Businesses are showing increased interest in having confidence in their technology providers, with more than 70% of IT decision makers declaring a strong importance of having ongoing assurance that the IT solutions they use are operating in a known and trusted state. This is why we decided to open two new show more ...
Shareholders are suing Twitter following a whistleblower complaint and public testimony from former CISO Peiter “Mudge” Zatko, claiming the company deceived investors in public disclosures about the state of their security.
The United Veterinary Services Association released four cybersecurity recommendations after a ransomware attack impacted more than 700 animal health care networks around the globe.
The first meeting of the Joint Ransomware Task Force was held last week as the co-chairs from the Cybersecurity and Infrastructure Security Agency and the FBI mapped out how they would counter the ongoing ransomware threat.
Copying null-terminated data into a local buffer without a proper length detection causes a stack buffer overflow that leads to arbitrary code execution. The affected local buffer is only 2CH bytes long relative to the function return address.
Uber confirmed that a cybercriminal group accessed multiple internet systems, stole vulnerability reports, and downloaded internal Slack messages. As per The New York Times report, the operator carried out a social engineering attack on an employee’s Slack account to gain initial access.
The "strong attack," which targeted an unnamed Chinese telecommunications company, is said to have lasted for four hours and peaked at 3.9 million requests per second (RPS).
This is the cybersecurity giant’s second acquisition of an Israeli company, with the deal estimated at several tens of millions of dollars. One of the Reposify investors is Israeli mentalist Lior Suchard.
The threat actors may have exfiltrated sensitive member information, including Social security numbers (SSNs), driver's license identification numbers, health records, and health insurance information.
A total of 33 teams and over 600 participants competed representing the EU Member States and EFTA countries, as well as the five non-EU guest teams from Canada, Israel, Serbia, the United Arab Emirates, and the United States of America.
In a global study by Anaconda, around 40% of professional respondents indicated that their organizations scaled back their open-source software usage in the past year due to concerns around security.
The CISA on Tuesday released an industrial control systems (ICS) advisory warning of seven security flaws in Dataprobe's iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers.
Integration enables applications and systems that were built separately to work together, resulting in new capabilities and efficiencies that cut costs, uncover insights, and much more.
According to Group-IB, around 63% of the fraudulent domains were registered with Russian registrars and included content to target English and Spanish-speaking crypto investors in the U.S. and other countries.
automobile company named JBM Group was allegedly duped by a fraudster who sent fake WhatsApp messages to the firm's chief financial officer Vivek Gupta in the name of its vice chairman and got the money transferred to seven bank accounts.
The attackers use Powtoon to play a malicious video, ultimately presenting the victim with a very convincing spoofed Microsoft login page, where their credentials are harvested.
In addition to the investment, Salt Security and CrowdStrike are partnering to bring together leading technology to apply API discovery and runtime protection on applications, and enable security testing to harden APIs before release.
Vidar is designed to steal information from an infected device, including banking information, saved passwords, IP addresses, browser history, login credentials, and crypto wallets.
Earlier this year, the U.S. regulator voted to revoke China Unicom's U.S. unit, Pacific Networks and ComNet's authorization to operate in the United States, citing national security concerns.
The issue — dubbed "spell-jacking" by researchers at Otto JavaScript Security (Otto-js) — can expose PII from some of the most widely used enterprise applications. including Alibaba, Amazon Web Services, Google Cloud, LastPass, and Office 365.
The flaw, discovered by secure cloud experts at Wiz in June and dubbed AttachMe, is now being discussed in a new security advisory the cloud technology company published today.
In a study by Deloitte, 50.2% of cyber pros said their organization is at risk of ‘harvest now, decrypt later’ attacks, whereby cybercriminals extract encrypted data in anticipation of the time quantum computers are able to break existing algorithms.
Hackers have been launching phishing attacks, using the Browser-in-the-Browser technique, in an attempt to steal Steam credentials from professional gamers. The targets are sent direct invitation links on their Steam account, requesting them to join a team for LoL, CS, Dota 2, or PUBG competitions. Users or gamers are suggested to follow safety guidelines.
American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links.
The volume of malicious activity targeting upstream open source code repositories has hit triple-digit growth over the past three years, according to security firm Sonatype.
The cyber security agency said that vulnerabilities can be exploited by a remote attacker to join meetings they are authorized to join without appearing to other participants.
Reported by security researcher Micha? Bentkowski, the bug highlights the challenges of preventing client-side prototype pollution attacks. Prototype pollution can happen both on the client side (browser) and server side (Node.js servers).
The company announced it has raised $51.5 million in a Series B round led by Andreessen Horowitz’s (a16z) Growth Fund after closing $19.5 million for its Series A earlier this year.
Tracked as CVE-2022-36079, the high severity issue was assigned a CVSS rating of 8.6 by GitHub but 7.5 by the National Institute of Standards and Technology (NIST). Attack complexity was deemed ‘low’.
Upon tracking PrivateLoader’s network infrastructure and activities associated with ruzki PPI, SEKOIA researchers observed an overlap between the former’s C2 servers and the latter’s URLs offered to subscribers.
Documents published by a group taking responsibility for the ransomware attack on Suffolk County government include speeding tickets, contracts with county vendors, and a handwritten marriage license from 1908, according to a Newsday review.
