulnerability.
Backdoor.Win32.Agent.cu malware suffers from a man-in-the-middle vulnerability.
Red Hat Security Advisory 2021-2883-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.
XOS Shop version 1.0.9 suffers from an authenticated arbitrary file deletion vulnerability.
Red Hat Security Advisory 2021-2882-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabilities.
Backdoor.Win32.Agent.cu malware suffers from an authentication bypass vulnerability that can lead to code execution.
Leawo Prof. Media version 11.0.0.1 suffers from a denial of service vulnerability.
Backdoor.Win32.Mazben.me malware suffers from an unauthenticated open proxy vulnerability.
Backdoor.Win32.Hupigon.aaur malware suffers from an unauthenticated open proxy vulnerability.
Elasticsearch ECE version 7.13.3 anonymous database dumping exploit.
A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. The issue, dubbed "PetitPotam," was discovered by security researcher Gilles Lionel, who shared
There is a saying that goes something like, "Do not judge a book by its cover." Yet, we all know we can not help but do just that - especially when it comes to online security. Logos play a significant role in whether or not we open an email and how we assess the importance of each message. Brand Indicators for Message Identification, or BIMI, aims to make it easier for us to quickly identify
Microsoft Windows 10 and Windows 11 users are at risk of a new unpatched vulnerability that was recently disclosed publicly. As we reported last week, the vulnerability — SeriousSAM — allows attackers with low-level permissions to access Windows system files to perform a Pass-the-Hash (and potentially Silver Ticket) attack. Attackers can exploit this vulnerability to obtain hashed passwords
An infamous cross-platform crypto-mining malware has continued to refine and improve upon its techniques to strike both Windows and Linux operating systems by setting its sights on older vulnerabilities, while simultaneously latching on to a variety of spreading mechanisms to maximize the effectiveness of its campaigns. "LemonDuck, an actively updated and robust malware that's primarily known
It seems my boss here at “Grahamcluley” has decided that I deserve a wage increase. This is not only terrific news for my bank balance, but also terribly exciting as I never knew I even had a boss – let alone that my company had a human resources department and accounts team...
Graham Cluley Security News is sponsored this week by the folks at 1Password. Thanks to the great team there for their support! Learn from security experts at top organizations, hear about new security and technology trends, and get quick tips for building a culture of security at work and at home – all in four show more ...
The Instagram account of SBS Australia - a group of free-to-air TV and radio stations down under - has been hacked by someone who clearly loves "Vikings".
Kaseya hasn't paid anyone for the decryptor it managed to get its paws on last week, and is offering to customers hit by a massive ransomware attack. Which only raises the question - who did?
The latest research finds that ransomware attackers are attempt to extort, on average, a smaller amount of money through their criminal activities.
The No More Ransom website has become one of the first ports of call for any individual or company whose computer has been hit by a ransomware attack.
