The video games market, with its 3.2-billion-strong audience worldwide, attracts every kind of business under the sun. All sorts of computer devices specially created for gamers are already par for the course. But it went beyond that a long time ago. These days, there is gaming furniture, gaming drinks, gaming show more ...
Hackers exploited a zero-day vulnerability in BackupBuddy, a WordPress plugin, that allows unauthenticated users to download arbitrary files on the server from the affected site. When exploited, the bug allows downloading arbitrary files from the affected site including sensitive information. BackupBuddy plugin users are suggested to upgrade to the latest version.
The Lorenz ransomware gang was found abusing a critical bug in Mitel MiVoice VOIP devices to breach corporate networks, using their phone systems for initial access. Researchers also revealed overlaps with another ransomware attack abusing the same vulnerability that was abused for initial access.
According to the State of the Internet Report by Censys, misconfigurations – including unencrypted services, weak or missing security controls, and self-signed certificates – make up roughly 60% of observed risks.
Pro-Ukrainian hackers on Sunday took credit for breaching Russian TV channels and broadcasting anti-war messages comparing Russia’s attack on Ukraine to the September 11 terrorist attacks in New York.
The Series A investment is being led by SignalFire, with Felicis Ventures, Okta Ventures, and previous backer, cybersecurity-specialist incubator and investor Team8, also participating.
The malware which was distributed on the Google Play store pretends to be a legitimate mobile security app, but it is in fact a payment fraud malware stealing passwords and abusing reverse proxy targeting NTT DOCOMO mobile payment service users.
The proposed monetary settlement provides financial restitution for the affected patients and includes spending for Ambry Genetics to implement a number of updated security measures.
The CISA added two new vulnerabilities to the catalog, a Windows privilege escalation vulnerability, tracked as CVE-2022-37969, and an arbitrary code execution issue, tracked as CVE-2022-32917, affecting iPhones and Macs.
The law would fall under the purview of the Federal Trade Commission (FTC), which means that it only covers those issues already addressed by the FTC. These include consumer fraud, identity theft, children's privacy, and some cybersecurity issues.
Researchers from Proofpoint are warning of threat actors that are using the death of Queen Elizabeth II as bait in phishing attacks to trick recipients into visiting sites designed to steal their Microsoft account credentials and MFA codes.
Ransomware gangs have resorted to intermittent encryption to encrypt victims’ files and folders faster while evading detection, revealed SentinelLabs. The Agenda ransomware offers an intermittent encryption feature as an optional and configurable setting to its affiliates.
HYCU has announced its State of Ransomware Preparedness report in partnership with ActualTech Media, which reveals that ransomware is an unavoidable risk for businesses, which is why ransomware preparedness is a top priority.
Chinese computer manufacturer Lenovo has issued a security advisory to warn of several high-severity BIOS vulnerabilities impacting hundreds of devices in the various models.
The campaign aims to deliver information-stealing malware to Ukrainian victim machines and makes heavy use of multiple modular PowerShell and VBScript (VBS) scripts as part of the infection chain.
According to an advisory by Vectra, access tokens for other Teams users can be recovered, allowing attackers to move from a single compromise to the ability to impersonate critical employees, but Microsoft isn't planning to patch.
While the criminal charges do not say whether the alleged hackers worked for the Iranian government, a separate U.S. Treasury Department statement said they were affiliated with the Islamic Revolutionary Guard Corps (IRGC).
As part of the September batch of Patch Tuesday updates, Adobe called attention to critical-rated bulletins affecting the Adobe Bridge, InDesign, Photoshop, InCopy, Animate, and Illustrator software products.
CloudFox provides a collection of enumeration commands that make it easy to use even for people who are relatively new to cloud pentesting. As of now, it only works with AWS.
Using its self-propagation functionality, several files in the malicious bundle receive videos and post them to the infected users’ YouTube channels along with the links to a password-protected archive with the bundle in the description.
South Korea’s privacy watchdog has fined Google and Meta a combined 100 billion won ($72 million) for tracking consumers’ online behavior without their consent and using their data for targeted advertisements.
The campaign aims to trick Greek victims into entering their banking credentials on the phishing sites, allegedly to confirm themselves and give authorization for a tax refund.
During the first half of 2022, the average cost of a claim for a small business owner increased to $139,000, which is 58% higher than levels during the first half of 2021, according to the 2022 Cyber Claims Report by Coalition.
A threat actor tracked under the moniker Webworm has been linked to bespoke Windows-based remote access trojans, some of which are said to be in pre-deployment or testing phases.