A new report released Wednesday shows the Cyberspace Solarium Commission is on track to have 85% of all of its recommendations implemented with the remaining either facing some hurdles or “significant barriers.”
The hackers did not post any data that would help verify their claims. Motherboard could not independently verify whether the hacktivists stole the personal data of Wagner mercenaries.
The new legislation, signed by Governor Gavin Newsom on September 15, 2022, and passed by the state congress in late August, will implement some of the strictest privacy requirements for children in the US, especially in relation to social media.
With the termination of the consent order, Capital One is no longer required to submit quarterly updates detailing its risk management and auditing practices to the OCC, which it was required to do following the discovery of the hack.
The phishing email sent to targets supposedly originates from Slovenská pošta, the state-owned postal service provider in Slovakia, informing the recipient of the need to cover costs for a parcel that’s pending shipment.
Ubuntu Security Notice 5625-1 - It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 5626-1 - Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. It was discovered that Bind incorrectly handled statistics requests. A show more ...
Ubuntu Security Notice 5623-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the framebuffer driver on the Linux kernel did show more ...
Ubuntu Security Notice 5624-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered show more ...
Ubuntu Security Notice 5622-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and show more ...
Ubuntu Security Notice 5621-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Domingo Dirutigliano and show more ...
Red Hat Security Advisory 2022-6580-01 - The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate show more ...
Red Hat Security Advisory 2022-6592-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-6590-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.
Red Hat Security Advisory 2022-6582-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and heap overflow vulnerabilities.
Red Hat Security Advisory 2022-6585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a double free vulnerability.
This Metasploit module utilizes the Unified Remote remote control protocol to type out and deploy a payload. The remote control protocol can be configured to have no passwords, a group password, or individual user accounts. If the web page is accessible, the access control is set to no password for exploitation, then show more ...
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
Ubuntu Security Notice 5618-1 - It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a user into opening a specially crafted PDF file, an attacker could cause the program to crash.
Red Hat Security Advisory 2022-6595-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
Red Hat Security Advisory 2022-6608-01 - dbus-broker is an implementation of a message bus as defined by the D-Bus specification. Its aim is to provide high performance and reliability, while keeping compatibility to the D-Bus reference implementation. It is exclusively written for Linux systems, and makes use of many show more ...
Red Hat Security Advisory 2022-6610-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and heap overflow vulnerabilities.
Red Hat Security Advisory 2022-6634-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.
WiFiMouse version 1.8.3.4 suffers from a remote code execution vulnerability.
Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5.
Red Hat Security Advisory 2022-6602-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Issues addressed include a spoofing vulnerability.
A Florida teenager who served as a lackey for a cybercriminal group that specializes in cryptocurrency thefts was beaten and kidnapped last week by a rival cybercrime gang. The teen’s captives held guns to his head while forcing him to record a video message pleading with his crew to fork over a $200,000 ransom show more ...
Cybersecurity company Imperva has disclosed that it mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests on June 27, 2022. The "strong attack," which targeted an unnamed Chinese telecommunications company, is said to have lasted for four hours and peaked at 3.9 million requests per second (RPS). "Attackers used HTTP/2 multiplexing, or combining
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an industrial control systems (ICS) advisory warning of seven security flaws in Dataprobe's iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers. "Successful exploitation of these vulnerabilities could lead to unauthenticated remote code execution on the Dataprobe
Almost every vendor, from email gateway companies to developers of threat intelligence platforms, is positioning themselves as an XDR player. But unfortunately, the noise around XDR makes it harder for buyers to find solutions that might be right for them or, more importantly, avoid ones that don't meet their needs. Stellar Cyber delivers an Open XDR solution that allows organizations to use
In what's the latest crypto heist to target the decentralized finance (DeFi) space, hackers have stolen digital assets worth around $160 million from crypto trading firm Wintermute. The hack involved a series of unauthorized transactions that transferred USD Coin, Binance USD, Tether USD, Wrapped ETH, and 66 other cryptocurrencies to the attacker's wallet. The company said that its centralized
For cybersecurity professionals, it is a huge challenge to separate the “good guys” from the “villains”. In the past, most cyberattacks could simply be traced to external cybercriminals, cyberterrorists, or rogue nation-states. But not anymore. Threats from within organizations – also known as “insider threats” – are increasing and cybersecurity practitioners are feeling the pain. Traditional
The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, along with its subsidiary ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the list of communications equipment and services that have been deemed a threat to national security. The agency said the companies are subject to the Chinese government's exploitation, influence, and control, and could
An unknown attacker targeted tens of thousands of unauthenticated Redis servers exposed on the internet in an attempt to install a cryptocurrency miner. It's not immediately known if all of these hosts were successfully compromised. Nonetheless, it was made possible by means of a "lesser-known technique" designed to trick the servers into writing data to arbitrary files – a case of unauthorized
The UK’s National Cyber Security Centre (NCSC) has warned that fraudsters are sending out emails and SMS texts urging homeowners to sign up for a discount on their energy bills.
Bespectacled video conferencing participants have more to worry about than if their hair is uncombed or they have some spinach stuck between their teeth. According to newly-publicised research, they may also be unwittingly leaking sensitive information displayed on their computer screens. Read more in my article on the Hot for Security blog.
