Reproductive health apps have long since ceased to be a simple online menstrual cycle calendar. Now theyre much more than that: todays apps monitor changes in the body from first menstruation to menopause, help prepare for pregnancy (or prevent an unwanted one), and much else besides. Formerly mostly electronic show more ...
Zero trust is useful in some situations, but organizations should not be trying to fit zero trust everywhere. In some cases, identity-based networking is an appropriate alternative.
Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR.
InfraGard's members include key security decision-makers and stakeholders from all 16 US civilian critical-infrastructure sectors.
Attackers also could breach internal production data to compromise a corporate network using vulnerabilities found in the BrickLink online platform.
It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality?
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail.
Sweeping operation took down around 50 popular DDoS platforms, just one of which was used in 30M attacks, Europol says.
All critical information infrastructures (CIIs) in Singapore must continuously transform to keep up with the changing threat landscape and this means going beyond "generic" cybersecurity practices.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two flaws affecting Veeam’s Backup & Replication product to its Known Exploited Vulnerabilities Catalog.
Australia signed a bilateral security agreement with Vanuatu on Tuesday which will include cooperation over cybersecurity matters, the Department of Foreign Affairs and Trade (DFAT) announced.
The cyber-espionage group Cloud Atlas has ramped up activities targeting Russia, Belarus and disputed parts of Ukraine and Moldova since Russia’s invasion this year, according to a new Check Point report.
Effective from January 10 next year, the new law requires anyone offering "deep synthesis" technology and services, including deepfakes and virtual reality, to label these images accordingly.
Ant Security researcher Yuhao Jiang demonstrated a working exploit for the CVE-2022-31705 vulnerability during Geekpwn, a hacking contest run by the Tencent Keen Security Lab.
Momentum is building around a recently created Biden administration task force meant to unite the federal government for a common purpose: stem the tide of ransomware attacks that has flooded the country.
The US authorities have charged six people in connection with running DDoS-for-hire services which enabled attacks on millions of targets, according to the Department of Justice (DoJ).
The new distribution method was spotted by Cisco Talos, which said it identified fraudulent email messages featuring HTML attachments with encoded SVG images that incorporate HTML script tags.
After looking at 28 of the most popular manufacturers, the Cybernews research team found 3.5 million IP cameras exposed to the internet, signifying an eightfold increase since April 2021.
InfraGard is an information-sharing network designed to allow high-level professionals both in and out of the government to collaborate on issues of cybersecurity and defense.
The EU has issued a draft decision agreeing that measures taken by the United States ensure sufficient protection for personal data to be transferred from the region to US companies.
The Commission Nationale de l'informatique et des Libertés (CNIL) launched an investigation into Apple after a complaint filed by France Digitale, a lobby group supporting startups, accused the company of violating EU privacy laws last year.
Google this week announced a Chrome update that resolves eight vulnerabilities in the popular browser, including five use-after-free flaws reported by external researchers.
A cyber warfare group backed by a “neighbouring” nation’s government was involved in the cyberattack on servers of the All India Institute of Medical Sciences (AIIMS), two sources aware of a government probe into the breach said.
Siemens released 20 new advisories addressing roughly 140 security holes, including more than 80 OpenSSL and OpenSSH vulnerabilities affecting its Scalance X-200RNA switches.
There's no end – or restored data – in sight for some Rackspace customers now on the 12th day of the company's ransomware attack-induced hosted Exchange email service outage.
NuGet had the largest share of malicious package uploads, counting 136,258, PyPI had 7,894 infections, and NPM only had 212. The phishing packages were uploaded in troves within a couple of days, which is commonly a sign of malicious activity.
Software teams can now fix bugs faster with faster release cycles, but breach pressure is increasing. Using SBOM and automation will help better detect, prevent, and remediate security issues throughout the software development life cycle.
This report builds upon "Potential Threat Vectors to 5G Infrastructure," a paper published last year by the Enduring Security Framework (ESF) cross-sector working group focused on addressing risks and threats to U.S. national security systems.
Microsoft says it has suspended several third-party developer accounts that submitted malicious Windows drivers for the IT giant to digitally sign so that the code could be used in cyberattacks.
ESET researchers discovered a spearphishing campaign targeting Japanese political entities a few weeks before the House of Councillors elections, and in the process uncovered a previously undescribed MirrorFace credential stealer
FortiGuard Labs identified an ongoing, previously unseen CMS scanner and brute forcer, dubbed GoTrim, installed in infected WordPress sites on Linux systems. The botnet detects and evades anti-bot techniques used by web hosting providers and CDNs, such as Cloudflare and SiteGround. WordPress site owners are recommended to use stronger administrator account passwords and upgrade the base CMS software.
Multiple high-impact vulnerabilities affecting Thunderbird, Firefox ESR, and Firefox were fixed by updates from Mozilla. The bugs might have given arbitrary code execution if they were successfully exploited.
An emerging cybercriminal group linked with Conti has expanded its partial encryption strategy and demonstrates other evasive maneuvers, as it takes aim at healthcare and other sectors.
