Most online services have a built-in security system that alerts you when it detects unusual activity on your account. For example, services send notifications about attempts to reset the phone number and e-mail address linked to the account, or the password. Of course, as soon as such messages became commonplace, show more ...
Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they will not pursue charges following revelations that the data show more ...
The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs the agency’s show more ...
Cybercriminals can identify vulnerable subdomains by continually claiming dangling elastic IPs until they find an IP associated with the subdomain of a targeted organization.
It may be a challenge for businesses to work out what the most important areas are in terms of cybersecurity investment, but a new computational model could take out some of the guesswork.
With an intention to steal personal details and cause further damages, spammers and phishers are duping working professionals with a variety of job lures that are distributed via email, SMS, or instant message.
Vulnerable internet-facing Microsoft SQL (MS SQL) Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts.
The firm, which is the largest distributor of cookware in the US, revealed the incident in a notification letter to employees posted to the website of the California attorney general’s office.
The scramble comes after Biden administration officials announced that they believed Russian-backed bad actors had targeted Ukraine banks, as well as the Ukraine Ministry of Defense.
Identity management solutions provider Beyond Identity announced raising $100 million in an oversubscribed Series C funding round that brings the total raised by the company to $205 million.
CryptBot is a Windows malware that steals information from infected devices, including saved browser credentials, cookies, browser history, cryptocurrency wallets, credit cards, and files.
The attacks are believed to have started at the end of November 2021 and were still taking place this month, according to a report shared with The Record today by Taiwanese security firm CyCraft.
In 2021, Kaspersky researchers observed a downtrend in the number of attacks on mobile users. But attacks are becoming more sophisticated in terms of both malware functionality and vectors.
The root cause of the flaw was a missing logic validation check in a Retail Brokerage API endpoint, which allowed a user to submit trades to a specific order book using a mismatched source account.
In this revised type of sextortion scam, the crooks typically add some widely-known data from an earlier data breach into the email to leverage the familiarity with the related brand.
More than nine in ten (91%) UK organizations were successfully compromised by an email phishing attack last year, according to Proofpoint’s 2022 State of the Phish report.
According to a Mobile Mentor study, 36 percent of employees admit to finding ways to work around security policies, and 72 percent value their personal privacy over company security.
The Ukrainian Cyberpolice has arrested a group of phishing actors who managed to steal payment card data from at least 70,000 people after luring them to fake mobile service top-up sites.
An Amazon S3 bucket owned by the company was left accessible without authentication controls in place, exposing sensitive and personal data for potentially hundreds of thousands of customers.
The information publicly available on the attack suggests the company was the victim of a ransomware attack and was forced to shut down its network to avoid the threat from spreading.
Card skimming has been around for a long time and is undergoing a renaissance as financial fraudsters are recognizing new opportunities to combine physical world data theft with online intrusions.
The message displayed by the DeadBolt ransomware claims that victims were targeted simply because they were using Asustor NAS devices, and put the blame on the vendor's "inadequate security."
The Nashville, TN-based enterprise IoT security firm Phosphorus Cybersecurity has raised $38 million in its Series A funding round led by SYN Ventures and MassMutual Ventures.
A group of cybersecurity researchers examined the source code of Extensis Portfolio version 3.6.3 and found a total of five vulnerabilities that required immediate attention.
ICL ScadaFlex II SCADA Controllers SC-1/SC-2 version 1.03.07 is vulnerable to unauthenticated file write/overwrite and deletion. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability.
Red Hat Security Advisory 2022-0592-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 5299-1 - Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. It was discovered that the bluetooth show more ...
Backdoor.Win32.Dsocks.10 malware suffers from a hardcoded cleartext password vulnerability.
Ubuntu Security Notice 5298-1 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. J
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
Red Hat Security Advisory 2022-0590-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Agirhnet version 1.0 suffers from a cross site scripting vulnerability.
Ubuntu Security Notice 5294-2 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Szymon Heidrich discovered that the USB Gadget subsystem in the show more ...
Backdoor.Win32.Agent.baol malware suffers from an insecure permissions vulnerability.
Red Hat Security Advisory 2022-0589-01 - This release of Red Hat build of Quarkus 2.2.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution and deserialization vulnerabilities.
Ubuntu Security Notice 5297-1 - Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service or possibly show more ...
WordPress 99robots Header Footer Code Manager plugin versions 1.1.16 and below suffer from a cross site scripting vulnerability.
Ubuntu Security Notice 5295-2 - It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered a race condition in the Unix domain socket show more ...
Red Hat Security Advisory 2022-0587-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.
Ubuntu Security Notice 5288-1 - It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
Air Cargo Management System version 1.0 suffers from a remote SQL injection vulnerability.
Red Hat Security Advisory 2022-0585-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.
Ubuntu Security Notice 5293-1 - Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application's XML configuration file could cause a denial of service.
Trojan.Win32.Cosmu.abix malware suffers from an insecure permissions vulnerability.
Vulnerable internet-facing Microsoft SQL (MS SQL) Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not been patched, brute forcing, and dictionary attack against poorly managed servers," South Korean
An advanced persistent threat (APT) group operating with objectives aligned with the Chinese government has been linked to an organized supply chain attack on Taiwan's financial sector. The attacks are said to have first commenced at the end of November 2021, with the intrusions attributed to a threat actor tracked as APT10, also known as Stone Panda, the MenuPass group, and Bronze Riverside,
Malicious actors took advantage of a smart contract upgrade process in the OpenSea NFT marketplace to carry out a phishing attack against 17 of its users that resulted in the theft of virtual assets worth about $1.7 million. NFTs, short for non-fungible tokens, are digital tokens that act like certificates of authenticity for, and in some cases represent ownership of, assets that range from
Owners of Asustor NAS drives have woken up to discover that data they believed was safe and sound on their network storage devices has instead been encrypted by ransomware, and that cybercriminals are demanding over $1000. Read more in my article on the Hot for Security blog.
