To kick off the latest edition of the Kaspersky Transatlantic Cable podcast, Ahmed and I ask Dave the status of his Covid-19 NFT. Unfortunately, he was too busy recovering from the actual virus to create his own NFT. However, we stay on the topic of NFTs for a pair of articles. The first is with our friends on Twitter show more ...
Let's Encrypt will begin revoking certain SSL/TLS certificates issued within last 90 days due to a bug, starting January 28, 2022. The move could impact millions of active Let's Encrypt certificates.
There are five denial-of-service vulnerabilities that could allow an adversary to make the web service unresponsive and restart the device if they send specific network requests to the target.
Digital identification is the focus of two reports by the European Union Agency for Cybersecurity (ENISA): an analysis of self-sovereign identity (SSI) and a study of major face presentation attacks.
A large-scale cyberattack campaign involving over 800 compromised WordPress websites is spreading banking trojans that target the credentials of Brazilian e-banking users.
Cynerio found that security threats related to IoT and related devices within healthcare environments have remained sorely under-addressed, despite increased investments in healthcare cybersecurity.
The rollout of a new NFT collection was clouded by scammers who used an abandoned vanity Discord URL to drain users’ crypto wallets out of at least $150,000 worth of Ethereum.
The Telecommunications Industry Association (TIA) released a supply chain security standard, SCS 9001, developed specifically for the information and communications technology (ICT) industry.
Tracked as CVE-2022-22587, it is a memory corruption issue in the IOMobileFrameBuffer component that could be abused by a malicious application to execute arbitrary code with kernel privileges.
The Nobel Foundation and the Norwegian Nobel Institute have disclosed a cyberattack that aimed to disrupt the institution's website during the award ceremony on December 10, 2021.
In response to rising software supply chain concerns, 54% of respondents are making security of the software supply chain a significant or top focus in 2022, according to a report by Anchore.
The attack by Konni usually starts leveraging a malicious Office document. When this document is opened by the victim, a multistage attack is started, involving various steps.
With consumers continuing to take a digital-first approach to everything from shopping, dating and investing, fraudsters are finding new and innovative ways to commit fraud.
Called ‘Dark Herring’, the operation used 470 Google Play Store apps and affected over 100 million users worldwide, potentially causing hundreds of millions of USD in total losses.
Puerto Rico’s Senate announced that it was the target of a cyberattack that disabled its internet provider, phone system, and online page, the latest in a string of similar incidents in recent years.
Microsoft says its Azure DDoS protection platform mitigated a massive 3.47 terabits per second (Tbps) distributed denial of service (DDoS) attack targeting an Azure customer from Asia in November.
On the heels of the first close of its maiden fund at over $35 million, Worklyn’s investment will enable Quadrant to scale its proprietary technology platform and accelerate faster growth.
A new strategy wants the US government to adopt a "zero trust" security model within the next two years to defend against current threats and boost cybersecurity defenses across federal agencies.
With only 2,891 lines of code, BotenaGo has the potential to be the starting point for many new variants and new malware families using its source code like in the case of Mirai.
A new multi-phase phishing campaign first enrolls an attacker's BYOD device on a corporate network and then begins sending thousands of convincing phishing emails to further targets.
Tracked as CVE-2021-44228, the flaw was identified in December 2021 in the Apache Log4j logging utility, and has since been exploited in attacks by both cybercriminals and state-sponsored actors.
U.K. local authorities are to receive more than $50 million from the government to boost cyber resilience in essential public services and data in sectors such as housing benefits,
Just two weeks after reaching the official end of life, something broke spectacularly, leaving CentOS 8 users at major risk of a severe attack – and with no support from CentOS.
The REvil ransomware cooperative’s activity has not slowed down following Russia’s recent move to arrest several alleged members of the group, according to threat intelligence company ReversingLabs.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged show more ...
Ubuntu Security Notice 5247-1 - It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 21.10. It was discovered show more ...
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
Gentoo Linux Security Advisory 202201-1 - A vulnerability in polkit could lead to local root privilege escalation. Versions less than 0.120-r2 are affected.
SAP Enterprise Portal with ENGINEAPI versions 7.10, 7.30, 7.31, 7.40, and 7.50 suffers from an XSLT injection vulnerability.
