Linux-based machines that are directly connected to the Internet can be targets for attackers who can quickly push potentially dangerous web-based shells, ransomware, Trojans, and other malicious software, according to The Hacker News. Trend Micro produced a comprehensive analysis of the Linux threat landscape, show more ...
On Wednesday, President Joe Biden will meet with top executives from some of the country's largest technology and financial companies, as the White House seeks private sector backing for a unified cyber defense against emerging threats, according to MCU Times. The gathering comes amid an increase in ransomware show more ...
Following reports of personal data leaked online from the entire population, a small Swiss town revealed that it had misjudged the seriousness of the cyber attack late in the day before, according to Security Week. Rolle, a small, lovely town on the beaches of Lake Geneva, acknowledged that it had been targeted by a show more ...
Chinese advanced persistent threat (APT) gangs have resumed their hacking activities, with one of the attacks targeting an American computer retailer using an unknown backdoor referred to as Sidewalk, according to The Hacker News. In a report, ESET Cybersecurity Researchers Mathieu Tartare and Thibaut Passilly show more ...
A mistake by a health care worker resulted in the leaking of medical information of about 12,000 patients. The phishing attack took place on June 21 and lasted only 45 minutes, according to The Spectrum. While he breach exposed medical record numbers, birth dates, procedures, and insurance provider names, provider show more ...
FluBot Android malware is back and already launched several attacks outside the regular geographical region of impact, according to Cyware. Recently conducted research into the FluBot banking malware has revealed an upsurge in the number of dangerous distribution pages in a variety of Australian, Polish, and German show more ...
In an unexpected data leak, more than 38 million records from 47 organizations using Microsoft's gateway platform Power Apps were accidentally published online, according to The Hacker News. The unfortunate incident resulted in the leakage of sensitive information on servers of corporations such as Microsoft, J. show more ...
This week on the Kaspersky Transatlantic Cable podcast, Ahmed, Dave, and I discuss a number of topics that really run the gamut — from spy ships to the robot apocalypse, Bitcoin, and more. Kicking things off is a story from Tom Spring on Threatpost about how Microsoft Power App configurations have led to the leak of show more ...
In 2018, Andrew Schober was digitally mugged for approximately $1 million worth of bitcoin. After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for developing a clever piece of digital clipboard-stealing malware that let show more ...
In this spotlight edition of the podcast, sponsored by Trusted Computing Group* Thomas Hardjono and Henk Birkholz join us to talk about President Biden’s Cyber Executive Order and how the EO’s call for increasing trust in federal IT systems is creating demand for TCG technologies The post Episode 224: Engineering show more ...
The soon-to-be-released update for Office 365 is designed to limit users' exposure to unwanted or malicious content by adding additional security controls to block embedded threats.
Atlassian released fixed versions of the product – namely versions 6.13.23, 7.4.11, 7.11.6, 7.12.5, and 7.13.0 – but the company's advisory suggests upgrading to the latest long-term service release.
According to Trend Micro, which identified around 15 million malware events targeting Linux-based cloud, coin miners and ransomware make up 54% of all malware, and web shells account for 29% of them.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released five new analysis reports detailing malware discovered on compromised Pulse Secure devices.
Although Microsoft fully patched the ProxyShell bugs by May 2021, they didn't assign CVE IDs for the vulnerabilities until July, preventing organizations with unpatched servers to discover the flaws.
Organizations must rethink how to protect their workforces moving forward, which starts by making digital security an integral part of their hybrid and remote work plans.
The flaw, tracked as CVE-2021-23031, is a privilege escalation issue on BIG-IP Advanced Web Application Firewall (WAF) and Application Security Manager (ASM) Traffic Management User Interface (TMUI).
Swedish digital rights organisation Qurium has alleged that an Israeli company called Bright Data has helped the government of the Philippines to DDOS local human rights organisation Karapatan.
The critical vulnerability, tracked as CVE-2021-1577, impacts Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC).
A ransomware attack earlier this month has affected the personal data and clinical information of nearly 73,500 patients of a private eye clinic, the third such reported incident in a month.
Eskenazi Health confirmed the threat actors behind the ransomware attack launched on August 4 exfiltrated patient data prior to the deployment and leaked the stolen information online.
In the case of Kanye's latest release, Kaspersky found fake downloads linking to scam websites just like those found in the days immediately preceding the release of "Black Widow."