The HHS warned the healthcare and public health sector organizations against the rising number of LockBit 3.0 ransomware attacks, along with other ransomware and triple-extortion. The frequent attack vectors associated with ransomware are phishing, Remote Desktop Protocol (RDP), credentials, and known vulnerabilities.
New phishing techniques by APT42, or Charming Kitten, have come to light that includes compromised accounts, malware, and confrontational lures. The researchers observed at least 60 campaigns this year, which relied on benign conversations to initiate contact with targets.
Microsoft revoked several hardware developer accounts after drivers signed through those profiles were leveraged by hackers in attacks, including ransomware incidents. Sophos revealed that Cuba ransomware operators used the BURNTCIGAR loader utility to install a malicious driver signed using Microsoft's certificate.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated factory reset vulnerability in restorefactory.cgi.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated remote code execution vulnerability in upload.cgi.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a conditional command injection vulnerability in traceroute.php.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username related unauthenticated command injection vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a password related unauthenticated command injection vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a services related authenticated command injection vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from an unauthenticated file disclosure vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in ping.php.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated radio stream disclosure vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in dns.php.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an information disclosure vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username persistent cross site scripting vulnerability.
Adversary3 is a tool to navigate the vast www.malvuln.com malware vulnerability dataset.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated directory traversal file write vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a hardcoded credential vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below allow an unauthenticated attacker to send network signals to an arbitrary target host that can be abused in an ICMP flooding attack. This includes the utilization of the ping, traceroute and nslookup commands through ping.php, traceroute.php and dns.php respectively.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username SQL injection vulnerability that allows for authentication bypass.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a password SQL injection vulnerability that allows for authentication bypass.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below allows an unauthenticated attacker to disconnect the current monitoring user from listening/monitoring and takeover the radio stream on a specific channel.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffers from an insufficient session expiration vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an authorization bypass due to an insecure direct object reference vulnerability.
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a cross site request forgery vulnerability.
SOUND4 Server Service version 4.1.102 suffers from an unquoted search path issue impacting the service SOUND4 Server for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user show more ...
BSidesSF is soliciting presentations, workshops, and villages for the 2023 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco April 22nd through the 23rd, 2023.
Acronis TrueImage versions 2019 update 1 through 2021 update 1 are vulnerable to privilege escalation. The com.acronis.trueimagehelper helper tool does not perform any validation on connecting clients, which gives arbitrary clients the ability to execute functions provided by the helper tool with root privileges.
New features bring greater visibility and context into SaaS applications access and activity.
New research also analyzes the commoditization of adversary-in-the-middle attacks, JavaScript obfuscation in exploit kits, and a malware family with Gothic Panda ties.
Phishing campaigns involving the Qakbot malware are using Scalable Vector Graphics (SVG) images embedded in HTML email attachments. The new distribution method was spotted by Cisco Talos, which said it identified fraudulent email messages featuring HTML attachments with encoded SVG images that incorporate HTML script tags. HTML smuggling is a technique that relies on using legitimate features of
A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices. Mobile security company Zimperium dubbed the activity MoneyMonger, pointing out the use of the cross-platform Flutter framework to develop the apps. MoneyMonger "takes advantage of Flutter's framework to
Web applications, often in the form of Software as a Service (SaaS), are now the cornerstone for businesses all over the world. SaaS solutions have revolutionized the way they operate and deliver services, and are essential tools in nearly every industry, from finance and banking to healthcare and education. Most startup CTOs have an excellent understanding of how to build highly functional
NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors. "The packages were part of a new attack vector, with attackers spamming the open-source ecosystem with packages containing links to phishing campaigns," researchers from Checkmarx and Illustria said in a report published Wednesday. Of the 144,294
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service (DDoS) attacks on behalf of other threat actors, effectively lowering the barrier to entry for malicious activity. It also charged six suspects – Jeremiah Sam Evans Miller (23), Angel Manuel Colon Jr. (37), Shamar Shattock (19), Cory Anthony Palmer
A Chinese-speaking advanced persistent threat (APT) actor codenamed MirrorFace has been attributed to a spear-phishing campaign targeting Japanese political establishments. The activity, dubbed Operation LiberalFace by ESET, specifically focused on members of an unnamed political party in the nation with the goal of delivering an implant called LODEINFO and a hitherto unseen credential stealer
Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism. SPNEGO,
Law enforcement agencies in the United States, UK, Netherlands, Poland, and Germany have brought down the most popular DDoS-for-hire services on the internet, responsible for tens of millions of attacks against websites. Read more in my article on the Tripwire State of Security blog.
Drug dealers come unstuck while using the Encrochat encrypted-messaging app, and we put the Lensa AI’s avatar-generation tool under the microscope. All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault. Plus – don’t miss our featured interview with Rico Acosta, IT manager at Bitwarden.
Microsoft has warned that malicious hackers were able to get the software giant to digitally sign their code so it could be used in attacks, such as the deployment of ransomware. Read more in my article on the Hot for Security blog.
