In the last three weeks, the war in Ukraine has shattered the world we knew. Families, relations, partnerships, and ties were affected dramatically in Ukraine, Russia, Europe and the entire world. The avalanche of these tragic events catches us all. It has also caught my company, the worlds largest private show more ...
Hackers are now abusing YouTubeâs new submission rules to disseminate malware. One such malware campaign has been found targeting a gaming community on YouTube, to spread RedLine stealer.
Under the terms of the agreement, SentinelOne will acquire Attivo Networks in a cash and stock transaction valued at $616.5 million. The acquisition is expected to close in SentinelOneâs upcoming fiscal second quarter.
An attacker can take advantage of any of the aforementioned flaws by using a specially crafted compressed file to crash a vulnerable database server. ClickHouse users are recommended to upgrade to version "v21.10.2.15-stable" or later.
The development follows a similar penalty the DPC imposed on WhatsApp, fining the messaging service âŹ225 million in September 2021 for failing to meet its GDPR transparency obligations.
The severity of the attack can be quantified by the fact that even after 18 hours have passed since the attack took place, all targeted websites were still unreachable and offline for visitors.
The new entries include flaws in SonicWall SonicOS, Microsoft Windows, Microsoft Task Scheduler, Microsoft Win32k, Microsoft Windows Transaction Manager, and Microsoft Windows Kernel.
Germany's cyber security agency on Tuesday warned users of an anti-virus software developed by Moscow-based Kaspersky Lab that it poses a serious risk of a successful hacking attack.
A phishing campaign used the guise of Instagram technical support to steal login credentials from employees of a prominent U.S. life insurance company headquartered in New York, researchers have revealed.
CyberRes, a Micro Focus line of business, announced the acquisition of Debricked, a developer-centric open source intelligence company aimed at innovating how organizations secure their software supply chain for today and the future.
OpenSSL updates announced on Tuesday patch a high-severity DoS vulnerability related to certificate parsing. The flaw, tracked as CVE-2022-0778, was reported to the OpenSSL Project by Google vulnerability researcher Tavis Ormandy.
B1txor20 uses DNS Tunnel to establish C2 channel, support direct connection and relay, while using ZLIB compression, RC4 encryption, BASE64 encoding to protect the traffic of the backdoor.
BlackBerry Threat Intelligence has identified a new Raas family, and tracked its lineage to its probable beta stage release. LokiLocker encrypts your files and will render your machine unusable if you don't pay up in time.
The FTC accused the company of inadequately securing user data and ignoring known security threats, failures which led to a February 2019 breach in which a hacker accessed millions of email addresses and passwords.
The FBI says Russian state-backed hackers gained access to an NGO cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default MFA protocols.
On February 28, a newly created Twitter account called @ContiLeaks released more than 60,000 chat messages sent among members of the gang, its source code, and scores of internal Conti documents.
The inquiry into NortonLifeLock's proposed $8bn acquisition of rival antivirus provider Avast has now closed, with the regulator concluding that a tie-up could indeed reduce competition in the marketplace.
Among the detected Trojan malware, Android.Spy.4498 trojan is the one that is traced with high activity on the Google Play Store. The Android.Spy.4498 trojan is spread via unofficial modifications (mods) of WhatsApp messenger.
In 2021, 30% of known zero-day vulnerabilities targeted mobile devices, while there was a 466% rise in exploited zero-day vulnerabilities against mobile endpoints, according to Zimperium.
The recent leak of Conti source code, chat logs, and other sensitive records have unfolded several secrets of the group. Different researchers studied the findings and laid down their analysis. According to Chainanysis, Conti extorted an estimated $180m last year, making it the top gainer for ransomware operations in show more ...
These conversation hijacking attacks have the potential to be more effective because the source of the email is someone the victim trusts and the message comes as part of an ongoing thread.
In a new report by email security firm Cofense, researchers have spotted multiple phishing campaigns impersonating the Internet Revenue Service (IRS.gov) that use lures related to the 2022 U.S. tax season.
The critical flaw, tracked as CVE-2022-0971, has been described as a use-after-free issue affecting the Blink Layout component. Sergei Glazunov of Google Project Zero has been credited for reporting the flaw.
Large-scale phishing activity using hundreds of domains to steal credentials for Naver, a Google-like online platform in South Korea, shows infrastructure overlaps linked to the TrickBot botnet.
Recently, the BazarBackdoor malware was observed spreading via corporate website contact forms rather than its typical phishing email attack chain target firms. To avoid any possible security flag, the attackers use file-sharing services TransferNow and WeTransfer to send malicious files. Website admins are suggested to stay alert whenever receiving suspicious emails from unknown sources.
