Gabriel loves to play football (soccer!) and electric guitar, and hes a fan of all things blockchain technology and the NFT ecosystem. But life hasnt been easy for him: he had to leave his parents in Venezuela and immigrate to Spain, where he started working at Kaspersky in the middle of the covid lockdown. In this show more ...
With the addition of these seven vulnerabilities, the catalog now contains 654 vulnerabilities, including the date that federal agencies must apply the associated patches and security updates.
Brazil has seen an improvement in its data breach situation, with an 80% decrease in the number of cases seen in the first three months of 2022, according to new research by cybersecurity company Surfshark.
The report late on Sunday said Iran thwarted the attacks that planned to target the infrastructure of more than 100 public sector agencies. It did not elaborate on specific examples of the public sector agencies.
In a data security notice on its website, the healthcare provider disclosed that the actor was able to access a limited number of email accounts between January 26, 2021, and November 23, 2021.
Russia is known for its army of hackers, but since the start of its invasion of Ukraine, dozens of Russian organizations have been hacked, with terabytes of stolen data leaked onto the internet.
The text claims to be from “FOD”. This is the Federale Overheidsdienst Financien in Belgium. The suspect URL includes a domain registered just this month (often a red flag), in India, rather than Belgium.
Britain’s computerized army recruitment system has been closed for most of the war in Ukraine after candidate data was compromised in a possible hack, prompting alarmed officials to suspend its operations.
Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE).
In a proposed class-action lawsuit filed on Friday, the plaintiff claimed he and potentially others fell victim to a sophisticated phishing attack in which their Trezor cryptocurrency wallets were unlawfully accessed and funds siphoned.
The U.S. Department of Health and Human Services posted an alert last week warning healthcare organizations of an “exceptionally aggressive” ransomware group that is known to target the sector.
An attack on the country's Finance Ministry impacted several processes, including tax collection, the payment of public employees, and the importation and exportation of goods through Costa Rica’s customs agency.
The Emotet malware phishing campaign is up and running again after the threat actors fixed a bug preventing people from becoming infected when they opened malicious email attachments.
SecZetta shared a research that demonstrates a clear misalignment between the strategies organizations currently use and what is actually required to protect them from cyberattacks due to third-party vulnerabilities.
Federal investigators say a cyber attack on a North Dakota-based company that provides software and billing services for doctors and healthcare professionals affected more than a half million customers.
According to the INCD, Quds Day is usually a peak time for the distribution of anti-Israel messages and attacks on Israeli websites in the past few years. The event, also known as Jerusalem Day, will fall on April 29 this year.
"It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything," Bored Ape Yacht Club tweeted Monday morning in a warning that came too late for some of its members.
KISS improves security when your IT team avoids jargon and makes complex-but-important tasks easier to understand, but it reduces security when crooks steer clear of mistakes that would otherwise give their game away.
While the issue was patched by the virtualization services provider on April 6, 2022, the company cautioned users of confirmed exploitation of the flaw occurring in the wild a week later.
The BlackCat ransomware attack against the undisclosed organization took place in March 2022 and has been detailed by cybersecurity researchers at Forescout who investigated the incident.
The lawsuit stems from a months-long employee email system compromise, first discovered in June 2019. The vendor did not begin notifying the 114,007 patients of the impact on their personal and health data until November 2019.
IBM has updated its data management platform Db2 in order to protect users from a pair of critical vulnerabilities in older versions of Expat, a third-party library. Both flaws notched a CVSS score of 9.8.
The activity occurred while Emotet was on a “spring break,” not conducting its typical high volume threat campaigns. The threat actor has since resumed its typical activity.
Following a massive health data leak disclosed in the press concerning nearly 500,000 persons in February 2021, the CNIL has fined the company Dedalus Biologie ~$1.6 million mainly for failure to comply with its data security obligation.
Coca-Cola said it is investigating reports of a data breach after a ransomware group named Stormous claimed to have stolen internal documents from the American beverage giant.
TeamTNT hackers’ shell scripts were found disabling cloud security tools to attack AWS and Alibaba Cloud. Its payloads include credential stealers, cryptocurrency miners, persistence, and lateral movement. Organizations are suggested to continue taking the right measures to protect your systems from such threats.
Cybersecurity analysts have detected yet another info-stealer malware infection, named Prynt Stealer, offering powerful capabilities and extra keylogger and clipper modules. The developer of the stealer claims the recent version of the stealer is undetectable. Users are suggested to use a strong password with 2FA and avoid third-party download sources.
Researchers from SentinelLabs claimed that Nokoyawa is clearly a variant of Nemty (Karma) ransomware. Previously, Trend Micro had highlighted similarities in the attack chain between Nokoyawa and Hive ransomware.
Researchers released a report on BlackByte ransomware describing new variants written in Go and DotNET, with one variant written with a mix of Go and C languages. The ransomware actors were observed making changes to the registry in an attempt to escalate privileges. Organizations are suggested to stay protected by deploying robust anti-ransomware solutions.
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant show more ...
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The show more ...
Ubuntu Security Notice 5388-2 - It was discovered that OpenJDK incorrectly verified ECDSA signatures. An attacker could use this issue to bypass the signature verification process. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly show more ...
Ubuntu Security Notice 5388-1 - It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK incorrectly handled converting certain object arguments into their show more ...
Ubuntu Security Notice 5387-1 - Douglas Mendizábal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue to consume protected resources and possibly cause a denial of service.
Red Hat Security Advisory 2022-1490-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
WordPress Coru LFMember plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2022-1491-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a persistent cross site scripting vulnerability.
Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a bypass vulnerability due to having set a hardcoded password for accounts registered using an OmniAuth provider.
Ubuntu Security Notice 5376-2 - USN-5376-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.04 LTS. 俞晨东 discovered that Git incorrectly handled certain repository paths in platforms with multiple users support. An attacker could possibly use this issue to run arbitrary commands.
This is the Spamhaus Botnet Threat Update for Q1 2022. It shows a modest increase of 8% in the new number of botnet command and controllers.
Red Hat Security Advisory 2022-1487-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
WordPress WP-Invoice plugin version 4.3.1 suffers from a persistent cross site scripting vulnerability.
Red Hat Security Advisory 2022-1488-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant show more ...
Red Hat Security Advisory 2022-1489-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems. Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and
A state-backed threat actor with ties to the Democratic People's Republic of Korea (DRPK) has been attributed to a spear-phishing campaign targeting journalists covering the country with the ultimate goal of deploying a backdoor on infected Windows systems. The intrusions, said to be the work of Ricochet Chollima, resulted in the deployment of a novel malware strain called GOLDBACKDOOR, an
The threat actor behind the prolific Emotet botnet is testing new attack methods on a small scale before co-opting them into their larger volume malspam campaigns, potentially in response to Microsoft's move to disable Visual Basic for Applications (VBA) macros by default across its products. Calling the new activity a "departure" from the group's typical behavior, ProofPoint alternatively
The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research. Conti, attributed to a Russia-based threat actor known as Gold Ulrick, is one of the most prevalent malware strains in the ransomware landscape, accounting for 19% of all attacks during the three-month-period
Costa Rica's outgoing president, Carlos Alvarado Quesada, has said that a ransomware attack on the government's computer systems was an attempt to destabilise the country as it transitions to a new administration. Read more in my article on the Hot for Security blog.
