The gaming community is discussing a recent vulnerability in the Dark Souls III videogame. This RCE vulnerability allows attackers to remotely execute arbitrary code on a victims computer. Apparently, the vulnerability also affects earlier games in the Dark Soul series: because of this the developers have taken the show more ...
Earth Lusca, allegedly linked with the Chinese Winnti group, was observed targeting high-profile organizations and individuals in a coordinated espionage campaign. The group also staged financially motivated attacks against gambling entities in China and different cryptocurrency platforms as well. The best defense show more ...
Researchers laid bare a massive phishing campaign targeting over fifteen renewable energy and industrial technology firms to steal the login credentials of people. The researcher has not linked this campaign to any particular actors, however, the evidence points to two clusters of activity, one is from APT28 and show more ...
Organizations are strongly advised to employ monitoring services that rapidly detect, investigate, and take down scams impersonating authentic brand websites, mobile apps, and social media profiles.
The Omicron variant of COVID-19 has contributed to a 521 percent rise in COVID test-related scam emails between October 2021 and January 2022, according to Barracuda Networks.
All of the credentials being sold by Accountz provide access to services that in turn sell access to stolen information or hijacked property, like “bot shops” that resell access to infected computers.
The vulnerabilities can cause the termination of the Traffic Management Microkernel, can lead to an increase in memory resource utilization, freezing virtual servers, or executing JavaScript code.
A security hole in Box, the cloud-based file-sharing service, paved the way for hackers to take over control for user devices using an SMS text code for log-in verification. The authentication can be completed using the time-based OTP linked with their own Box account. Researchers recommend limiting the access and monitoring of data for better protection.
Trend Micro experts surmised a connection between the FIN8 APT group and a new ransomware strain called White Rabbit, which was spotted targeting a local U.S. bank last month. Hackers threaten to send the stolen data to data protection authorities if a ransom demand isn’t met, which may result in imposed penalties show more ...
The volume of publicly reported data compromises in the US soared 68% year-on-year to a record high of 1862, according to new data from the Identity Theft Resource Center (ITRC).
An Australian member of parliament has accused the Chinese government of foreign interference after Prime Minister Scott Morrison's account on WeChat was hijacked recently.
A new .NET malware packer being used to deliver a variety of remote access trojans (RATs) and infostealers has a fixed password named after Donald Trump, giving the new find its name, “DTPacker.”
The most significant factor behind this is ransomware and the lengthy disruption that encrypting attacks and the theft of data can have to compromised school networks, employees, and students.
Researchers from Octagon Networks disclosed details of two critical security flaws in Control Web Panel that potentially expose Linux servers to remote code execution attacks.
Check Point Research says that scammers are now turning their attention to smart contracts, with misconfigurations utilized to launch new crypto tokens -- before an inevitable "rug pull" takes place.
The flaw, which is tracked as CVE-2022-21658 (CVSS score: 7.3), has been credited to security researcher Hans Kratz, with the team pushing out a fix in Rust version 1.58.1 shipped last week.
The malware used to strike Ukrainian government websites has similarities to the NotPetya wiper but has more capabilities "designed to inflict additional damage," researchers say.
Memorial Health System was hit with ransomware in the early hours of August 15, 2021. The incident forced the health system to suspend user access to all IT applications related to its operations.
With the addition of these 17 vulnerabilities, the catalog now contains a total of 341 vulnerabilities and includes the date by which agencies must apply security updates to resolve the bug.
Bandai Namco has deactivated the online PvP mode for the Dark Souls role-playing game, taking its servers offline to investigate reports about a severe security issue that may pose a risk to players.
That setting, released as an optional configuration in the Excel Trust Center setting in July, is now the default when opening Excel 4.0 macros (XLM), Microsoft said in a blog post.
Typically, the Earth Karkaddan hacker group's arrival methods include the use of spear-phishing emails and a USB worm that would then drop and execute a remote access trojan (RAT).
Researchers have uncovered details about a new malicious IRC bot, programmed in Golang, that is being used to launch DDoS attacks against Korean users. Attackers are distributing the malware via file-sharing websites such as Korean WebHards. It is recommended to stay alert when downloading files from a file-sharing website and use official sources for download.
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
The Ubiquiti UniFi Network Application versions 5.13.29 through 6.5.53 are affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server via the remember field of a POST request to the /api/login endpoint that will cause the server to connect to the attacker and deserialize a malicious Java show more ...
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
The XNU kernel suffers from a use-after-free vulnerability in mach_msg.
Whitepaper that gives exploitation and overview details on the Log4j vulnerability as noted in CVE-2021-44228.
Ubuntu Security Notice 5243-2 - USN-5243-1 fixed a vulnerability in aide. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. David Bouman discovered that AIDE incorrectly handled base64 operations. A local attacker could use this issue to cause AIDE to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2022-0204-04 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-0232-02 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-0211-04 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-0185-03 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-0233-02 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-0209-02 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
Red Hat Security Advisory 2022-0231-03 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include heap overflow and privilege escalation vulnerabilities.
Ubuntu Security Notice 5244-1 - Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.
Red Hat Security Advisory 2022-0230-03 - OpenShift Logging Bug Fix Release. Issues addressed include code execution and denial of service vulnerabilities.
Ubuntu Security Notice 5248-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted show more ...
Social engineering campaigns involving the deployment of the Emotet malware botnet have been observed using "unconventional" IP address formats for the first time in a bid to sidestep detection by security solutions. This involves the use of hexadecimal and octal representations of the IP address that, when processed by the underlying operating systems, get automatically converted "to the dotted
The maintainers of the Rust programming language have released a security update for a high-severity vulnerability that could be abused by a malicious party to purge files and directories from a vulnerable system in an unauthorized manner. "An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete,
I recently hopped on the Lookout podcast to talk about virtual private networks (VPNs) and how they've been extended beyond their original use case of connecting remote laptops to your corporate network. Even in this new world where people are using personal devices and cloud apps, VPN continues to be the go-to solution for remote access and cloud access. After my conversation with Hank Schless,
Misconfigurations in smart contracts are being exploited by scammers to create malicious cryptocurrency tokens with the goal of stealing funds from unsuspecting users. The instances of token fraud in the wild include hiding 99% fee functions and concealing backdoor routines, researchers from Check Point said in a report shared with The Hacker News. Smart contracts are programs stored on the
