In October 2022, researchers at Trail of Bits published a detailed breakdown of an SQLite DBMS vulnerability. The article discusses possible attacks via CVE-2022-35737, with consequences ranging from a simple application crash to arbitrary code execution. The rather trivial bug in the SQLite code is interesting and show more ...
A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects in an investigation, but they were willing to make an exception for Julius “Zeekill” Kivimaki, a notorious hacker who — at show more ...
An official just revealed the US Department of Treasury was able to fend off a Killnet DDoS attack last month.
TA569 has modified the JavaScript of a legitimate content and advertising engine used by news affiliates, in order to spread the FakeUpdates initial access framework.
The settlement muddies the waters even further for the viability of war exclusion clauses when it comes to cyber insurance.
The cybersecurity agency announced it intends to scan all Internet-connected devices hosted in the UK for known vulnerabilities.
These aren't quick fixes, but by prioritizing needs based on risk, organizations can incrementally apply these steps to become more resilient.
Several artifacts from recent attacks strongly suggest a connection between the two operations, researchers say.
Confused economies and rising unemployment rates foster a rich opportunity for cybercrime recruitment.
RomCom RAT is reportedly being used in attacks against Ukraine's military institutions to distribute trojanized packages using a fake website for the PDF Filler app. In addition, the group has upgraded evasion techniques with string obfuscation and execution as a COM object, among others. All these tactics point out that the group is actively evolving, and can become a potential threat in the future.
Researchers from FortiGuard Labs observed new malware variants, namely FBI ransomware, Wise Guys ransomware, and Pyschedelic ransomware extorting victims. The tactics used by these malware have nothing new, however, it cites an example of how hackers trick victims into paying a ransom, even for unrecoverable files.
Fortinet on Tuesday informed customers about 16 vulnerabilities discovered in the company’s products, including six flaws that have been assigned a ‘high’ severity rating.
Malwarebytes uncovered a set of four Android apps—created by the same developer—redirecting victims to infectious websites as part of an adware and information-stealing campaign. Altogether, these apps had over 1 million downloads. Hackers would wait for nearly four days before opening the first phishing site in the Chrome browser.
Threat actors are able to attack companies after having a physical presence on-site using card skimmers, unsecured PoS systems, unsecured Wi-Fi networks, USB drives, vulnerable IoT devices, social engineering, and insider threats.
The United States Department of Justice this week announced charges against eight individuals for their participation in a racketeering (RICO) conspiracy that involved hacking and tax fraud.
TECS and its customers will benefit from the addition of data security solutions that address the growing needs of larger organizations and additional resource investment in the innovative TECS product and solution suite.
The operators of RomCom RAT are continuing to evolve their campaigns with rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro.
The threat actor behind this supply-chain attack (tracked by Proofpoint as TA569) has injected malicious code into a benign JavaScript file that gets loaded by the news outlets' websites.
A number of Twitter users claim to have received phishing emails that use the lure of losing their verified status to try to fool them into supplying their credentials. The scam works via a Google doc made to look like a Twitter help page.
Researchers have identified over two dozen Python packages on the PyPI registry that imitate popular libraries but instead drop W4SP infostealer after infecting machines.
Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China.
A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022.
The US Department of Energy has awarded $15 million to the National Rural Electric Cooperative Association (NRECA) in an effort to help electric cooperatives expand their cybersecurity capabilities for industrial control systems (ICS).
India’s mass rapid transit systems — or metro, as it’s known locally — rely on commuter smart cards that are apparently vulnerable to exploitation and allow anyone to effectively travel for free.
These are the same pro-Kremlin miscreants that claimed responsibility for knocking more than a dozen US airports' websites offline on October 10 in similar network-traffic flooding incidents.
The company intends to use the funds to expand customer acquisition efforts with accelerated sales and marketing efforts and expand machine learning to enhance its technology-enabled service capabilities as it creates a Managed Open XDR solution.
Researchers from the Emotet research group Cryptolaemus reported that at approximately 4:00 AM ET on November 2nd, the Emotet operation suddenly came alive again, spamming email addresses worldwide.
According to the information on Deribit’s Telegram chat, trading on Deribit is operating as usual. “Due to our hotwallet policy we were able to limit loss of user funds,” a Deribit support person noted.
A high-risk bug in the Gatsby Cloud Image CDN service allowed attackers to stage server-side request forgery (SSRF) and cross-site scripting (XSS) attacks against some cloud-hosted Gatsby websites.
