It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many Ashley Madison users, and to at least two suicides. To date, little is publicly known about the perpetrators or the show more ...
A previously undetected malware, dubbed Lightning Framework, was found targeting Linux systems. It can also serve as a backdoor for infected devices using SSH and can deploy an array of rootkits. Stay safe using a reliable anti-malware solution and let’s not skip on threat intel platforms to mitigate such emerging threats.
A new strain of the free-to-use Redeemer ransomware builder is being promoted on hacker forums. The new version 2.0 is written in C++ and features support for Windows 11 and GUI tools, among others. The author has threatened that the project's source code will become public if they lose interest, making the Redeemer 2.0 project risky.
Avast found DevilsTongue spyware, developed by an Israeli surveillance company, abusing a Chrome zero-day to attack journalists in the Middle East. Since the bug exists in WebRTC, it also impacts Safari browser but the exploit found only work on Windows. Always protect data with powerful encryption and update devices with the latest security updates.
An uncommon piece of malware was found targeting a large software development firm in Ukraine. The malware is a moderately altered version of the open-source backdoor GoMet. Two samples of the backdoor with minor differences have been discovered, believed to have the same source code. However, whether the attack was successful is not clear.
Proprietary software has responded to threats by implementing thorough institutional security measures. The same care is not being given to open-source software—primarily due to misaligned incentives.
Instead of sending emails containing the phished data to the attacker (a common technique found for phishing pages), attackers chose to use the popular Heroku hosting application platform: hxxps://go-telegram-webhook[.]herokuapp.com/go.
Scans by Cloud Security Alliance found that 100% of clusters contained at least one misconfiguration, while 65% had at least one high severity misconfiguration. 50% of clusters had 14 or more failed security controls.
Researchers at Cyble have identified 25 malware samples built on this source code in the wild. The stealer can target various Chromium-based browsers, chat apps, gaming apps, and cryptocurrency wallets.
By providing specific properties names that will be accessed at runtime, an attacker can make vulnerable code alter the root prototype, appending an attacker-controlled property to every child object.
Cyber-theft and espionage campaigns targeting financial institutions and digital currency exchanges have been attributed to multiple North Korean hacking groups in the past.
Cybercrime resources are cheap and abundant. Over 91% of exploits and 76% of malware ads are listed for under $10. The average cost for RDP credentials is $5, according to a report by HP Wolf Security.
A ransomware gang has not only taken down the mailing list provider WordFly but also siphoned data belonging to the US-based Smithsonian, Canada's Toronto Symphony Orchestra, and the Courtauld Institute of Art in London.
An analysis by Vade found that attackers were most likely to send their phishing emails on weekdays, with most arriving between Monday and Wednesday. Attacks tapered off towards the end of the week.
Microsoft says attackers increasingly use malicious Internet Information Services (IIS) web server extensions to backdoor unpatched Exchange servers as they have lower detection rates compared to web shells.
Security experts at ProxyLife have found QBot operators abusing the Windows 7 Calculator app for DLL side-loading attacks in its latest malspam campaigns. The exploitation is believed to have begun on at least July 11. The malware steals credentials and personal data from victims' for financial gains, which might result in identity theft, fraud, and other consequences.
The White House Office of the National Cyber Director appointed Camille Stewart Gloster as deputy national cyber director for technology and ecosystem security, the latest recruit to the office’s leadership roster.
Several servers tied with MedusaLocker ransomware have been spotted in the wild. These servers are located in Russia and are found to host multiple exploit tools such as Metasploit, Acunetix, Posh, and Deimos.
Global ransomware volumes shrunk by 23% year-on-year (YoY) in the first half of 2022, but overall malware surged by 11% over the period, according to new data from SonicWall.
Data breaches targeting business emails are the most financially lucrative for criminals, costing victims more than $7.5 billion from 2017-2021, according to a five-year analysis of data from the FBI's IC3 conducted by Forbes Advisor.
The IT security researchers at Manchester, England-based NCC Group have released a technical advisory explaining how Nuki Smart Locks were vulnerable to a plethora of attack possibilities.
The latest patch release includes fixes for two remote code execution (RCE) vulnerabilities that were discovered in the software’s document converter component. CVE-2022-23100 and CVE-2022-24405 earned CVSS scores of 8.2 and 7.3, respectively.
A Pennsylvania-based convenience store chain will pay $8 million to several states over a 2019 data breach that involved some 34 million payment cards, authorities announced Tuesday.
According to the firm, security teams can use GitGuardian Canary Tokens (ggcanary) to create and deploy canary tokens in the form of Amazon Web Services (AWS) secrets to trigger alerts as soon as they are tampered with by attackers.
