Episode 240 of the Transatlantic Cable crash lands with 3 stories on NFTs. The first looks at a recent attack on NFT site OpenSea, which was the target of a phishing scam – the total damage is reported to be close to $2 million. The second story is around the EU and its drive to de-anominise crypto payments. The show more ...
In this Expert Insight, Jack Naglieri, the CEO of Panther, writes about how today’s cloud-centric and data-driven environments make the SIEM technologies of the past inadequate and demand new approaches to security monitoring. The post Why Security Practitioners Are Unhappy With Their Current SIEM appeared first show more ...
Darktrace has agreed to purchase attack surface management vendor Cybersprint for $53.7 million to give customers insights that help eliminate blind spots and detect risks.
Five years ago, Intel launched a dedicated hardware hacking group known as Intel Security Threat Analysis and Reverse Engineering (iSTARE) to analyze and attack Intel's future generations of chips.
According to ESET, the victim pool in Ukraine numbers at least in the hundreds. Symantec saw the wiper in Ukraine, Lithuania, and Latvia, with attacks on financial firms and government contractors.
The support is apparently being provided via the EU’s Cyber Rapid Response Teams (CRRTs) – a project supported by the governments of Croatia, Estonia, Lithuania, the Netherlands, Poland, and Romania.
Attackers have been found actively scanning ports for vulnerable MS-SQL servers in an attempt to deploy Cobalt Strike Beacon. These vulnerable servers are exploited through brute force and dictionary attacks. After gaining access to the admin account and logging into the server, the attackers drop coinminers such as Lemon Duck, KingMiner, and Vollgar. Stay updated with patches, it’s the best defense!
The Shadowserver Foundation this week announced that it has started conducting daily internet scans in an effort to identify exposed ICS and help organizations reduce their exposure to attacks.
Microsoft recently warned about a new class of threats, named ice phishing, which involves luring a user into signing an agreement that assigns the user’s tokens to the bad actor. It completely ignores private keys.
The U.S. Federal Trade Commission said that Americans reported losses of more than $5.8 billion to fraud during last year, a massive total increase of over 70% compared to the losses reported in 2020.
While there was a downward trend in the overall mobile malware attack last year, Kaspersky researchers also discovered almost 100,000 new variants of mobile banking trojans in just a year.
The sites of Ukrainian agencies (including the Ministries of Foreign Affairs, Defense, and Internal Affairs, the Security Service, and the Cabinet of Ministers), and two banks are again targeted.
As organizations tackle their migrations to the cloud, IT professionals believe that cyber threats aimed at the cloud represent the biggest obstacle to continued adoption.
Cisco Talos recently discovered multiple vulnerabilities in Accusoft ImageGear. It is a document-imaging developer toolkit that allows users to create, edit, annotate, and convert various images.
The self-propagating ransomware cryptoworm that’s been parasitizing victims since 2017 was the topmost detected ransomware family by far in January 2022, researchers found.
The MDR provider eSentire raised US$325M in private equity funding. The round was led by Georgian, with participation from Caisse de dépot et placement du Québec (CDPQ) and Warburg Pincus.
A Crowdstrike report looking into access brokers' advertisements since 2019 has identified a preference in academic, government, and technology entities based in the United States.
A group of nonprofits is forming a large coalition that will combine and align their collective cybersecurity research, tools, and resources to help protect vulnerable organizations from cyberattacks.
Cloudflare announced that it is acquiring Area 1 Security for approximately $162 million. Area 1 Security has a cloud-native platform built to work alongside email programs to stop phishing attacks.
The new funding round was led by Red Dot Capital Partners and received participation from Aleph, Glilot Capital Partners, Shasta Ventures, and Vintage Investment Partners.
TrickBot, the infamous Windows crimeware-as-a-service solution that's used by a variety of threat actors to deliver next-stage payloads like ransomware, appears to be undergoing a transition of sorts.
The recent DDoS attacks in Ukraine were significant, but nowhere near the scale of the massive Russian cyberattacks U.S. officials fear could stop communications and shut down critical infrastructure.
The NIST released the final version of the Securing Telehealth Remote Patient Monitoring Ecosystem guidance, to support provider organizations with securing telehealth and remote patient monitoring.
The Cyber Explorers program aims to educate 30,000 11 to 14-year-olds on a range of cybersecurity concepts, such as open-source intelligence, digital forensics and social engineering.
An ongoing large-scale phishing campaign is targeting customers of Citibank, requesting recipients to disclose sensitive personal details to lift alleged bank account holds.
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network show more ...
Ubuntu Security Notice 5292-4 - USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break the fish shell. This update fixes the problem. James Troup discovered that snap did not properly manage the permissions for the snap directories. A local attacker could possibly show more ...
Red Hat Security Advisory 2022-0663-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2022-0664-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2022-0561-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.22.
Red Hat Security Advisory 2022-0557-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Red Hat Security Advisory 2022-0658-01 - The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer. SASL is a method for adding authentication support to connection-based protocols.
Red Hat Security Advisory 2022-0661-01 - This release of Red Hat Fuse 7.10.1 serves as a replacement for Red Hat Fuse 7.10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.
Simple Mobile Comparison Website version 1.0 suffers from a remote SQL injection vulnerability.
VMware Security Advisory 2022-0006 - VMware Workspace ONE Boxer update addresses a persistent cross site scripting vulnerability.
Wondershare MirrorGo version 2.0.11.346 suffers from an insecure permissions vulnerability.
Cybersecurity firms ESET and Broadcom's Symantec said they discovered a new data wiper malware used in fresh attacks against hundreds of machines in Ukraine, as Russian forces formally launched a full-scale military operation against the country. The Slovak company dubbed the wiper "HermeticWiper" (aka KillDisk.NCV), with one of the malware samples compiled on December 28, 2021, implying that
TrickBot, the infamous Windows crimeware-as-a-service (CaaS) solution that's used by a variety of threat actors to deliver next-stage payloads like ransomware, appears to be undergoing a transition of sorts, with no new activity recorded since the start of the year. The lull in the malware campaigns is "partially due to a big shift from Trickbot's operators, including working with the operators
There's something about craftsmanship. It's personal, its artistry, and it can be incredibly effective in achieving its goals. On the other hand, mass-market production can be effective in other ways, through speed, efficiency, and cost savings. The story of data centers is one of going from craftsmanship – where every individual machine is a pet project, maintained with great care – to mass
ASUSTOR network-attached storage (NAS) devices have become the latest victim of Deadbolt ransomware, less than a month after similar attacks singled out QNAP NAS appliances. <!--adsense--> In response to the infections, the company has released firmware updates (ADM 4.0.4.RQO2) to "fix related security issues." The company is also urging users to take the following actions to keep data secure –
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that Federal Civilian Executive Branch (FCEB) agencies patch all systems against the vulnerabilities by March 8,
Intelligence agencies in the U.K. and the U.S. disclosed details of a new botnet malware called Cyclops Blink that's been attributed to the Russian-backed Sandworm hacking group and deployed in attacks dating back to 2019. "Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office (SOHO)
Ooh la la! Horreur Wi-Fi en France! Some folks have experienced the drawbacks of Web 3.0 as their NFTs are stolen, and should computers own the copyright over the art they produce? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.
Global supply chains are bearing the brunt of ransomware attacks, according to a new IBM report that finds manufacturing was the most targeted industry during 2021. Read more in my article on the Tripwire State of Security blog.
