We recently observed World Mental Health Day, an international holiday that highlights the importance of mental health in an effort to bring about positive change. Adolescents’ mental health deserves extra attention in our era of social media, about which questions have been raised over psychological addiction show more ...
The department released a new cybersecurity strategy ahead of Veteran's Day as a way to better protect the personal information of US veterans as well as to stop the corruption of critical data.
The vulnerability, tracked as CVE-2021-42292, is a high severity security feature bypass that unauthenticated attackers can exploit locally in low complexity attacks that don't require user interaction.
According to the MoJ, the working group will publish a final report listing proposals for combatting online fraud. The group is also due to meet with the National Data Protection Authority.
CrowdStrike discovered multiple vulnerabilities affecting libvncclient. In some widely used desktop environments, such as GNOME, these vulnerabilities can be triggered in a one-click fashion.
OSX/UpdateAgent is a piece of malware that was first spotted in November of 2020. Now the UpdateAgent malware—also known as WizardUpdate—is back with a new bag of tricks.
The iOS and macOS attacks had different approaches, but both chained multiple vulnerabilities together so attackers could take control of victim devices to install their malware.
The US will be joining a voluntary agreement between over 80 countries, local govts, and tech firms aimed to advance cybersecurity and preserve the open, interoperable, secure, and reliable Internet.
BotenaGo was written in Golang (Go), which has been exploding in popularity in recent years, with malware authors loving it for making payloads that are harder to detect and reverse engineer.
The two Internet Explorer vulnerabilities exploited by Magniber ransomware are tracked as CVE-2021-26411 and CVE-2021-40444, with both having a CVSS v3 severity score of 8.8.
Missouri's education department apologized to the 620,000 past and present teachers who had their sensitive information -- including their SSNs -- exposed on the DESE certification database.
The FBI issued a private industry notification to warn industry partners that Iran-linked threat actors are attempting to buy stolen information belonging to US businesses and organizations abroad.
Researchers from Germany's CISPA Helmholtz Center for Information Security have developed a tool to identify Chrome extensions that could be exploited by malicious webpages and other extensions.
CyberVetsUSA exists as a public-private partnership between non-profit and Veteran Service Organizations (VSOs), tech employers, institutions of higher education, and local government agencies.
The file name Covid22 plays off the current Coronavirus disease but applies that same image of fear and destruction to computers, potentially creating a cyber-pandemic in 2022.
The new tool, ClusterFuzzLite, is based on ClusterFuzz, an open source scalable fuzzing infrastructure previously released by Google and used as the fuzzing backbone for the OSS-Fuzz program.
The Lacework platform delivers end-to-end visibility across multi-cloud environments, including detecting unknown and known threats, vulnerabilities, misconfigurations, and unusual activities.
Whether it’s using the file to hide malware, redirect search engines to other sites with blackhat SEO tactics, hide backdoors, inject content, modify php.ini values; the possibilities are endless.
The AMD flaws allow privilege escalation, denial of service, the ability for an unprivileged user to drop malicious DLL files, unauthorized code execution, memory corruption, information disclosure.
The Series A investment round was led by Point72 Ventures. It also included investments from GGV Capital, Silicon Valley CISO Investments, and several leading angel investors.
U.S. Deputy Treasury Secretary Wally Adeyemo will travel to the Middle East, where he will seek to build partnerships on ransomware and cybersecurity as hackers wreak havoc among US industries.
Hackers stayed hidden for nine months on a server holding customer information for a Queensland water supplier, illustrating the need for better cyber defenses for critical infrastructure.
This technique is yet another attempt from the malicious actor to hide control channels to avoid being tracked, monitored, or blocked and it probably has served them well.
A connection was established between the TrickBot gang and the TA551 threat group as a major similarity was found in their tools and TTPs. They use Bazabackdoor and deploy the Cobalt Strike beacon on the compromised system and add scheduled tasks for persistence. The recent collaborations prove how effectively groups can really operate as a team.
According to researchers from Kaspersky, in the first seven months of 2021, the number of users affected by the QBot, which was first discovered in 2007, jumped to 65% compared to the previous year.
The infamous North Korea state-sponsored Lazarus APT was recently found targeting IT supply chains. Now, the group has been discovered attempting to hack security researchers again.
DDoS attacks started being used as an intimidation tactic in Q3. The criminals sent company-wide emails stating that their resources were being used in DDoS attacks and they could face legal consequences.
Video messaging technology giant Zoom has shipped patches for high-severity vulnerabilities that expose enterprise users to remote code execution and command injection attacks.
A free, unofficial patch is available for a zero-day local privilege escalation vulnerability in the Windows User Profile Service that lets attackers gain SYSTEM privileges under certain conditions.
QAKBOT is a prevalent information-stealing malware that was first discovered in 2007. In recent years, its detection has become a precursor to many critical and widespread ransomware attacks.
Ubuntu Security Notice 5145-1 - Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established.
This Metasploit module exploits local file inclusion and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive/Extreme Networks HiveOS administrative webinterface. show more ...
Red Hat Security Advisory 2021-4531-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as the initial Windows release of OpenJDK 17. For further information, refer to the release notes linked to in the References section.
WordPress AccessPress Social Icons plugin version 1.8.2 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2021-4532-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as the initial portable Linux release of OpenJDK 17. For further information, refer to the release notes linked to in the References section.
Xlight FTP version 3.9.3.1 suffers from a buffer overflow vulnerability.
Ubuntu Security Notice 5144-1 - It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
WordPress WP Symposium Pro version 2021.10 suffers from a persistent cross site scripting vulnerability.
Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). De4dCr0w of 360 Alpha Lab show more ...
Microsoft MultiPoint Server 2011 version 6.1 Compilation 7601 Service Pack 1 suffers from an RpcEptMapper and Dnschade local privilege escalation vulnerability.
Red Hat Security Advisory 2021-4618-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private show more ...
Mumara Classic versions 2.93 and below suffer from a remote SQL injection vulnerability.
Red Hat Security Advisory 2021-4621-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Researchers from Qihoo 360's Netlab security team have released details of a new evolving botnet called "Abcbot" that has been observed in the wild with worm-like propagation features to infect Linux systems and launch distributed denial-of-service (DDoS) attacks against targets. While the earliest version of the botnet dates back to July 2021, new variants observed as recently as October 30
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat actor to be a
Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy an array of threats, including banking malware, remote administration trojans (RATs), and ransomware payloads. Microsoft 365 Defender Threat Intelligence Team, in a new report published Thursday, disclosed that it identified infiltrations distributing the
Scammers can lock Instagram accounts through the use of fake obituaries. One victim? Instagram's boss. Read more in my article on the Hot for Security blog.