The moral of the story is simple: your company can have the most up-to-date security solutions, but if the employees are not prepared for such social engineering attacks, then your data is not safe.
In healthcare, the most common web app attacks occur on patient portals, telehealth platforms, online pharmacies, electronic health records, health entities’ web-based email, and similar tech.
The Senate Armed Services Committee is looking to help the Department of Defense address and correct issues associated with the readiness of its cyber forces, according to new legislation and congressional aides.
The apps pose as image-editing tools, virtual keyboards, system optimizers, wallpaper changers, and more. However, their underlying functionality is to push intrusive ads, subscribe users to premium services, and steal victims' social media accounts.
A new research report by ISSA and ESG revealed that 83% of security professionals believe that future technology interoperability depends upon established industry standards.
According to a study by researchers at the Citadel, South Carolina, deep learning models trained for network intrusion detection can be bypassed through adversarial attacks, specially crafted data that fools neural networks to change their behavior.
Leadership at the Cybersecurity and Infrastructure Security Agency confirmed that ransomware hackers are not exclusively targeting large organizations and businesses, but smaller entities as well.
The average cost of a data breach hit an all-time high of $4.35 million this year, a gain of 2.6% from 2021 and 12.7% from 2020. In the United States, the average cost was $9.44 million, the highest amount in any country.
U.S. federal credit union regulators plan to impose new cybersecurity incident reporting requirements, including a duty to relay reports of cyber incidents experienced by third-party vendors.
The availability of supposedly hacked Chinese data on the dark web appears to have surged in recent weeks on the heels of the massive Shanghai National Police breach, which was one of the largest ever recorded.
According to published reports out of Greece, the surveillance tool has been linked to an attempted hack of a phone belonging to Nikos Androulakis, a member of the European Parliament.
Palo Alto Networks warns in its 2022 report covering 600 incident response (IR) cases that attackers typically start scanning for vulnerabilities within 15 minutes of one being announced.
Red Hat Security Advisory 2022-5640-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2022-5718-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Red Hat Security Advisory 2022-5664-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.24.
Red Hat Security Advisory 2022-5703-01 - An update is now available for Red Hat Ansible Automation Platform 1.2. Issues addressed include a remote SQL injection vulnerability.
Red Hat Security Advisory 2022-5641-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5531-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs.
Red Hat Security Advisory 2022-5626-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5622-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2022-5004-01 - Red Hat OpenShift Service Mesh is a Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2022-5719-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Red Hat Security Advisory 2022-5597-01 - An update for pandoc is now available for Red Hat Enterprise Linux 8. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-4931-01 - The RHV-M Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.
Red Hat Security Advisory 2022-5620-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-5556-01 - Logging Subsystem 5.4.3 has security updates. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat Security Advisory 2022-5564-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2022-5681-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Red Hat Security Advisory 2022-5596-01 - This release of Red Hat build of Quarkus 2.7.6 includes security updates, bug fixes, and enhancements. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-5532-01 - This release of Red Hat Fuse 7.11.0 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include HTTP request smuggling, bypass, code execution, show more ...
Red Hat Security Advisory 2022-5636-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5709-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.
Red Hat Security Advisory 2022-5704-01 - Updated images are now available for Red Hat Advanced Cluster Security. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2022-5687-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Red Hat Security Advisory 2022-5685-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit.
Red Hat Security Advisory 2022-5526-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-5542-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a denial of service vulnerability.
Threat actors are increasingly abusing Internet Information Services (IIS) extensions to backdoor servers as a means of establishing a "durable persistence mechanism." That's according to a new warning from the Microsoft 365 Defender Research Team, which said that "IIS backdoors are also harder to detect since they mostly reside in the same directories as legitimate modules used by target
Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation. "The threat actor targets individuals and employees that may have access to a Facebook Business account with an information-stealer malware," Finnish cybersecurity company WithSecure (formerly F-Secure
Software vulnerabilities are a major threat to organizations today. The cost of these threats is significant, both financially and in terms of reputation.Vulnerability management and patching can easily get out of hand when the number of vulnerabilities in your organization is in the hundreds of thousands of vulnerabilities and tracked in inefficient ways, such as using Excel spreadsheets or
As many as 30 malicious Android apps with cumulative downloads of nearly 10 million have been found on the Google Play Store distributing adware. "All of them were built into various programs, including image-editing software, virtual keyboards, system tools and utilities, calling apps, wallpaper collection apps, and others," Dr.Web said in a Tuesday write-up. While masquerading as innocuous
The former Chief Security Officer of Uber is facing wire fraud charges over allegations that he covered up a data breach that saw hackers steal the records of 57 million passengers and drivers. Read more in my article on the Hot for Security blog.
