News has surfaced of a rather dangerous practice in Microsoft Azure, whereby when a user creates a Linux virtual machine and enables certain Azure services, the Azure platform automatically installs the Open Management Infrastructure (OMI) agent on the machine. The user won’t know it. Although a stealth show more ...
Recent large-scale DDoS attacks using a new botnet called Mēris peaked at almost 22 million requests per second. According to Qrator research, MikroTik’s network devices generated a fair share of the botnet’s traffic. Having analyzed the situation, MikroTik experts found no new vulnerabilities in the show more ...
In its latest ICS threat landscape report, Kaspersky revealed that the percentage of attacked devices only rose by 0.4 percentage points, but in some countries, the increase was more significant.
The stolen data has been released as a torrent. The hacktivist collective says that the data set, which is over 180GB in size, contains a "decade's worth of data from the company."
The threat actors were able to gain their initial access to the victim by exploiting a vulnerability in a web access server. They further used privilege escalation exploits to steal credentials.
Researchers uncovered that time taken by malware to move laterally within compromised networks has reduced drastically owing to multiple factors such as the shift to work from home culture, growing RaaS infrastructure, and the proliferation of automated tools. It has opened up new doors for threat actors from show more ...
Latvian network equipment manufacturer MikroTik has shared details on how customers can secure and clean routers compromised by the massive M?ris DDoS botnet over the summer.
The Ragnar Locker ransomware gang has come up with a new way to threaten victims and pressurize them for ransom. The group announced that it would leak the stolen data if victims contact law enforcement agencies. However, experts believe that this latest development is a loose threat to scare victims from doing the right thing.
The Common Weakness Enumeration (CWE) list represents vulnerabilities that have been widely known for years, yet are still being coded into software and being bypassed by testing.
Two legacy IBM System X server models, retired in 2019, are open to attack and will not receive security patches, according to Lenovo. However, the company is offering workaround mitigation.
According to KELA’s report, U.S. companies with a minimum revenue of over $100 million are the top targets of ransomware attackers. Furthermore, about half of the ransomware actors in the dark web reject breach offers pertaining to the healthcare and education sectors. It is advised that organizations invest in cybersecurity measures to stay clear of burgeoning ransomware threats.
Two-thirds of cloud security incidents could have been avoided if the configuration of apps, databases, and security policies were correct, new research by IBM X-Force suggests.
The news comes after a rival ransomware gang calling itself RagnarLocker said it would do something similar, prompting a spot of bandwagon-jumping among the criminal fraternity.
Security researchers at Lumen’s Black Lotus Labs have found a series of malware samples that were configured to infect the Windows Subsystem for Linux and then pivot to its native Windows environment.
Cyber puppeteer kits are more personalized, interactive, and successful than traditional phishing kits. This makes them a threat to an organization’s employees, customers, critical assets, and more.
New details have been revealed about a recently remediated critical flaw in Netgear switches that could be leveraged to potentially execute malicious code and take control of vulnerable devices.
Dynatrace completed acquisition of the parsing and query analytics company. This acquisition will accelerate the convergence of observability and security for modern hybrid, multicloud environments.
The Open Web Application Security Project reshuffles its list of top threats, putting broken access controls and cryptographic failures at the top and creating three new risk categories.
Strike Graph announces that it has secured $8 million in Series A funding, led by Information Venture Partners, investors in the next generation of leaders in B2B FinTech and Enterprise SaaS.
“We’re continuing to address the system outage impacting access to the network, applications and customer support,” reads an internal message sent by TTEC to certain employees.
Tenable, a cyber risk management company based in Columbia, Maryland, today announced it has acquired infrastructure-as-code (IaC) technology provider Accurics for $160 million in cash.
The rate of cyber crime (incidents per lakh population) also increased from 3.3 percent in 2019 to 3.7 percent in 2020 in the country, according to the National Crime Records Bureau (NCRB) data.
LockBit is showing no signs of slowing down as the gang continues to recruit affiliates under its LockBit 2.0 RaaS model. The group’s website displayed that LockBit is six times more active than its contemporaries. At this moment, organizations should start prioritizing their network security and establishing an incident response team. Also, enforce multifactor authentication.
Researchers found that there has been a constant rise in bad bots that has surpassed record-high bad bot traffic detected last year – 25.6% of all web requests.
Unit42 researchers found that dangling domains are a real and prevalent threat. Specifically, they detected 317,000 unsafe dangling domains in their passive DNS data set.
?Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface.
The malware’s primary tactic is to spread by taking advantage of vulnerable systems and weak administrative credentials. Once they’ve been infected, these systems are then used to mine cryptocurrency.
Microsoft and threat intelligence company RiskIQ reported finding links between the exploitation of a recently patched Windows zero-day vulnerability and known ransomware operators.
Drupal developers informed users that updates released for Drupal 8.9, 9.1, and 9.2 patch five vulnerabilities that can be exploited for cross-site request forgery (CSRF) and access bypass.
Endpoint security platform Kolide today announced that it closed a $17 million Series B financing round led by OpenView Partners, with Matrix Partners also participating in the round.
A free master decryptor for the REvil ransomware operation has been released by researchers at Bitdefender, allowing all victims encrypted before the gang disappeared to recover their files for free.
Hackers stole the personal data of around 1.4 million people who took Covid-19 tests in the Paris region in the middle of 2020, hospital officials in the French capital disclosed on Wednesday.
A pair of House committees this week said they want to spend additional millions on cybersecurity by injecting funds into both the CISA and FTC, as part of the debate over the federal budget proposal.
The FTC approved a policy statement Wednesday that warns makers of health apps and connected devices that collect health-related information to comply with a decade-old data breach notification rule.
Russian internet service provider Yandex experienced one of the biggest DDoS attacks by a botnet dubbed Meris. It has infected thousands of networking devices so far. The information collected from the multiple attacks revealed that Mēris has a network of more than 30,000 devices. MikroTik has shared tips on keeping your gateways secure.
This Metasploit modules exploits a critical vulnerability in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, which allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker’s malicious repository using a vulnerable Git version control tool.
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant show more ...
Red Hat Security Advisory 2021-3555-01 - Red Hat OpenShift Serverless Client kn 1.17.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.17.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.
Ubuntu Security Notice 5080-1 - It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information.
Ubuntu Security Notice 5078-2 - USN-5078-1 fixed several vulnerabilities in Squashfs-Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Various other issues were also addressed.
Microsoft Windows cmd.exe suffers from a stack buffer overflow vulnerability.
Impress CMS version 1.4.2 suffers from a remote code execution vulnerability.
Microsoft on Wednesday announced a new passwordless mechanism that allows users to access their accounts without a password by using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email. The change is expected to be rolled out in the coming weeks. "Except for auto-generated passwords that are nearly impossible to remember, we largely create our own
New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices. The flaw — dubbed "Seventh Inferno" (CVSS score: 9.8) — is part of a trio of security weaknesses, called Demon's Cries (CVSS score: 9.8) and Draconian Fear (CVSS score: 7.8)
Microsoft on Wednesday disclosed details of a targeting phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. "These attacks used the vulnerability, tracked as CVE-2021-40444, as part of an initial access campaign that distributed custom Cobalt Strike Beacon
Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks. The issue — tracked as CVE-2021-41077 — concerns unauthorized access and plunder of secret environment data associated with a public open-source project during the
A Walmart press release says it's jumping aboard the cryptocurrency bus - but is it true? Theranos's Elizabeth Holmes goes on trial, and have you updated your Apple gadgets to protect against the latest NSO Group spyware attack? All this and much more is discussed in the latest edition of the award-winning show more ...
