The U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identity. show more ...
A new cyber-incident reporting bill put forward by a Senate committee would mandate critical infrastructure owners and operators to report cyberattacks to the government within 72 hours.
“Almost every nation in the world now has a cyber exploitation program,” Rob Joyce, director of the NSA’s Cybersecurity Directorate, said during the Aspen Cyber Summit in Colorado.
Researchers from cybersecurity firm Salt Security discovered widespread mistakes that allowed them to launch attacks where any user could extract sensitive customer and system data.
While these apps numbered in the hundreds a few years ago, they have since grown into the thousands. They are widely available on Google’s Play Store and to a lesser degree on Apple’s App Store.
Of the 4.6 million customers potentially affected, "approximately 3.1 million payment and virtual gift cards were affected, more than 85% of which are expired or invalid," according to a news release.
While companies grapple with third-party cyber risk management, the weak points in their current mitigation strategies exacerbate the threat of cyber incidents, a Forrester Consulting survey reveals.
In February, the Hawaii Payroll Services company suffered a ransomware attack. The company believes the attack was carried out by a criminal who somehow compromised a client's account.
A message from the superintendent to the school community said an investigation is ongoing and that student data on PowerSchool was not breached and that the district took mitigative action.
As a Co-Chair, Apple will share best practices and experiences to aid the creation of free cybersecurity tools and resources for SMBs and collaborate with CRI to support the SMBs in its supply chain.
The Ranison ransomware family appears to have been around since at least early 2017, giving it more than four years of longevity as compared to under two years for most other ransomware.
Most organizations are more concerned about ransomware than other cyber-threats. This is a key finding from the 2021 Global State of Ransomware Report by cybersecurity company Fortinet.
The 15 zero-day vulnerabilities discovered affect Corel PDF Fusion, Corel PhotoPaint Standard 2020, Corel Presentations 2020, Corel WordPerfect 2020, and Corel DrawStandard 2020.
It’s the time of year when we need to remember and reinvigorate our efforts to achieve greater awareness of the threats and risks posed by the malicious cyber activity of sophisticated threat actors.
One of the newer techniques for BEC scams integrates spear phishing, custom webpages, and the complex cloud single sign-on ecosystem to trick users into unwittingly divulging their credentials.
Arctic Wolf, a managed cybersecurity company that offers a “security operations-as-a-concierge” service, has acquired Habitu8, a security training content platform for an undisclosed amount.
Three of the security flaws fixed today by QNAP are high severity stored cross-site scripting (XSS) vulnerabilities tracked as CVE-2021-34354, CVE-2021-34356, and CVE-2021-34355.
Hackers easily take advantage of the fact that the attacks are evolving rapidly and are making use of third-party software as carriers, which is something that many organizations are not ready for.
CyberNews security researchers found that 14 top Android apps, downloaded by more than 140 million people in total, are leaking user data due to Firebase misconfigurations.
Execs lack faith in government’s ability to protect them from cyber threats, with 60% of firms believing that spending on new security tools and services is the most effective way of stopping attacks.
Google pushed out an emergency Chrome update to fix two zero-days, the second pair this month, that are being exploited in the wild. A dozen such zero-days have been found in 2021.
The new APT group is specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell.
Threat actors set up a page posing as the official CommerzBank page and registered multiple domains on the same IP address. Crooks used the fake website to spread fake CommerzBank apps.
In its notification to customers, Coinbase explains that between March and May 20th, 2021, a threat actor conducted a hacking campaign to breach Coinbase customer accounts and steal cryptocurrency.
The CISA released an Insider Risk Mitigation Self-Assessment Tool today, which assists public and private sector organizations in assessing their vulnerability to an insider threat.
The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates.
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database show more ...
This archive contains all of the 169 exploits added to Packet Storm in September, 2021.
Red Hat Security Advisory 2021-3646-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform.
Ubuntu Security Notice 5094-2 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or show more ...
WhatsUpGold version 21.0.3 suffers from a persistent cross site scripting vulnerability.
Blood Bank System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2021-3704-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, and out of bounds read vulnerabilities.
Phpwcms version 1.9.30 suffers from a cross site scripting vulnerability via the file upload functionality.
Ubuntu Security Notice 5091-2 - Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. It was show more ...
Drupal MiniorangeSAML module version 8.x-2.22 suffers from a privilege escalation vulnerability via XML Signature Wrapping.
178 bytes small Windows/x86 shellcode that pops calc.exe. The shellcode uses the PEB method to locate the baseAddress of the required module and the Export Directory Table to locate symbols. It also uses a hash function to dynamically gather the required symbols without worry about the length. Finally, the shellcode pops the calc.exe using WinExec and exits gracefully using TerminateProcess.
Red Hat Security Advisory 2021-3703-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, and out of bounds read vulnerabilities.
Exam Form Submission System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Vehicle Service Management System version 1.0 suffers from a remote shell upload vulnerability.
CMSimple_XH version 1.7.4 remote command execution exploit.
Google on Thursday pushed urgent security fixes for its Chrome browser, including a pair of new security weaknesses that the company said are being exploited in the wild, making them the fourth and fifth actively zero-days plugged this month alone. The issues, designated as CVE-2021-37975 and CVE-2021-37976, are part of a total of four patches, and concern a use-after-free flaw in V8 JavaScript
In yet another indicator of how hacking groups are quick to capitalize on world events and improvise their attack campaigns for maximum impact, threat actors have been discovered impersonating Amnesty International to distribute malware that purports to be security software designed to safeguard against NSO Group's Pegasus surveillanceware. "Adversaries have set up a phony website that looks
A formerly unknown Chinese-speaking threat actor has been linked to a long-standing evasive operation aimed at South East Asian targets as far back as July 2020 to deploy a kernel-mode rootkit on compromised Windows systems. Attacks mounted by the hacking group, dubbed GhostEmperor by Kaspersky, are also said to have used a "sophisticated multi-stage malware framework" that allows for providing
Cybersecurity researchers have disclosed an unpatched flaw in Apple Pay that attackers could abuse to make an unauthorized Visa payment with a locked iPhone by taking advantage of the Express Travel mode set up in the device's wallet. "An attacker only needs a stolen, powered on iPhone. The transactions could also be relayed from an iPhone inside someone's bag, without their knowledge," a group