The acquisition of Cryptosense complements and accelerates the deployment of SandboxAQ’s Post-Quantum Cryptography (PQC) solutions to corporations and government institutions worldwide.
Ethical hacker and security researcher Kody Kinzie shared with BleepingComputer a list of over 50 domains, many of which are spelling variations of the brand name Sniffies.
For security flaws in the browser process, Google has introduced MiraclePtr, which rewrites the codebase to use a smart pointer type called ‘raw_ptr’ to prevent the exploitation of use-after-free bugs.
Based on the Impacket library, researchers at Pentera have built an implementation of the PsExec tool that runs only on port 135. This means blocking just port 445 to restrict malicious PsExec activity is no longer enough to prevent most attacks.
The cybersecurity software and services provider for private investment firms announced it had received a strategic growth investment from Francisco Partners for an unnamed amount.
Red Hat Security Advisory 2022-6542-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include file overwrite and traversal vulnerabilities.
Red Hat Security Advisory 2022-6527-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.0 RPMs.
Red Hat Security Advisory 2022-6540-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2022-6539-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.109 and .NET Runtime 6.0.9.
Ubuntu Security Notice 5613-1 - It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim was using freed memory when dealing with regular show more ...
Ubuntu Security Notice 5612-1 - Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO reads. This could allow a local attacker to compromise SGX enclaves.
Ubuntu Security Notice 5606-2 - USN-5606-1 fixed a vulnerability in poppler. Unfortunately it was missing a commit to fix it properly. This update provides the corresponding fix for Ubuntu 18.04 LTS and Ubuntu 16.04 ESM. It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
Red Hat Security Advisory 2022-6526-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.11.0 images: RHEL-8-CNV-4.11. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.
Red Hat Security Advisory 2022-6308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.49. There are no RPMs show more ...
Red Hat Security Advisory 2022-6522-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.423 and .NET Runtime 3.1.29.
Red Hat Security Advisory 2022-6520-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.109 and .NET Runtime 6.0.9.
Red Hat Security Advisory 2022-6523-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.423 and .NET Runtime 3.1.29.
Red Hat Security Advisory 2022-6517-01 - Red Hat OpenStack Platform 16.2 (Train) director operator containers, with several Important security fixes, are available for technology preview.
Red Hat Security Advisory 2022-6518-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
Red Hat Security Advisory 2022-6521-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.109 and Runtime 6.0.9.
News247 News Magazine version 1.0 suffers from a persistent cross site scripting vulnerability.
This Metasploit module exploits the Git fetch command in Gitea repository migration process that leads to a remote command execution on the system. This vulnerability affects Gitea versions prior to 1.16.7.
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Wednesday announced sweeping sanctions against ten individuals and two entities backed by Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks at least since October 2020. The agency said the cyber activity mounted by the individuals is partially attributable to intrusion sets tracked
An ongoing espionage campaign operated by the Russia-linked Gamaredon group is targeting employees of Ukrainian government, defense, and law enforcement agencies with a piece of custom-made information stealing malware. "The adversary is using phishing documents containing lures related to the Russian invasion of Ukraine," Cisco Talos researchers Asheer Malhotra and Guilherme Venere said in a
Companies are in the midst of an employee "turnover tsunami" with no signs of a slowdown. According to Fortune Magazine, 40% of the U.S. is considering quitting their jobs. This trend – coined the great resignation - creates instability in organizations. High employee turnover increases security risks, and companies are more vulnerable to attacks from human factors worldwide. At Davos 2022,
A threat actor tracked under the moniker Webworm has been linked to bespoke Windows-based remote access trojans, some of which are said to be in pre-deployment or testing phases. "The group has developed customized versions of three older remote access trojans (RATs), including Trochilus RAT, Gh0st RAT, and 9002 RAT," the Symantec Threat Hunter team, part of Broadcom Software, said in a report
Gamers looking for cheats on YouTube are being targeted with links to malicious password-protected archive files designed to install the RedLine Stealer malware and crypto miners on compromised machines. "The videos advertise cheats and cracks and provide instructions on hacking popular games and software," Kaspersky security researcher Oleg Kupreev said in a new report published today.
How could your inkjet printer finally help you make some money, why is it so hard to share our health data even if we want to, and what result do you want to see from the Elon Musk vs Twitter bunfight? All this and much more is discussed in the latest edition of the award-winning … Continue reading "Smashing show more ...
Millions of dollars have been stolen from healthcare companies after fraudsters gained access to customer accounts and redirected payments. Read more in my article on the Tripwire State of Security blog.
