Most of you have probably heard of the non-biscuit variety of cookies, but might not be sure what theyre for or what to do with them. We have already discussed web cookies: how they impact your privacy and how to manage them in the website settings. This article however, guides you down a less rocky road of setting up show more ...
The ESRB proposed a new cyber incident coordination framework that would allow EU authorities to coordinate better when responding to major cross-border cyber incidents impacting the financial sector.
American citizens are increasingly targeted by scammers on social media, according to tens of thousands of reports received by the US Federal Trade Commission (FTC) in 2021.
The U.S. Federal Communications Commission (FCC) on Thursday voted to revoke the authorization for China Unicom's U.S. unit to operate in the United States, citing national security concerns.
Using this flaw, threat actors with limited access to a compromised device can elevate their privileges to spread laterally within the network, create new admin users, or run privileged commands.
Approximately 68,000 individuals who’ve received services from Advocates are being notified that their personal and protected health information was stolen during a four-day hack in September 2021.
A team of researchers from French, Israeli, and Australian universities has explored the possibility of using people's GPUs to create unique fingerprints and use them for persistent web tracking.
The exploit acquisition firm Zerodium this week showed increased interest in buying zero-day exploits targeting the popular email clients Microsoft Outlook and Mozilla Thunderbird.
According to Swiss Post, it has already received 122 vulnerability reports as of January 20, 2022, including four issues that have been assigned a “high severity” rating.
Researchers have found instances of publicly exposed DCIM software that monitor devices, HVAC control systems, and power distribution units, which could be used for a range of catastrophic attacks.
The server contained 3TB ata dating back to 2018, including airport employee records. While the team was not able to examine every record in the database, four airports were named in exposed files:
New research from Expel found that most ransomware attacks in 2021 were self-installed. Eight out of ten infections occurred after victims unwittingly opened a zipped file containing malicious code.
ZTF researchers say the penetration test revealed the compromise of confidential, centrally stored data through “an obvious deficiency”, an insecure direct object reference (IDOR) vulnerability.
A series of security vulnerabilities in 42Gears’ SureMDM device management products could have resulted in a supply chain compromise against any organization using the platform.
This campaign utilizes malicious PDFs, XLS files and Windows executables to deploy malicious PowerShell-based downloaders acting as initial footholds into the target's enterprise.
The TrickBot gang has advanced its techniques to slip past security controls by adding multiple layers of defense. This enables it to launch Man-in-the-Browser attacks against banking users to steal their credentials and browser cookies. It is critical for organizations and researchers to continuously update their strategy and put in regular efforts to withstand such threats.
The new version uses a combination of AES and ECC algorithms for encryption. It includes commands for encrypting VM images on ESXi servers. However, the ransom note is similar to the ones associated with LockBit.
GitHub has promised to stop sending out security advisories about a vulnerability reported in Loguru, a popular Python logging package, which later turned out to be invalid.
A new malware dubbed DazzleSpy surfaced during the investigation of a watering hole attack targeting Windows and Android users. ESET researchers found that the attack also targeted macOS users and visitors of a pro-democracy radio station website in Hong Kong. To stay protected, deploy the right anti-malware solutions while ensuring a proper patch management program.
BlackBerry researchers have discovered the relationship between the Prometheus Traffic Direction System and a leaked Cobalt Strike SSL key pair, as well as with various malware families. In the last two years, multiple threat actors and ransomware groups such as FIN7, FickerStealer, Qakbot, DarkCrystal RAT, IceID, BlackMatter, Ryuk, Cerber, and REvil have used it.
A malicious campaign known as 'Eternal Silence' is abusing UPnP to turn your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors.
These vulnerabilities could be triggered if an attacker tricks a user into opening a specially crafted, malicious PDF file, or open the file in a browser that has a PDF reader plugin installed.
Moxa TN-5900 versions 3.1 and below suffer from an issue where a user who has authenticated to the management web application is able to leverage a command injection vulnerability in the p12 processing code of the certificate management function web_CERMGMTUpload.
Moxa TN-5900 versions 3.1.0 and below use an insecure method to validate firmware updates. A malicious user with access to the management interface can upload arbitrary code in a crafted
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images).
Ubuntu Security Notice 5257-1 - It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
Red Hat Security Advisory 2022-0323-02 - nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Gentoo Linux Security Advisory 202201-2 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 97.0.4692.99 are affected.
Backdoor.Win32.Tiny.c malware suffers from a code execution vulnerability.
HackTool.Win32.Muzzer.a malware suffers from a buffer overflow vulnerability.
Apple Security Advisory 2022-01-26-7 - Safari 15.3 addresses code execution and use-after-free vulnerabilities.
Apple Security Advisory 2022-01-26-6 - watchOS 8.4 addresses buffer overflow, code execution, path sanitization, and use-after-free vulnerabilities.
Apple Security Advisory 2022-01-26-5 - tvOS 15.3 addresses buffer overflow, code execution, information leakage, path sanitization, and use-after-free vulnerabilities.
Apple Security Advisory 2022-01-26-4 - Security Update 2022-001 Catalina addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.
Apple Security Advisory 2022-01-26-3 - macOS Big Sur 11.6.3 addresses buffer overflow, bypass, code execution, information leakage, and path sanitization vulnerabilities.
Apple Security Advisory 2022-01-26-2 - macOS Monterey 12.2 addresses buffer overflow, code execution, information leakage, out of bounds write, path sanitization, and use-after-free vulnerabilities.
Apple Security Advisory 2022-01-26-1 - iOS 15.3 and iPadOS 15.3 addresses buffer overflow, code execution, information leakage, path sanitization, and use-after-free vulnerabilities.
Foxit PhantomPDF versions prior to 10.1.5 suffered from an arbitrary file write vulnerability.
A group of academics at South Korea's Gwangju Institute of Science and Technology (GIST) have utilized natural silk fibers from domesticated silkworms to build an environmentally friendly digital security system that they say is "practically unbreachable." "The first natural physical unclonable function (PUF) […] takes advantage of the diffraction of light through natural microholes in native
Apple last year fixed a new set of macOS vulnerabilities that exposed Safari browser to attack, potentially allowing malicious actors to access users' online accounts, microphone, and webcam. Security researcher Ryan Pickren, who discovered and reported the bugs to the iPhone maker, was compensated with a $100,500 bug bounty, underscoring the severity of the issues. By exploiting a chain of
An Israeli national was sentenced to 97 months in prison in connection with operating the DeepDotWeb (DDW) clearnet website, nearly a year after the individual pleaded guilty to the charges. Tal Prihar, 37, an Israeli citizen residing in Brazil, is said to have played the role of an administrator of DDW since the website became functional in October 2013. He pleaded guilty to money laundering
A regional court in the German city of Munich has ordered a website operator to pay €100 in damages for transferring a user's personal data — i.e., IP address — to Google via the search giant's Fonts library without the individual's consent. The unauthorized disclosure of the plaintiff's IP show more ...
Researchers have demonstrated a new type of fingerprinting technique that exploits a machine's graphics processing unit (GPU) as a means to track users across the web persistently. Dubbed DrawnApart, the method "identifies a device from the unique properties of its GPU stack," researchers from Australia, France, and Israel said in a new paper," adding " variations in speed among the multiple
Facebook users are being warned of a phishing campaign that tries to break into accounts, disguised as a Facebook Messenger chat from a friend. Read more in my article on the Hot for Security blog.
Qubit, a decentralized finance (DeFi) platform, has publicly offered $2,000,000 to a hacker who stole $80 million worth of cryptocurrency from it last week. Read more in my article on the Hot for Security blog.