Organizations that can prove their resiliency and compliance with NIS guidelines – showing that they will be able to recover quickly in the event of an attack – could reduce their risks and their insurance premiums.
SentinelLabs experts analyzed tools used by the ransomware gang in attacks, including some custom tools used for EDR evasion. SentinelLabs believes the developer of these tools is, or was, a developer for the FIN7 gang.
Up to 100,000 people from across Asia have been lured to Cambodia by Chinese crime syndicates with the promise of good jobs. When they arrive, their passports are seized and they are put to work in modern-day sweatshops, running cybercrime campaigns.
Chinese hacking group Cicada, aka APT10, was found abusing antivirus software to deploy a new variant of the LODEINFO malware against Japanese organizations. LODEINFO operators have been updating the malware very frequently and continuously, to make it leaner and more efficient. Through LODEINFO, APT10 could be targeting other countries in the near future.
Cyble researchers found a new version of the Drinik Android trojan targeting 18 Indian banks while posing as the country’s official tax management app. It attempts to steal victims’ banking credentials and personal information. Since 2016, Drinik has been circulating in India and operating as an SMS stealer.
Red Hat Security Advisory 2022-7216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.51. Issues addressed include code execution and memory leak vulnerabilities.
Red Hat Security Advisory 2022-7384-01 - The ubi9/openssl image provides provides an openssl command-line tool for using the various functions of the OpenSSL crypto library. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2022-7323-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-7338-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-7329-01 - The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2022-7343-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2022-7318-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private show more ...
Red Hat Security Advisory 2022-7330-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Debian Linux Security Advisory 5269-1 - Nicky Mouha discovered a buffer overflow in the sha3 module of PyPy, a fast, compliant alternative implementation of the Python language.
Red Hat Security Advisory 2022-7319-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-7344-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-7314-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Issues addressed include buffer over-read and buffer overflow vulnerabilities.
Red Hat Security Advisory 2022-7326-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
Red Hat Security Advisory 2022-7340-01 - The php-pear package contains the PHP Extension and Application Repository, a framework and distribution system for reusable PHP components. Issues addressed include file overwrite and traversal vulnerabilities.
Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.
In 2015, HD Moore, the creator of Metasploit, published an article disclosing over 5,800 gas station Automated Tank Gauges (ATGs) which were publicly accessible. Besides monitoring for leakage, these systems are also instrumental in gauging fluid levels, tank temperature, and can alert operators when tank volumes are show more ...
Human-centric security leader will deliver passwordless technology across every major device, browser, and operating system.
During the 2022 holiday shopping season, US consumers will still be shopping digitally, despite cyberattacks and fraud attempts being top of mind.
Investment to advance efforts to detect and mitigate disinformation.
Award-winning email security leader expands best-in-class offerings with gateway-less deployment solution that streamlines security, increases visibility, and enhances efficacy for IT teams.
Senhasegura first to offer password manager and privileged access management (PAM) in a single platform.
Banco de Crédito Cooperativo (BCC) wins the first hyper-realistic cybersecurity competition for the financial industry.
Earns Recognition in 2022 Gartner® Market Guide for Operational Technology Security.
Manufacturing relies on complex interconnected networks and technologies, but with more vendors comes risk that needs to be secured.
Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China. The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee
The operators of RomCom RAT are continuing to evolve their campaigns with rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro. Targets of the operation consist of victims in Ukraine and select English-speaking countries like the U.K. "Given the geography of the targets and the current geopolitical situation, it's unlikely that
Every SaaS app user and login is a potential threat; whether it's bad actors or potential disgruntled former associates, identity management and access control is crucial to prevent unwanted or mistaken entrances to the organization's data and systems. Since enterprises have thousands to tens of thousands of users, and hundreds to thousands of different apps, ensuring each entrance point and
A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022. According to Singapore-headquartered cybersecurity company Group-IB, the attacks have led to thefts totaling $11 million, with actual damages estimated to be as
A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group. This link "could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups," cybersecurity firm SentinelOne said in a technical write-up shared with The Hacker News. Black
Twitter has a new chief twit in the form of Elon Musk and he’s causing problems, scientists say artificial intelligence may help us communicate with animals, and is the office of the future set in the metaverse? All this and much more is discussed in the latest edition of the award-winning “Smashing show more ...
The world's richest man's plans for the news junkie's favourite social network inevitably get a great deal of attention. Not everyone will be aware of the details of what Elon Musk might be planning for Twitter, but they will certainly be aware that it's a hot topic. And so if a Twitter user receives a show more ...
