Cybersecurity experts at WizCase discovered a large-scale data breach affecting Reindeer, a collaborator of Tiffany & Co, Patrón Tequila, and other companies, according to E Hacking News. The organization, led by Ata Hakçil, discovered that the breach exposed personal information such as names, dates of birth, show more ...
Software giant Microsoft issued a series of 44 security updates yesterday, with one of them actively exploited in the wild, according to The Hacker News. Microsoft announced that the 7 most critical and 37 most significant flaws in Microsoft Office, Visual Studio, Azure, Windows, .NET Core, the Microsoft Windows show more ...
Key details critical to the operation of Conti Ransomware-as-a-Service have been exposed online, says Threat Post. The page provides an archive of numerous Cobalt Strike tools, training materials and an archive of Cobalt Strike C2 servers with IP addresses that show how the group conducts its attacks. The show more ...
In order to address numerous high severity vulnerabilities in Adobe's e-commerce platform Magento, a significant set of security updates was released on Monday, according to The Hacker News. Magento 2.4.2, 2.4.2-p1, and 2.3.7, as well as any earlier version of Magento, are all affected by the major show more ...
A group of cybercriminals established a website that specializes in selling payment card data online, AllWorld.Cards, according to Threat Post. Threat actors leaked 1 million stolen credit cards (gathered between 2018 and 2019) to help promote their criminal operations. Cybersecurity researchers from Cyble show more ...
Whenever I am at Moscow’s Sheremetyevo airport, I always check out the capsule hotel and debate whether to take a rest in one of those mini pods. To date, I haven’t pulled the trigger, but when I saw a presentation at this year’s Black Hat called Hacking a Capsule Hotel — Ghosts in the Bedroom, I show more ...
Gaining root access on Android generally requires unlocking the bootloader, an action that disables the signature verification requirements so that a modified Android boot image can be deployed.
For the August 2021 Patch Tuesday, Microsoft has fixed 44 vulnerabilities (51 including Microsoft Edge) with today's update, with seven classified as Critical and 37 as Important.
Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. Conti ransomware group is now leveraging backdoors that persist, cybersecurity firm Pondurance reports.
The Conti ransomware group, in operation for over a year, operates a RaaS that has been connected to multiple attacks, including a recent high-profile attack on the Irish Health Service
Microsoft has revived the Remote Desktop Connection Manager (RDCMan) app that was deprecated last year due to an important severity information disclosure bug the company decided not to fix.
The universal decryption key for REvil's ransomware attack on Kaseya's customers has been leaked on hacking forums allowing researchers their first glimpse of the mysterious key.
Cyberattacks against enterprise infrastructure are on the rise in the U.K. as digital transformation expands the potential attack surfaces of many organizations, according to a report by ISG.
Adobe has released a large Patch Tuesday security update that fixes critical vulnerabilities in Magento and important bugs in Adobe Connect. In total, Adobe fixed 29 flaws with these updates.
An affiliate of Conti ransomware leaked the manuals and technical guides—used by the gang to train new members—on a cybercrime forum owing to financial conflicts. The leaked information is said to be the holy grail of the penetration testing team working behind the Conti gang. The files were uploaded on an underground forum named XSS and contain details about tools and tactics used by the group.
An attacker could take advantage of these issues to carry out a variety of malicious actions, including corrupting the application’s memory and gaining the ability to execute remote code.
A set of DNS vulnerabilities was found impacting DNS-as-a-Service (DNSaaS) providers. It enables cybercriminals to rip off sensitive corporate data. The flaws could allow intelligence harvesting simply by using a domain registration technique. There are mitigation steps available that can be followed by managed DNS services providers.
Instead of trying to identify victims and gain remote access, they can select from a menu of options, picking victims based on their revenue, country and sector, and the type of access being offered.
Using the PetitPotam vector, a threat actor can use the Windows LSARPC interface to communicate and execute MS-EFSRPC API functions for malicious purposes without authentication.
LockBit 2.0 ransomware group is hiring and promising corporate insiders millions of dollars if they assist attackers in infiltrating and encrypting corporate networks. The recent finding indicates the LockBit gang probably wants to remove the middleman hackers for companies’ login credentials. Such offers of millions of dollars to insiders could prove fatal for organizations if worked out in favor of criminals.
The consumer group Which? provided insights into the smishing campaign, in which scammers attempt to trick recipients into giving away personal information, including payment details.
More than half of employees who work remotely are deliberately ignoring or working around security policies put in place by their company, according to new research by Axiad.
"We want to inform you that Crytek was the victim of a ransomware attack by some unknown cyber-criminals," Crytek said in a letter mailed to one of their customers impacted in the incident.
