On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from “Meris,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this show more ...
Cybercriminals have broken into the computer network of the United Nations and made off with data, according to researchers at cybersecurity firm Resecurity. The report also said that the entry was gained through an employee’s Umoja account.
Security researchers warn that the Genesis market, along with other criminal websites, have become an important tool for hacking organizations to carry out malicious attacks.
Email accounts connected to the Virginia Defense Force and the Virginia Department of Military Affairs were impacted by a cyberattack in July, according to a spokesperson from the Virginia National Guard.
On September 7, 2021, Microsoft disclosed an active in-the-wild attack affecting Microsoft Windows. This vulnerability, CVE-2020-40444, is a remote code execution vulnerability in MSHTML and does not currently have a patch.
BladeHawk attackers have been targeting the Kurdish ethnic group for more than a year through a Facebook-based spyware campaign that disguises backdoors in legitimate Android apps, researchers have found.
There are dozens of ways that threat actors profit off of their victims. The most attractive feature of cryptocurrency for hackers is likely the permanence: when money is sent, you cannot get it back.
In the course of two months (July and August), security experts at GitHub have discovered arbitrary code execution vulnerabilities in the open-source Node.js packages, tar, and @npmcli/arborist.
A U.S. SEC investigation into the SolarWinds Russian hacking operation has dozens of corporate executives fearful information unearthed in the expanding probe will expose them to liability, according to six people familiar with the inquiry.
MyRepublic says almost 80,000 of its mobile subscribers in Singapore have had their personal data compromised, following a security breach on a third-party data storage platform.
In August of 2021, Lacework Labs identified a Linux variant of ChaChi, a customized variant of an open-source Golang based RAT that leverages DNS tunneling for C2 communication.
Currently in Android 12 Beta, Private Compute Core is an open source platform that aims to isolate itself from other apps and the main operating system on an Android device to improve privacy and security.
A newly discovered side-channel attack targeting Google Chrome can allow an attacker to overcome the web browser’s security defenses to retrieve sensitive information using a Spectre-style attack.
A mix of banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain are the target of a newly discovered Android trojan that could enable attackers to siphon personally identifiable information from infected devices.
In 2021, ransomware gangs published data from more than 1,200 American K-12 schools, according to a tally provided to NBC News by Brett Callow, a ransomware analyst at the cybersecurity company Emsisoft.
This Metasploit module exploits an OGNL injection in Atlassian Confluence's WebWork component to execute commands as the Tomcat user.
Internet Explorer suffers from an issue where incorrect JIT optimization in jscript9.dll leads to memory corruption.
ECOA building automation systems suffer from an arbitrary file deletion vulnerability. Many versions are affected.
Backdoor.Win32.WinterLove.i malware suffers from a hardcoded credential vulnerability.
ECOA building automation systems suffer from a local file disclosure vulnerability. Many versions are affected.
ECOA building automation systems suffer from authorization bypass and insecure direct object reference vulnerabilities. Many versions are affected.
ECOA building automation systems suffer from a remote privilege escalation vulnerability. Many versions are affected.
Ubuntu Security Notice 5074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass mixed content blocking, or execute arbitrary code.
ECOA building automation systems suffer from missing encryption of sensitive information. Many versions are affected.
ECOA building automation systems have hardcoded SSH credentials. Many versions are affected.
Backdoor.Win32.Wollf.h malware suffers from a code execution vulnerability.
ECOA building automation systems suffer from a configuration download information disclosure vulnerability. Many versions are affected.
ECOA building automation systems suffer from a cookie poisoning vulnerability that allows for authentication bypass. Many versions are affected.
ECOA building automation systems suffer from a cross site request forgery vulnerability. Many versions are affected.
Backdoor.Win32.VB.awm malware suffers from bypass and information leakage vulnerabilities.
ECOA building automation systems suffer from directory traversal vulnerability that allows for content disclosure. Many versions are affected.
ECOA building automation systems suffer from path traversal and arbitrary file upload vulnerabilities. Many versions are affected.
ECOA building automation systems suffer from having default weak credentials. Many versions are affected.
HEUR.Trojan.Win32.Generic malware suffers from an insecure permissions vulnerability.
Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been exploited by a malicious actor "to access other customers' information" in what the researcher described as the "first cross-account container takeover in the public cloud. show more ...
A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation dubbed Grayfly. In late August, Slovakian cybersecurity firm ESET disclosed details of an implant called SideWalk, which is designed to load arbitrary plugins sent from an attacker-controlled server, gather
The Linux community was caught unprepared when, in December 2020, as part of a change in the way Red Hat supports and develops CentOS, Red Hat suddenly announced that it's cutting the official CentOS 8 support window from ten years – to just two, with support ending Dec 31, 2021. It created a peculiar situation where CentOS 7 users that did the right thing and upgraded quickly to CentOS 8 were
A mix of banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain are the target of a newly discovered Android trojan that could enable attackers to siphon personally identifiable information from infected devices, including banking credentials and open the door for on-device fraud. Dubbed S.O.V.A. (referring to the Russian word for owl), the current version of the
