Any modern car is basically a computer on wheels. And many are also connected to the internet. As a result, in addition to the vehicles themselves, automakers are now developing apps to control them remotely. These can be used to check the cars location, turn on the heating or air conditioning in advance, lock and show more ...
In this episode of the podcast (#238) we speak with Daniel Brodie, the CTO at the firm Cynerio. about his firm’s discovery of a string of critical security flaws in an autonomous medical robot, TUG, that is already deployed in hundreds of clinical settings and the growing issue of medical device insecurity and show more ...
In her opening statement, Chairman of the Senate HELP Committee Patty Murray, D-Wash., noted that 70% of hospitals surveyed in 2020 reported facing a significant cybersecurity incident.
The attackers exploited the fact that security products run with high privileges on Windows to plant and load their own maliciously crafted DLL into memory, allowing them to elevate privileges and execute code.
The U.S. is setting up a Joint Ransomware Task Force, headed by the CISA and the FBI, as well as two international initiatives, chaired by the Department of Justice, to tackle illegal cryptocurrency activities related to ransomware.
The cybercrime operation states that it does not use any ransomware and focuses on network infiltration by abusing vulnerabilities. The attackers focus primarily on data exfiltration and do not build any encryption modules.
One of the packages in question is "ctx," a Python module available in the PyPi repository. The other involves "phpass," a PHP package that's been forked on GitHub to distribute a rogue update.
The software supply chain is becoming so critical that in May 2021, the president of the United States issued an Executive Order targeted to improve the nation's cybersecurity.
The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws over the past two days, including flaws for the Android kernel and Cisco IOS XR.
In her testimony to a House committee, Army Secretary Christine Wormuth asserted that the service must work to close its “vulnerability gap,” explaining that the army has learned valuable lessons from the Russian invasion of Ukraine.
This is not the first time the Texas Department of Transportation (TxDOT) has apparently had a data security incident but it appears that TxDOT’s portal for the certified payroll system for contractors has been hacked.
Russia — a nation that has famously been on the offensive when it comes to cyberattacks — is now facing its own barrage of hacks as multiple sanctions hit the country from the West.
Zoom users are advised to update their clients to version 5.10.0 to patch a number of security vulnerabilities found by Google Project Zero security researcher Ivan Fratric.
A new attack observed by Trustwave starts with a chatbot-like page that attempts to establish communication and trust with the target instead of directly sending an embedded link.
CynergisTek announces it has entered into a definitive agreement to be acquired by Clearwater Compliance LLC, a healthcare-focused cybersecurity, compliance, and risk management solutions firm, in an all-cash transaction valued at $17.7 million.
If exploited, the two critical flaws can let attackers gain JavaScript code execution on mobile and desktop devices running vulnerable versions of Firefox, Firefox ESR, Firefox for Android, and Thunderbird.
The Series B funding for Nisos, the managed intelligence service provider, was led by global cyber investor Paladin Capital Group, alongside existing investors Columbia Capital and Skylab Capital.
SafetyDetectives researchers shared details of a misconfigured Elasticsearch server that exposed the data of millions of loan applicants. The data mainly belonged to people from Ukraine, Kazakhstan, and Russia who had applied for microloans.
The US government lacks comprehensive data on ransomware attacks, including how much is lost in payments, according to a new report by the United States Senate Committee on Homeland Security & Governmental Affairs.
Systems of the budget carrier SpiceJet faced a ransomware attack on Tuesday night due to which morning flight departures were impacted. It further said that the situation has been rectified and flights are operating normally now.
The Series D funding round brings the total amount raised by Semperis to about $250 million since its founding in 2015. The company did not disclose its latest valuation.
As for the MGM Resorts, according to VPNMentor researchers, who identified the data on 22 May 2022, four archives of files were discovered containing 8.7GB of data. Estimates suggest this leak could impact around 30 million people.