Ubuntu Security Notice 5331-1 - It was discovered that tcpdump incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. It was discovered that tcpdump incorrectly handled certain captured data. An attacker could possibly use this issue to cause a denial of service.
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the show more ...
The Windows Print Spooler has a privilege escalation vulnerability that can be leveraged to achieve code execution as SYSTEM. The SpoolDirectory, a configuration setting that holds the path that a printer's spooled jobs are sent to, is writable for all users, and it can be configured via SetPrinterDataEx() show more ...
Red Hat Security Advisory 2022-0810-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.4. Issues addressed include a code execution vulnerability.
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
Chrome suffers from an integer overflow vulnerability in HandleTable::AddDispatchersFromTransit that can lead to memory corruption.
Moodle version 3.11.5 suffers from an authenticated remote SQL injection vulnerability.
Ubuntu Security Notice 5329-1 - It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to cause tar to crash, resulting in a denial of service.
Red Hat Security Advisory 2022-0889-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a double free vulnerability.
Pluck CMS version 4.7.16 suffers from a remote shell upload execution vulnerability.
Ubuntu Security Notice 5330-1 - It was discovered that LibreOffice incorrectly handled digital signatures. An attacker could possibly use this issue to create a specially crafted document that would display a validly signed indicator, contrary to expectations.
Hikvision IP Camera has a backdoor where a magic string allows instant access regardless of authentication.
Red Hat Security Advisory 2022-0896-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.
Ubuntu Security Notice 5328-2 - USN-5328-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tavis Ormandy discovered that OpenSSL incorrectly parsed certain certificates. A remote attacker could possibly use this issue to cause OpenSSH to stop responding, resulting in a denial of service.
Ubuntu Security Notice 5328-1 - Tavis Ormandy discovered that OpenSSL incorrectly parsed certain certificates. A remote attacker could possibly use this issue to cause OpenSSH to stop responding, resulting in a denial of service.
Tiny File Manager version 2.4.6 suffers from an authenticated remote shell upload vulnerability.
Ubuntu Security Notice 5327-1 - Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server, a remote attacker could possibly use this issue to modify directory permissions.
Apache APISIX version 2.12.1 suffers from a remote code execution vulnerability.
Red Hat Security Advisory 2022-0899-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include a use-after-free vulnerability.
Researchers have disclosed seven new security vulnerabilities in an open-source database management system solution called ClickHouse that could be weaponized to crash the servers, leak memory contents, and even lead to the execution of arbitrary code. "The vulnerabilities require authentication, but can be triggered by any user with read permissions," Uriya Yavnieli and Or Peles, researchers
The Irish Data Protection Commission (DPC) on Tuesday slapped Facebook and WhatsApp owner Meta Platforms a fine of âŹ17 million (~$18.6 million) for a series of security lapses that occurred in violation of the European Union's GDPR laws in the region. "The DPC found that Meta Platforms failed to have in place appropriate technical and organizational measures which would enable it to readily
Russian cybersecurity firm Kaspersky on Tuesday responded to an advisory released by Germany's Federal Office of Information Security (BSI) against using the company's security solutions in the country over "doubts about the reliability of the manufacturer." Calling that the decision was made on show more ...
The end of the year is coming, and it's time for security decision-makers to make plans for 2022 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2022 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an
A previously undocumented backdoor has been observed targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits. Qihoo 360's Netlab security team called it B1txor20 "based on its propagation using the file name show more ...
The maintainers of OpenSSL have shipped patches to resolve a high-severity security flaw in its software library that could lead to a denial-of-service (DoS) condition when parsing certificates. Tracked as CVE-2022-0778 (CVSS score: 7.5), the issue stems from parsing a malformed certificate with invalid explicit elliptic-curve parameters, resulting in what's called an "infinite loop." The flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory warning that Russia-backed threat actors hacked the network of an unnamed non-governmental entity by exploiting a combination of flaws. "As early as May 2021, Russian state-sponsored cyber actors took advantage of a misconfigured account set to default [
Researchers have disclosed an unpatched security vulnerability in "dompdf," a PHP-based HTML to PDF converter, that, if successfully exploited, could lead to remote code execution in certain configurations. "By injecting CSS into the data processed by dompdf, it can be tricked into storing a malicious font with a .php file extension in its font cache, which can later be executed by accessing it
The alleged ringleader of an international scam operation has been arrested by Nigerian authorities in Lagos, after being wanted by the FBI since 2016. Read more in my article on the Hot for Security blog.