Atlas VPN analyzed financial hacks over the last two-and-a-half years and found that DeFi hacks represent 76% of all major hacks for the first half of 2021 as compared to 25% of the total in 2020.
The Swiss town Rolle disclosed the data breach after a ransomware attack compromised some administrative servers, personal details of all its 6,200 inhabitants were stolen by threat actors.
A new report has disclosed that ShadowPad backdoor malware has been actively used by different Chinese espionage groups since 2017. The Windows malware platform greatly reduces the development and maintenance cost for the attackers. The availability of such advanced malware as a commodity might empower and motivate amateur hackers to soon leap into action.
Robert Heaton, software engineer at payments processor Stripe, said his find could have empowered attackers to discover victims’ home addresses or, to some degree, track their movements.
Six internal emails, allegedly involving correspondence between a union lobbyist and a senior official of American spacecraft launch service provider ULA, have been leaked on a popular hacker forum.
Kaseya has issued a security update to patch server-side Kaseya Unitrends zero-day vulnerabilities found by security researchers at the Dutch Institute for Vulnerability Disclosure (DIVD).
Atlanta Allergy & Asthma (AAA), the largest allergy treatment healthcare business in the region, is notifying 9,800 patients that a January data breach involved protected health information.
In a report shared with ZDNet, vpnMentor's cybersecurity team, led by Noam Rotem and Ran Locar, revealed EskyFun as the owner of a 134GB server exposed and made public online.
Trend Micro researchers stumbled across a cyberespionage campaign by Earth Baku, or APT41, compromising public and private entities alike located in the Indo-Pacific region. The group deploys previously unknown shellcode loaders, now known as StealthVector and StealthMutant, along with a backdoor identified as ScrambleCross. It appears, the group could be planning more campaigns in the near future in the same region.
A PowerShell script has disclosed details about different types of data that are stolen by the Pysa ransomware group. It has a list of 123 keywords. Some of the keywords are aimed at stealing data from folders related to investigations, crime, fraud, federal, hidden, bureau, illegal, terror, and secret. Organizations show more ...
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
Ubuntu Security Notice 5051-3 - USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS. Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, show more ...
Ubuntu Security Notice 5051-2 - USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, show more ...
Ubuntu Security Notice 5052-1 - MongoDB would fail to properly invalidate existing sessions for deleted users. This could allow a remote authenticated attacker to gain elevated privileges if their user account was recreated with elevated privileges.
ProcessMaker version 3.5.4 suffers from a local file inclusion vulnerability.
Cisco Systems on Wednesday issued patches to address a critical security vulnerability affecting the Application Policy Infrastructure Controller (APIC) interface used in its Nexus 9000 Series Switches that could be potentially abused to read or write arbitrary files on a vulnerable system. Tracked as CVE-2021-1577 (CVSS score: 9.1), the issue — which is due to improper access control — could
Forget watercooler conspiracies or boardroom battles. There's a new war in the office. As companies nudge their staff to return to communal workspaces, many workers don't actually want to – more than 50 percent of employees would rather quit, according to research by EY. While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft –
VMware on Wednesday shipped security updates to address vulnerabilities in multiple products that could be potentially exploited by an attacker to take control of an affected system. The six security weaknesses (from CVE-2021-22022 through CVE-2021-22027, CVSS scores: 4.4 - 8.6) affect VMware vRealize Operations (prior to version 8.5.0), VMware Cloud Foundation (versions 3.x and 4.x), and
Today I discuss an attack vector conducive to cross-organizational spread, in-home local propagation. Though often overlooked, this vector is especially relevant today, as many corporate employees remain working from home. In this post, I contrast in-home local propagation with traditional vectors through which a threat (ransomware in particular) spreads throughout an organization. I discuss the
Enterprise security and network appliance vendor F5 has released patches for more than two dozen security vulnerabilities affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions, including accessing arbitrary files, escalating privileges, and executing JavaScript code. Of the 29 bugs addressed, 13 are
The FBI has published a warning about a ransomware gang called the OnePercent Group, which has been attacking US companies since November 2020. Read more in my article on the Tripwire State of Security blog.
A bug unravels 3D printer security, cryptocurrency sites can't stop getting hacked, and hear our special guest spill a cup of tea while inhabiting his wife's knicker drawer. All this and much more can be found in the latest edition of the award-winning "Smashing Security" podcast by computer security show more ...