Cyble researchers spotted a malware campaign targeting the infoSec community via a fake PoC exploit code for RPC Runtime RCE flaw. The fake exploit was distributed via GitHub. By attacking the infosec community, attackers are probably trying to gain access to vulnerability research or steal other proprietary data. As a precaution, security researchers should stay alert and be aware of such attacks.
In the past, ESXi servers were also attacked by other known ransomware families such as LockBit, Hive, and RansomEXX as an efficient way to infect many computers with ransomware.
The Port of London Authority/PLA has become the latest victim of a cyberattack that caused the forced shut down of its website, the company confirmed on Tuesday, May 24th.
In case the GoodWill ransomware affects a system, every single document, photo, video, database, and file becomes encrypted, after which users can no longer access the data without a decryption key.
The critical security hole, tracked as CVE-2022-1853, has been described as a use-after-free bug affecting Indexed DB. Google learned about it on May 12 and it has yet to determine the bug bounty for this vulnerability.
In addition to the increase in ransomware breaches, the Verizon Business 2022 DBIR report also found that 82% of cyber breaches involved the human element, including social attacks, errors, and misuse.
The malware injection leverages the #psigate_cc_number, #psigate_expiration, #psigate_expiration_yr and #psigate_cc_cid fields (among others) to harvest customer’s payment data and details whenever the text fields are submitted on the checkout page.
Cisco Talos discovered eight vulnerabilities that could allow an adversary to carry out a variety of malicious actions, including improperly authenticating into the targeted device and causing a denial of service.
According to the Washington University School of Medicine's website, the health system learned that an unauthorized person gained access to certain employee email accounts between March 4 and March 28.
New research into the inner workings of the stealthy BPFdoor malware for Linux and Solaris reveals that the threat actor behind it leveraged an old vulnerability to achieve persistence on targeted systems.
The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request, resulting in remote code execution as NT AUTHORITYSYSTEM. This module uses the MS-RPRN vector which requires the Print Spooler service to be running.
Red Hat Security Advisory 2022-2283-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.35.
Ubuntu Security Notice 5404-2 - USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash.
Red Hat Security Advisory 2022-4729-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR.
Red Hat Security Advisory 2022-4730-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.1.
Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and execute malicious code. Tracked from CVE-2022-22784 through CVE-2022-22787, the issues range between 5.9 and 8.1 in severity. Ivan Fratric of Google
A group of academics has devised a system that can be used on a phone or a laptop to identify and locate Wi-Fi-connected hidden IoT devices in unfamiliar physical spaces. With hidden cameras being increasingly used to snoop on individuals in hotel rooms and Airbnbs, the goal is to be able to pinpoint such rogue devices without much of a hassle. The system, dubbed Lumos, is designed with this
If one word could sum up the 2021 infosecurity year (well, actually three), it would be these: "supply chain attack". A software supply chain attack happens when hackers manipulate the code in third-party software components to compromise the 'downstream' applications that use them. In 2021, we have seen a dramatic rise in such attacks: high profile security incidents like the SolarWinds,
Malicious actors can gain unauthorized access to users' online accounts via a new technique called "account pre-hijacking," new research has found. The attack takes aim at the account creation process that's ubiquitous in websites and other online platforms, enabling an adversary to perform a set of actions before an unsuspecting victim creates an account in a target service. The study was led
An unknown advanced persistent threat (APT) group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. "The campaigns [...] are designed to implant a Remote Access Trojan (RAT) that can be used to surveil the computers it infects, and run commands on them remotely," Malwarebytes said in a
Security incidents occur. It's not a matter of "if," but of "when." That's why you implemented security products and procedures to optimize the incident response (IR) process. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the show more ...
A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. "The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims," Interpol said in a statement. <!--adsense-->
An Indian airline says that an "attempted ransomware attack" against its IT infrastructure caused flights to be delayed or canceled, and left passengers stranded. Read more in my article on the Hot for Security blog.
