Our experts have been studying a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance, and blockchain technology. The attackers are interested in fintech in general, and the campaign, named SnatchCrypto, is related to the BlueNoroff APT group, a known entity show more ...
Zoho has fixed the security flaw tracked as CVE-2021-44757 today and is now providing mitigation with the latest released Desktop Central and Desktop Central MSP versions (build Build: 10.1.2137.9).
Healthcare providers Caring Communities and Entira Family Clinics are warning patients whose personal information may have been exposed in a data breach that hit tech vendor Netgain Technology.
Over the past two years, many public sector organizations were prompted by the immediate need to deploy digital infrastructure to maintain the continuity of their services amid the COVID-19 pandemic.
A VPN service used by criminals to distribute ransomware, malware and facilitate other forms of cybercrime has been taken offline following a coordinated international operation by police.
The updated standard helps payment card vendors secure the components and sensitive data involved in the production of payment cards, protecting against fraud via the compromise of card materials.
Fraudsters are masquerading as genuine customers and setting up fake accounts when they make their first purchase, paying one installment, then closing the account once they have received their goods.
The company did not provide details about the attack, or the exact amount of stolen funds from the compromised wallets. It is not clear how the attackers were able to bypass two-factor authentication.
The WhisperGate malware, which has the ability to permanently destroy systems and all data stored on them, is being used against dozens of government, nonprofit, and IT organizations based in Ukraine.
According to its pre-release announcement, the company has lined up 483 new patches for the first Critical Patch Update (CPU) of 2022, which is scheduled for Tuesday, January 18.
One of the most notable aspects of White Rabbit is how its payload binary requires a specific command-line password to decrypt its internal configuration and proceed with its ransomware routine.
Data Protection Commissioner Ian Deguara issued the administrative penalty against C-Planet It Solutions Limited which was hired by the Labour Party to manage a dataset of some 337,384 Maltese voters.
Major industrial control system (ICS) vendors and other types of organizations have been targeted in a cyberespionage campaign that appears to focus on the renewable energy industry.
The UK's NCA said data from its National Cyber Crime Unit (NCCU) reveals a 107% increase in reports from the police cyber prevent network of students deploying DDoS attacks from 2019 to 2020.
Illuminate Education, a digital education platform used by dozens of New York City schools is still struggling to get systems back up and running after reporting a days-long outage.
Fortinet discovered a new RedLine info-stealer campaign impersonating the COVID-19 Omicron stat counter app as a lure to steal data. The victims of the attack campaign are reportedly distributed across 12 countries. Security teams are advised to deploy a reliable anti-malware solution, encrypt important data, and use a network firewall, to say the least, to stay protected.
A relatively inactive TellYouThePass ransomware has re-emerged as a Golang-compiled malware, making it easier for threat actors to target a wide range of operating systems, including macOS and Linux. Hackers demand 0.05 Bitcoin, presently converting to around $2,150, for the decryption tool. TellYouThePass is financially motivated ransomware that was first seen in 2019.
The attacks started on January 13 - around the same time when more than 70 government websites were defaced by gangs reportedly linked to Russian secret services.
Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification.
MuddyWater, aka Seedworm, is an Iranian cyberespionage threat actor that primarily targets the UAE, Saudi Arabia, Israel, Iraq, and other Middle Eastern nations, as well as some European and North American countries.
The company addressed the data breach on its portal and sought to assure its customers that no sensitive information was compromised. On Monday, it was reported that the company's database was hacked.
Researchers at F5 Networks observed a new smishing campaign by the FluBot malware operators, camouflaged as Flash Player, to target Android users. The FluBot version 5.2 comes with important improvements including the implementation of a new command to change the domain generation algorithms seed remotely. Security analysts are urged to keep a close watch on this threat.
The products affected by the vulnerability include MorphoWave Compact MD/MDPI/MDPI-M, VisionPass MD/MDPI/MDPI-M, all variants of SIGMA Lite/Lite+/Wide, SIGMA Extreme, and MA VP MD.
Red Hat Security Advisory 2022-0157-03 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2022-0158-02 - Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Issues addressed include a code execution vulnerability.
Archeevo version 5.0 suffers from a local file inclusion vulnerability.
Landa Driving School Management System version 2.0.1 suffers from an arbitrary file upload vulnerability.
Ubuntu Security Notice 5233-1 - It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
Online Resort Management System version 1.0 suffer from remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to nu11secur1ty on January 10, 2022.
Red Hat Security Advisory 2022-0151-03 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.1 on RHEL 7 serves as a replacement for Red show more ...
Red Hat Security Advisory 2022-0152-03 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.1 on RHEL 8 serves as a replacement for Red show more ...
Simple Chatbot Application version 1.0 suffers from a remote shell upload vulnerability.
Simple Chatbot Application version 1.0 suffers from a remote blind SQL injection vulnerability.
Red Hat Security Advisory 2022-0155-03 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.1 serves as a replacement for Red Hat show more ...
Nyron version 1.0 suffers from a remote SQL injection vulnerability.
Red Hat Security Advisory 2022-0146-03 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP2 code base. Issues addressed include an information leakage vulnerability.
An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. "The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations in Hong Kong,
Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that "may allow an attacker to read unauthorized data or write an arbitrary zip
Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification. "Using this technique, an attacker could use stolen credentials to compromise an organization's Box account and exfiltrate sensitive data without access to the victim's phone," Varonis researchers said
VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation. Europol said it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 and rendering it inoperable as part of a disruptive action that took place across Germany, the
Providing public Wi-Fi is a great service to offer your customers as it becomes more and more standard in today's society. I like the fact that I do not have to worry about accessing the Internet while I am away, or spending a lot of money on an international connection, or just staying offline while I am away. With public Wi-Fi, modern life has become a constant connection to the Internet,
