The final episode of the year brings some pretty big stories for the Transatlantic Cable team – kicking off this week, discussion starts with a troubling story about democracies and spyware – in particular how the malicious software is being leveraged by others to try to subvert democratic countries. Moving from show more ...
What is the worst that can happen when a developer's machine is compromised? Depending on the developer's position, attackers gain access to nearly everything: SSH keys, credentials, access to CI/CD pipelines and production infrastructure, the works.
A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.
The follow-on attack from August's source-code breach could fuel future campaigns against LastPass customers.
Vendors and operators attempt to balance power and security, but right now, power is the highest goal.
Securing videoconferencing solutions is just one of many IT security challenges small businesses are facing, often with limited financial and human resources.
To stay safer, restrict access to data, monitor for breaches in the supply chain, track relevant data that is sold on the Dark Web, and implement best safety practices.
APIs are key to cloud transformation, but two Google surveys find that cyberattacks targeting them are reaching a tipping point, even as general cloud security issues abound.
Rackspace Technology is ready to hand over recovered emails to Hosted Exchange customers who were disrupted during the December 2 ransomware attack, according to a Wednesday status update on the incident.
The U.S. Federal Communications Commission proposed today a record-breaking $300 million fine against an auto warranty robocall operation that made billions of calls to more than 550 million phones across the United States.
FortiGuard Labs researchers came across two holiday-themed phishing examples that exploit people’s interests in the holidays, leading to malware infection and further exploitation.
Computer scientists from Stanford University have found that programmers who accept help from AI tools like GitHub Copilot produce less secure code than those who fly solo.
Notably, the Office documents attached did not contain any exploit or macro code that could execute malicious code. Instead, the documents only contained Chinese text and a QR code.
The Zerobot DDoS botnet can now take over more internet-connected devices and scale its infection network with a new round of updates. The new strain not only enhances its DDoS attack capabilities but also allows it to exploit two Apache bugs, namely CVE-2021-42013 and CVE-2022-33891. Microsoft Threat Intelligence Center (MSTIC) tracks the ongoing threat under the moniker DEV-1061.
The settlement class, which has been directly notified of the settlement, is defined as U.S. residents whose data was compromised during the data incident the defendant announced on or about August 1, 2021.
Starting on December 19th, many Xfinity email users began receiving notifications that their account information had been changed. However, when attempting to access the accounts, they could not log in as the passwords had been changed.
Consumers affected by a data breach in February 2021 filed a class action lawsuit against FCI, arguing that the company should have protected their information through reasonable cybersecurity measures.
Researchers say it's likely that the group behind the custom-branded PolyVice ransomware for Vice Society is also selling similar payloads to other groups. It implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms.
In a blog post on Monday, Google security engineer Alexey Firsh provided examples of how the cheat sheet can be used to find files connected to certain entities, groups of activities, documents, networks, and non-Windows malware samples.
According to official sources, there have been instructions from the Union Health Ministry for Safdarjung and Ram Manohar Lohia (RML) hospitals on steps to be taken to enhance cyber security.
Trend Micro researchers say that malicious actors are using malvertising to distribute the IcedID malware via cloned webpages of legitimate organizations and well-known applications.
Zoom has patched a cross-site scripting (XSS) bug that worked in both the desktop and web versions of its Whiteboard app. The XSS bug in Zoom Whiteboard was discovered by security researcher Eugene Lim (aka ‘spaceraccoon’).
72% of IT leaders believe their companies moved to the cloud without properly understanding the skills, maturity curve, and complexities of making it all work securely, according to a recent CloudBolt Software report.
While security teams may be hasty to pile on every additional security measure in existence to supplement MFA, they must not compromise too heavily on convenience. It's a delicate balance and a difficult one to strike.
The password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults by using data siphoned from the earlier break-in.
The new malicious campaign from STEPPY#KAVACH observed over the past few weeks appears to share many common TTPs with the SideCopy/APT36 threat actors that were extremely active in 2021 and were previously attributed to Pakistan by some researchers.
This Metasploit module exploits an unauthenticated command injection vulnerability in the yrange parameter in OpenTSDB through 2.4.0 (CVE-2020-35476) in order to achieve unauthenticated remote code execution as the root user. The module first attempts to obtain the OpenTSDB version via the api. If the version is 2.4.0 show more ...
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
WordPress Yith WooCommerce Gift Cards Premium plugin versions 3.19.0 and below suffer from a remote shell upload vulnerability.
Stock Management System 2022 version 1.0 from Erick Cesar suffers from a remote SQL injection vulnerability.
The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults using data siphoned from the break-in. Also stolen is "basic customer account information
The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of sectors. "This ransomware variant, dubbed 'PolyVice,' implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms," SentinelOne researcher Antonio Cocomazzi said in an analysis. Vice Society, which is tracked by Microsoft under the
France's privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft's Ireland subsidiary for dropping advertising cookies in users' computers without their explicit consent in violation of data protection laws in the European Union. The Commission nationale de l'informatique et des libertés (CNIL) noted that users visiting the home page of its Bing search engine did not
The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, checking passwords against breached databases, certificate revocation checks, and streaming, among others. The scheme is called FrodoPIR
A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. ".LNK files are used to initiate code execution which eventually downloads and runs a
Tis the season for security and IT teams to send out that company-wide email: “No, our CEO does NOT want you to buy gift cards.” As much of the workforce signs off for the holidays, hackers are stepping up their game. We’ll no doubt see an increase in activity as hackers continue to unleash e-commerce scams and holiday-themed phishing attacks. Hackers love to use these tactics to trick end