The funds will go toward securing critical infrastructure against attacks, helping vulnerable organizations defend themselves, and funding a key federal cyber office, among other initiatives.
German enterprise software giant SAP has released 19 new and updated security notes, including for nine new vulnerabilities that have been rated critical or high severity.
During the pandemic, online presence has become crucial for retail businesses. It has also led to the challenge of evasive malicious bots that are now leaching off of already vulnerable businesses.
Researchers have detailed a new type of attack called Database Reconnaissance and Exfiltration via Adaptive Compression Heuristics (DBREACH) against databases at the Black Hat US 2021 hybrid event. It could result in information disclosure and loss. Attackers can further monitor the database usage patterns, such as DoS detection, and look for a single user with a sudden high number of updates.
Intel on Tuesday released six new security advisories to inform customers about the availability of firmware and software updates that address a total of 15 vulnerabilities across several products.
NortonLifeLock and Avast are merging in a deal worth more than $8 billion. The deal will see NortonLifelock acquire all of Avast’s shares, and create a much larger cybersecurity firm.
A cybersecurity researcher recently spotted threat actors actively trying to exploit Microsoft Exchange servers by targeting ProxyShell vulnerabilities. The newly discovered vulnerabilities could be exploited via the Client Access Service (CAS), which runs in IIS on port 443. Experts recommend applying all the patches as early as possible and using additional layers of security such as endpoint threat detection.
A new AdLoad malware variant is slipping through Apple's YARA signature-based XProtect built-in antivirus tech to infect Macs as part of multiple campaigns tracked by SentinelOne security researchers.
Data protection solutions provider OwnBackup on Tuesday announced raising $240 million in a Series E funding round led by Alkeon Capital and B Capital Group at a valuation of $3.35 billion.
A new variant of the Golang crypto-worm has been found dropping Monero-mining malware on targeted machines. The crypto-worm is based on XMRig and abuses known web server vulnerabilities. It has the ability to speed up the mining process by 15%.
With the government sending out tax communications, stimulus checks and more in the wake of COVID-19, scammers are taking advantage of the fact that an email from the ATO would not seem out of place.
Canon TR150 print drivers versions 3.71.2.10 and below allow local users to read/write files within the "CanonBJ" directory and its subdirectories. By overwriting the DLL at C:ProgramDataCanonBJIJPrinterCNMWINDOWSCanon TR150 seriesLanguageModules40CCNMurGE.dll with a malicious DLL at the right time whilst show more ...
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
Red Hat Security Advisory 2021-2977-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
HackTool.Win32.Hidd.b malware suffers from a buffer overflow vulnerability.
Ubuntu Security Notice 5034-2 - USN-5034-1 fixed a vulnerability in c-ares. This update provides the corresponding update for Ubuntu 16.04 ESM. Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks. Various other issues were also addressed.
Backdoor.Win32.IRCBot.gen malware suffers from a hardcoded credential vulnerability.
Red Hat Security Advisory 2021-3119-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory addresses a wide array of vulnerabilities.
Trojan-Proxy.Win32.Raznew.gen malware suffers from an unauthenticated open proxy vulnerability.
Adobe on Tuesday shipped security updates to remediate multiple critical vulnerabilities in its Magento e-commerce platform that could be abused by an attacker to execute arbitrary code and take control of a vulnerable system. The issues affect 2.3.7, 2.4.2-p1, 2.4.2, and earlier versions of Magento Commerce, and 2.3.7, 2.4.2-p1, and all prior versions of Magento Open Source edition. Of the 26
Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. The update, which is the smallest release since December 2019, squashes seven Critical and 37 Important bugs in Windows, .NET Core & Visual Studio, Azure, Microsoft Graphics Component, Microsoft
Hackers have siphoned $611 million worth of cryptocurrencies from a blockchain-based financial network in what's believed to be one of the largest heists targeting the digital asset industry, putting it ahead of breaches of exchanges Coincheck and Mt. Gox. Poly Network, a cross-chain decentralized finance (DeFi) platform for swapping tokens across multiple blockchains such as Bitcoin, Ethereum,
Cybersecurity researchers have disclosed a new class of vulnerabilities impacting major DNS-as-a-Service (DNSaaS) providers that could allow attackers to exfiltrate sensitive information from corporate networks. "We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google," researchers Shir Tamari
As cyber threats keep on increasing in volume and sophistication, more and more organizations acknowledge that outsourcing their security operations to a 3rd-party service provider is a practice that makes the most sense. To address this demand, managed security services providers (MSSPs) and managed service providers (MSPs) continuously search for the right products that would empower their
