Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users, and relatively few “critical” fixes. And yet we know from experience that show more ...
Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone show more ...
A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia's invasion of Ukraine.
UPS products made by Schneider Electric subsidiary APC are affected by critical vulnerabilities that can be exploited to remotely hack and damage devices, according to security company Armis.
Microsoft's March 2022 Patch Tuesday introduced patches for 71 CVE-numbered vulnerabilities, including three previously unknown “critical” ones and three “important” ones that were already public.
There has been a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders — Russia and China.
As per a new report, 33% of mid-market organizations suffered an outage that knocked them offline for more than a day. Only half were able to prevent malicious attachments from reaching users’ inboxes.
The company's announcement follows a poll by the data extortion group, Lapsus$ in which they threatened to leak data allegedly stolen from Mercado and other prominent companies.
The DoD announced plans to release CMMC 2.0, with promises to streamline the certification process and ease security regulations for contractors and sub-contractors handling low-priority information.
Cybersecurity researchers disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.
European merchants spent nearly €7 billion (~$7.7 billion) on fraud detection and prevention in 2021 alone – more than three times the value lost to fraud in the same year, CMSPI estimates.
Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems.
Google this week announced the release of patches for 39 vulnerabilities as part of the March 2022 security update for Android. The most serious vulnerability is CVE-2021-39708 in the System component.
APT41 is a prolific Chinese state-sponsored espionage group known to target organizations in both the public and private sectors and also conducts financially motivated activity for personal gain.
An attacker could have exploited these issues to escalate privileges and become a "shadow administrator" with the ability to covertly exfiltrate secrets, deploy malware or cryptominers, and disrupt workloads.
A conflict in cyberspace is unfolding parallel to the ongoing conflict between Russia and Ukraine. Cyberattacks are being lobbed against both sides, with a new wiper directed against Russia joining the fray.
The seven flaws have been dubbed Access:7 and are present in PTC’s Axeda agent, which is used for remote access and management of more than 150 connected devices across over 100 vendors.
Lapsus$, responsible for the recent attack on Nvidia, reportedly released two of the company's old code-signing certificates, and threat actors have started abusing it. In some cases, the stolen certificates were used to sign Cobalt Strike beacons, Mimikatz, backdoors, and remote access trojans. Admins are show more ...
The FBI issued an alert about the Ragnar Locker ransomware group that has claimed 52 entities as its victims across 10 critical infrastructure sectors in the U.S, so far. The IOCs in the alert has information from Bitcoin addresses where hackers collect the ransom to the email addresses of operators. The FBI also urges security professionals to share any related information, which can help others fend off the attack.
Researchers exposed cybercriminals distributing the SharkBot banking trojan via Google Play Store. The malware is using Automatic Transfer Systems (ATS) to transfer money by abusing the Accessibility permission on devices and grants itself additional required permissions. Smartphone users are requested to be careful show more ...
Siemens has released 15 new advisories to inform customers about more than 100 vulnerabilities affecting its products, including over 90 security flaws introduced by the use of third-party components.
It is an extension of the 2017 Spectre version 2 attack, also known as Spectre-BTI (Branch Target Injection) and, just like Spectre v2, can result in the leak of sensitive information from the privileged kernel memory space.
The patches, scheduled as part of Adobe’s Patch Tuesday release cycle, address a range of arbitrary code execution and memory leak vulnerabilities that could expose data to malicious hacker attacks.
The flaw resides in around 2,600 incorrectly provisioned Mitel MiCollab and MiVoice Business Express systems that act as PBX-to-internet gateways and have a test mode that should not be exposed to the internet.
The most serious of the documented flaws is rated critical and described as a missing authorization check vulnerability in SAP Focused Run that could lead to complete system compromise.
Ubuntu Security Notice 5319-1 - Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered that hardware mitigations added by Intel to their processors to address Spectre-BTI were insufficient. A local attacker could potentially use this to expose sensitive information.
DEOS AG OPEN 710 and 810 control systems suffer from a cross site scripting vulnerability.
Red Hat Security Advisory 2022-0790-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Audio Conversion Wizard version 2.01 suffers from a buffer overflow vulnerability.
Red Hat Security Advisory 2022-0771-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
Ubuntu Security Notice 5318-1 - Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered show more ...
Printix Client version 1.3.1106.0 suffers from a privilege escalation vulnerability.
Ubuntu Security Notice 5317-1 - Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida discovered show more ...
Webmin version 1.984 authenticated remote code execution exploit.
Red Hat Security Advisory 2022-0772-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.
Red Hat Security Advisory 2022-0780-01 - The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer. SASL is a method for adding authentication support to connection-based protocols.
Red Hat Security Advisory 2022-0777-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, double free, privilege escalation, and use-after-free vulnerabilities.
Cobian Backup version 0.9 suffers from an unquoted service path vulnerability.
Wondershare Dr.Fone version 12.0.18 suffers from an unquoted service path vulnerability.
Microsoft's Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others. Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as actively exploited, three of them are publicly known
APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications. The exploited vulnerabilities included "a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in
Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to "an unauthenticated attacker gaining root on these devices." Pascom Cloud Phone System is an
Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome (CVE-2022-26143) – has been weaponized to launch significant DDoS attacks targeting broadband access ISPs, financial
Three high-impact security vulnerabilities have been disclosed in APC Smart-UPS devices that could be abused by remote adversaries as a physical weapon to access and control them in an unauthorized manner. Collectively dubbed TLStorm, the flaws "allow for complete remote takeover of Smart-UPS devices and the ability to carry out extreme cyber-physical attacks," Ben Seri and Barak Hadad,
The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening. Just as it wasn’t raining when Noah built the ark, companies must face the fact
There are stark differences between how to manage security policies for on-premises network environments and those that are 100% cloud-based. But many companies continue to struggle with those differences and have experienced plenty of pain as a result. It’s a challenge Rich Mogull has spent years trying to help show more ...
