Ive been saying it often – for years: antivirus is dead. Such a statement might at first seem strange – especially from someone whos been a mover and shaker since the very earliest days of all things viruses and anti-virus in the late eighties and early nineties. However, if you dig a little deeper into the AV show more ...
ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just weeks after show more ...
No longer the realm of lone wolves, the world of cybercrime is increasingly strategic, commoditized, and collaborative.
The Hell's Keychain attack vector highlights common cloud misconfigurations and secrets exposure that can pose grave risk to enterprise customers.
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
The threat actor behind an August intrusion used data from that incident to access customer data stored with a third-party cloud service provider, and affiliate GoTo reports breach of development environment.
As consumers catch on to the dangers, protection could become a major topic for legislative bodies.
CI Fuzz CLI, the open source fuzzing tool with just three commands, integrates fuzz testing directly into the software development workflow.
A vulnerability discovered in GitHub Actions could allow an attacker to poison a developer's pipeline, highlighting the risk that insecure software pipelines pose.
Jefferson Wells, the tax professional services arm of ManpowerGroup, reported on Tuesday that while cybersecurity continues as the No. 1 risk among audit professionals, ESG jumped up to No. 2 on the list of emerging risks.
According to the information posted on Twitter by Yusuke Osumi, a security researcher at Yahoo! Japan, the attacker sends SMS messages from overseas with a Google Play link to lure users to install the malware.
China-linked cyberespionage group UNC4191 has been observed targeting public and private entities in Southeast Asia, Asia-Pacific, the U.S., and Europe, with increased attention on the Philippines. Hackers attempt to steal data from air-gapped systems through self-replicating malware on USB drives. The three malware show more ...
A shocking 87% of contractors have a sub-70 Supplier Performance Risk System (SPRS) score, the metric that shows how well a contractor meets Defense Federal Acquisition Regulation Supplement (DFARS) requirements.
CloudSEK released a new advisory about a previously disclosed phishing campaign against the UAE government. The team suggested that the campaign appears to be more substantive than believed earlier. Security experts have noted an additional cluster of phishing domains—camouflaged as the Ministry of Human Resources show more ...
Google identified three different exploitation frameworks, namely Heliconia Noise, Heliconia Soft, and Heliconia Files. These frameworks exploit Google Chrome, Windows Defender, and Mozilla Firefox, respectively.
About 72% of organizations remain vulnerable to the Log4Shell vulnerability as of October 1, 2022, Tenable‘s latest telemetry study has revealed, based on data collected from over 500 million tests.
Synopsys researchers found vulnerabilities that enable authentication bypasses and remote code execution in the three apps, namely Lazy Mouse, Telepad, and PC Keyboard, but did not find a single method of exploitation that applies to all three.
In total, Lookout researchers uncovered 251 Android apps on the Google Play store with over 15 million collective downloads. They also identified 35 apps on the Apple App Store that were in the top 100 finance apps in their regional stores.
LockBit 3.0 or 'LockBit Black' includes anti-debugging capabilities, the ability to delete Volume Shadow Copy files and the potential ability to self-spread via legitimate tools.
Analysts at Confiant have been tracking 'CashRewindo' since 2018 and report the threat actor stands out for an unusually crafty approach in setting up malicious advertising operations with great attention to detail.
New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an "unexpected behavior" in the npm command line interface (CLI) tool.
What helped take down KmsdBot was its lack of error-checking and "the coding equivalent of a typo," which led to the malware crashing and stopping to send attack commands due to the wrong number of arguments to the C2 server.
Sirius XM's Connected Vehicle Services has fixed an authorization flaw that would have allowed an attacker to remotely unlock doors and start engines on connected cars knowing only the vehicle identification number (VIN).
The Australian parliament has approved a bill to amend the country's privacy legislation, significantly increasing the maximum penalties to AU$50 million ($33.44 million) for companies and data controllers who suffered large-scale data breaches.
Google this week announced the release of Chrome 108 in the stable channel with patches for 28 vulnerabilities, including 22 reported by external researchers. Of those 22, eight are high-severity issues and 14 are medium-severity flaws.
Russia-based OpZero went on the record recently with a $1.5 million offer for Signal remote code execution (RCE) exploits, more than tripling the relatively stable high-water mark for that app offered by American firm Zerodium.
The backdoor has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing credentials from browsers.
A new report conducted by Enterprise Strategy Group (ESG) highlights why today’s security teams find it increasingly difficult to detect and stop cyber threats targeting their organizations.
LastPass chief executive Karim Toubba said in a blog post that an “unauthorized party” recently gained access to some customers’ information stored in a third-party cloud service shared by LastPass and its parent company, GoTo.
The cybercriminals behind the Medibank cyber-attack have posted on the dark web what appears to be the remainder of the customer data they took from the health insurer, stating it is “case closed” for the hack.
The financial services sector has been hit by cybercriminals again and again - ranging from ransomware attacks to DDoS attacks to phishing. There is a 3.5 times increase (257%) in web app and API attacks, year-over-year. 32% of organizations in the financial services sector observed accidental data leakage compared to an average of 25% in other industry verticals.
Disguised as the good guy, these malicious apps known as the “Schoolyard Bully Trojan” are camouflaged as legitimate, educational applications with a wide range of books and topics for their victims to read.
While the threat has evolved, threat actors continue to use phishing attacks to steal credentials and then send fraudulent invoices soliciting payment. Thousands of organizations have lost billions of dollars.
Over the past few days, Keralty and its subsidiaries, EPS Sanitas and Colsanitas, have suffered disruption to their IT operations, the scheduling of medical appointments, and its websites.
Nearly two years after the first series of Microsoft Exchange Server vulnerabilities became known, four collections of high-profile bugs are likely to remain a headache for enterprises for the foreseeable future.
Ubuntu Security Notice 5753-1 - The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code.
Ubuntu Security Notice 5752-1 - David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Soenke Huster show more ...
Market drivers include new regulations, increasing automobile complexity, and new vehicle types.
Ratings ranged from AAA to CC, with security effectiveness scores from 27% to 100%.
Know what you need to fix today and what you don’t.
More than 300,000 users across 71 countries have been victimized by a new Android threat campaign called the Schoolyard Bully Trojan. Mainly designed to steal Facebook credentials, the malware is camouflaged as legitimate education-themed applications to lure unsuspecting users into downloading them. The apps, which were available for download from the official Google Play Store, have now been
An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. KmsdBot, as christened by the Akamai Security Intelligence Response Team (SIRT), came to light mid-November 2022 for its ability to brute-force systems with weak SSH credentials. The botnet strikes both Windows and Linux devices spanning a wide range of
Popular password management service LastPass said it's investigating a second security incident that involved attackers accessing some of its customer information. "We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo," LastPass CEO Karim Toubba said. GoTo, formerly called LogMeIn, acquired LastPass
Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said. "While our investigation continues there
A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems. Tracked as CVE-2022-4116 (CVSS score: 9.8), the shortcoming could be trivially abused by a malicious actor without any privileges. "The vulnerability is found in the Dev UI Config Editor, which is vulnerable to drive-by
Today's threat landscape is constantly evolving, and now more than ever, organizations and businesses in every sector have a critical need to consistently produce and maintain secure software. While some verticals - like the finance industry, for example - have been subject to regulatory and compliance requirements for some time, we are seeing a steady increase in attention on cybersecurity best
A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018. "Their Heliconia framework exploits n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender, and provides all the tools necessary to
Why deleting your Twitter account may be a very bad idea, how the police unravelled the iSpoof fraud gang, and a trip into outer space (or at least interplanetary file systems). All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by original show co-host Vanja Švajcer.
