Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Identity Theft, Fraud, Scams

A new phishing campaign was found exploiting the hype around Instagram’s verification process to pilfer sensitive information from the victims. The message informs users that if they ignore the message, the form will be permanently deleted in 48 hours.

 Malware and Vulnerabilities

Turkish-speaking gang Nitrokod was attributed to an active cryptomining campaign that leverages fake desktop apps for propagation. The campaign has infected over 111,000 victims since 2019. Hackers were seen offering fake software desktop apps that do not have an official desktop version. It includes YouTube Music, Yandex Translate, Microsoft Translate

 Trends, Reports, Analysis

As per Kaspersky, the total number of users who encountered gaming-related malware and unwanted software from July 1, 2021, through June 30, 2022, was 384,224, with 91,984 files distributed under the guise of twenty-eight games or series of games.

 Malware and Vulnerabilities

An indirect object reference (IDOR) vulnerability in the Squiz Matrix web content management system (CMS) could have enabled attackers to seize admin rights on targeted installations.

 Companies to Watch

Hornetsecurity announced that TA Associates has signed a definitive agreement to make a strategic growth investment in the Company. TA will join existing investors PSG Equity and Verdane, as well as the Company’s management team.

 Expert Blogs and Opinion

Enterprises can ease the transition to multicloud, hybrid, or public cloud solutions and avoid unnecessary risk by implementing policies, controls, and leveraging automation at the outset of cloud adoption.

 Trends, Reports, Analysis

Victims of certain WhatsApp scams are losing thousands of dollars to cybercriminals who deceive them into transferring money for a variety of reasons. Other types of scams attempt to target users with malware or gain access to their accounts.

 Trends, Reports, Analysis

Russian-speaking cybercriminals face falling financial returns following Russia’s invasion of Ukraine, with many scams becoming redundant almost overnight due to sanctions and increased scrutiny of Russian entities, say Digital Shadows researchers.

 Malware and Vulnerabilities

In early August, Unit 42 researchers discovered attacks leveraging several vulnerabilities in devices made by D-Link, a company that specializes in network and connectivity products.

 Expert Blogs and Opinion

Ransomware cybercriminal gangs and markets have made adjustments to their original ransom demands and found a near limitless demand for targeted ransomware, enabling them to up their extortion demands.

 Malware and Vulnerabilities

The malware downloads and executes Metasploit’s “Mettle” meterpreter to maximize its control of infected machines. Shikitega exploits system vulnerabilities to gain high privileges, persist and execute cryptominer.

 Trends, Reports, Analysis

A recent report from Kroll, an investigation and risk consulting firm, found a 90 percent increase in the number of attacks against health care organizations in the second quarter of this year compared to the first quarter.

 Expert Blogs and Opinion

With digital transformations having occurred over the past couple of years, cloud data storage has significantly increased. As enterprise data lakes and cloud storage environments expand, cybersecurity will become a greater challenge.

 Feed

Ubuntu Security Notice 5597-1 - It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 5600-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel   show more ...

did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 5599-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the IP implementation in the Linux kernel did   show more ...

not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

 Feed

Ubuntu Security Notice 5598-1 - It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Red Hat Security Advisory 2022-6341-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a privilege escalation vulnerability.

 Feed

A stack buffer overflow was reported in the cell format processing routines for 123elf, a project that brings Lotus 1-2-3 to Linux. If a victim opens an untrusted malicious worksheet, code execution could occur.

 Feed

Cybersecurity researchers have offered insight into a previously undocumented software control panel used by a financially motivated threat group known as TA505. "The group frequently changes its malware attack strategies in response to global cybercrime trends," Swiss cybersecurity firm PRODAFT said in a report shared with The Hacker News. "It opportunistically adopts new technologies in order

 Feed

SecDevOps is, just like DevOps, a transformational change that organizations undergo at some point during their lifetime. Just like many other big changes, SecDevOps is commonly adopted after a reality check of some kind: a big damaging cybersecurity incident, for example. A major security breach or, say, consistent problems in achieving development goals signals to organizations that the

 Feed

A new phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy is being advertised on the criminal underground as a means for threat actors to bypass two-factor authentication (2FA) protections employed against online services. "EvilProxy actors are using reverse proxy and cookie injection methods to bypass 2FA authentication – proxifying victim's session," Resecurity researchers said in a Monday

 Feed

A previously undocumented strain of Android spyware with extensive information gathering capabilities has been found disguised as a book likely designed to target the Uyghur community in China. The malware comes under the guise of a book titled "The China Freedom Trap," a biography written by the exiled Uyghur leader Dolkun Isa. "In light of the ongoing conflict between the

 Feed

QNAP has issued a new advisory urging users of its network-attached storage (NAS) devices to upgrade to the latest version of Photo Station following yet another wave of DeadBolt ransomware attacks in the wild by exploiting a zero-day flaw in the software. The Taiwanese company said it detected the attacks on September 3 and that "the campaign appears to target QNAP NAS devices running Photo

 Feed

High-profile companies and local governments located primarily in Asia are the subjects of targeted attacks by a previously undocumented espionage group dubbed Worok that has been active since late 2020. "Worok's toolset includes a C++ loader CLRLoad, a PowerShell backdoor PowHeartBeat, and a C# loader PNGLoad that uses steganography to extract hidden malicious payloads from PNG files," ESET

2022-09
Aggregator history
Tuesday, September 06
THU
FRI
SAT
SUN
MON
TUE
WED
SeptemberOctoberNovember