Red Hat Security Advisory 2022-0181-05 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. Issues addressed include a code execution vulnerability.
SAP CommonCryptoLib suffers from a null pointer dereference vulnerability. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error causing the system to crash and remain unavailable.
SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from an open redirection vulnerability.
Red Hat Security Advisory 2022-0303-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.
WordPress RegistrationMagic V plugin versions 5.0.1.5 and below suffer from a remote SQL injection vulnerability.
Red Hat Security Advisory 2022-0288-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2022-0289-04 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value show more ...
SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a iviewCatcherEditor server-side request forgery vulnerability.
WordPress Modern Events Calendar plugin versions 6.1 and below suffer from an unauthenticated remote SQL injection vulnerability.
Red Hat Security Advisory 2022-0291-04 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value show more ...
SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from a RunContentCreation cross site scripting vulnerability.
PolicyKit-1 version 0.105-31 pkexec local privilege escalation exploit.
Red Hat Security Advisory 2022-0294-04 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value show more ...
SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a NavigationReporter cross site scripting vulnerability.
Oracle WebLogic Server suffers from a local file inclusion vulnerability. Versions affected include 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.
Red Hat Security Advisory 2022-0290-06 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value show more ...
WordPress Mortgage Calculators WP plugin version 1.52 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2022-0296-03 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This show more ...
Red Hat Security Advisory 2022-0297-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that show more ...
A new, sophisticated phishing attack has been observed delivering the AsyncRAT trojan as part of a malware campaign that's believed to have commenced in September 2021. "Through a simple email phishing tactic with an html attachment, threat attackers are delivering AsyncRAT (a remote access trojan) designed to remotely monitor and control its infected computers through a secure, encrypted
Apple on Wednesday released iOS 15.3 and macOS Monterey 12.2 with a fix for the privacy-defeating bug in Safari, as well as to contain a zero-day flaw, which it said has been exploited in the wild to break into its devices. Tracked as CVE-2022-22587, the vulnerability relates to a memory corruption issue in the IOMobileFrameBuffer component that could be abused by a malicious application to
Researchers from the Bitdefender Mobile Threats team said they have intercepted more than 100,000 malicious SMS messages attempting to distribute Flubot malware since the beginning of December. "Findings indicate attackers are modifying their subject lines and using older yet proven scams to entice users to click," the Romanian cybersecurity firm detailed in a report published Wednesday. "
There are three things you can be sure of in life: death, taxes – and new CVEs. For organizations that rely on CentOS 8, the inevitable has now happened, and it didn’t take long. Just two weeks after reaching the official end of life, something broke spectacularly, leaving CentOS 8 users at major risk of a severe attack – and with no support from CentOS. You’d think that this issue no longer
A financially-motivated malware campaign has compromised over 800 WordPress websites to deliver a banking trojan dubbed Chaes targeting Brazilian customers of Banco do Brasil, Loja Integrada, Mercado Bitcoin, Mercado Livre, and Mercado Pago. First documented by Cybereason in November 2020, the info-stealing malware is delivered via a sophisticated infection chain that's engineered to harvest
Wordle - good or bad for the world? Whatever your opinion, at least someone wants to spoil players' fun. Meanwhile, we take a look at the threat mobile phones can pose to your mental health. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Apple has released urgent security updates for its customers, following the discovery of zero-day vulnerabilities that can be used to hack into iPhones, iPads, and Macs.
An independent researcher has received a $100,500 bug bounty from Apple after discovering a security hole in the company's Safari browser for macOS that could allow a malicious website to hijack accounts and seize control of users' webcams. Read more in my article on the Hot for Security blog.
A Canadian man has been handed a three year prison sentence after being found guilty of buying and selling over 1700 stolen identies on a dark web marketplace, and collaborating with the notorious Dark Overlord extortion gang. Read more in my article on the Tripwire State of Security blog.
Graham Cluley Security News is sponsored this week by the folks at HYPR. Thanks to the great team there for their support! The analysts at The Cyber Hut have produced a new guide that explains how Zero Trust can increase business agility, and provides practical guidance for eliminating passwords to accelerate your show more ...
