The best way to avoid falling for scams is to always think critically, even skeptically. What would you do, say, if someone sent you a DM on Twitter with the login credentials for some cryptocurrency account asking for help to withdraw money from it? The right thing to do would be to ignore the message. But maybe, show more ...
Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Microsoft SharePoint show more ...
Automakers swear that the security of their connected vehicles is their top priority. So how come researchers just found dozens of software flaws that could give hackers access to millions of cars? The post CES Overlooks New Report That Finds Auto Cyber Is A Dumpster Fire appeared first on The Security Ledger with show more ...
Automakers swear that the security of their connected vehicles is their top priority. So how come researchers just found dozens of software flaws that could give hackers access to millions of cars? The post New Report Finds Auto Cyber Is A Dumpster Fire appeared first on The Security Ledger with Paul F. Roberts. show more ...
Hacking to kill: Dark Reading's Fahmida Y. Rashid reflects on the monumental Black Hat 2011 moment when Jay Radcliffe showed how to hack his insulin pump.
Microsoft's January 2023 Patch Tuesday security update contains fixes for bugs in multiple products. Here's what you need to patch now.
A paper by two dozen Chinese researchers maintains that near-future quantum computers could crack RSA-2048 encryption, but experts call the claims misleading.
While it has been a perennial forecast that efficient universal quantum computers are “a decade away,” that prospect now seems a legitimate possibility. Organizations need to get ready now.
Vice Society is boasting that it compromised the San Francisco transportation system, while BART maintains operations and mounts an investigation.
Supreme Court rules WhatsApp can sue NSO Group for damages caused by unauthorized Pegasus spyware installations.
The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations.
The cryptomining malware, which typically targets Linux, is exploiting weaknesses in an open source container tool for initial access to cloud environments.
Initially introduced in 2011, SSE-S3 handles both encryption and decryption, along with key management. An opt-in feature until now, SSE-S3 relies on Advanced Encryption Standard (AES) encryption with 256-bit keys managed by AWS.
The vulnerability in the open-source library is tracked CVE-2022-23529 and impacts JsonWebToken versions below 9.0.0, released on December 21st, right before the holidays.
The Turla threat actor group, mostly associated with Russian intelligence, was observed gaining access to victim networks by registering the expired domains of about decade-old malware infrastructure. Turla has been using advanced tactics, including victim profiling, to tailor its exploitation efforts to target specific information of interest to Russia.
The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than 1,330 emails to accounts belonging to the country’s state services.
Threat actors abused an open redirect on the official website of the United Kingdom's Department for Environment, Food & Rural Affairs (DEFRA) to direct visitors to fake OnlyFans adult dating sites.
This new trend has been observed by analysts at Resecurity around the beginning of the third quarter of 2022. It is thought to be a response to last year's high-profile darknet market crackdowns, most notably that of Hydra Market.
The capital will be invested in research and development and into increasing the number of employees to almost 300 in the next two years. The company also plans to expand into the US market.
Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed was the person’s name, address, birthday, and Social Security number.
Cybercriminals are targeting Pokemon NFT enthusiasts via a couple of Pokemon-based NFT card game sites that can lead to the compromise of victims' devices. How? The fake site pushes the NetSupport remote access tool on users’ devices. Security analysts at ASEC observed the first signs of this campaign in December 2022.
As if colonoscopies weren't invasive enough, nearly a quarter-million patients who underwent an intestinal probe since 2019 now must grapple with a data breach tied to a hacking incident at a third-party vendor to gastroenterologists.
The ChatGPT AI chatbot has created plenty of excitement in the short time it has been available and now it seems it has been enlisted by some in attempts to help generate malicious code.
It was found that the Russian hacking group Callisto, aka Cold River), targeted the Argonne, Brookhaven, and Lawrence Livermore National Laboratories between August and September 2022. The group attempted to create fake login pages for the three labs and sent phishing emails with links to these pages to trick nuclear scientists into revealing their passwords.
No explanation of the attack’s impact on its business operations has yet been disclosed, nor has the nature of the attack. The company stated it is “taking steps to ensure that its businesses can continue to trade with its customers and suppliers.”
In November 2011, the FBI-led Operation Ghost Click raided malicious servers run by the Rove Digital cyber group. This was only after it had used the DNSChanger Trojan to infect over four million computers and generate $14 million in illicit profits.
American investigative reporter Emma Best, a founder of the whistleblower site Distributed Denial of Secrets (DDoSecrets), told The Record in July that hackers had leaked over 12 million Russian documents to the organization since February.
The multiple breaches of password management giant LastPass in 2022 has created significant discussion – and alarm – among the cybersecurity community, not to mention affected LastPass customers.
While the attack did not cause any damage and no riders were put at risk, city officials raised alarms in a report because the attackers could have reached critical systems and may have left backdoors inside.
Meta Platforms has agreed to pay $725 million to settle a long-running lawsuit that allowed third parties, including Cambridge Analytica, to access users’ personal information without their consent for political advertising.
Triple Data Encryption Algorithm is used widely across many industries and in many popular network protocols to encrypt data at rest and data in motion. NIST deprecated the algorithm in 2018, however, and Triple DES use will be disallowed after 2023.
A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users' private keys.
The StrongPity group has been found using a fake website since 2021 that impersonates the actual Shagle site to trick victims into downloading a malicious Android. Once installed, this app enables hackers to conduct espionage on the targeted victims.
Security researcher Abdulraheem Khaled has discovered a coding scheme that can allow attackers to perform prototype pollution-like attacks on Python programs. He calls it ‘class pollution’ in a blog post documenting his findings.
A new malware campaign has been observed targeting users in Italy with phishing emails designed to deploy an information stealer on compromised Windows systems to steal system info, browser histories, cookies, and credentials of crypto wallets.
Tiki Wiki CMS Groupware versions 24.1 and below suffer from a PHP object injection vulnerability in tikiimporter_blog_wordpress.php.
Tiki Wiki CMS Groupware versions 24.0 and below suffers from a PHP object injection vulnerability in grid.php.
Tiki Wiki CMS Groupware versions 24.0 and below suffer from a PHP code injection vulnerability in structlib.php.
Ubuntu Security Notice 5797-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Red Hat Security Advisory 2023-0032-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.47. Issues addressed include a bypass vulnerability.
Tiki Wiki CMS Groupware versions 25.0 and below suffer from multiple cross site request forgery vulnerabilities.
Red Hat Security Advisory 2023-0050-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
Ubuntu Security Notice 5796-1 - It was discovered that w3m incorrectly handled certain HTML files. A remote attacker could use this issue to cause w3m to crash, resulting in a denial of service, or possibly execute arbitrary code.
MOV.AI Robotics Engine version 2.2.3-3 suffers from multiple cross site scripting vulnerabilities.
Ubuntu Security Notice 5793-2 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was show more ...
An improper access control vulnerability in MOV.AI Robotics Engine version 2.2.3-3 allows an unauthenticated user to delete an existing user or create new user-privileged functionality in the application.
Ubuntu Security Notice 5795-1 - It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged show more ...
Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.
Linux kernel version 4.10 suffers from a use-after-free vulnerability in __do_semtimedop() due to a lockless check outside the RCU section.
The Mali driver tries to use the KBASE_REG_NO_USER_FREE flag to ensure that the memory region referenced by kbase_csf_tiler_heap::buf_desc_reg cannot be freed by userspace. However, this flag is only a single bit, and there can be multiple tiler heaps referencing the same memory region. This can lead to a use-after-free condition.
Red Hat Security Advisory 2023-0049-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.
Online Food Ordering System version 2.0 suffers from a remote SQL injection vulnerability.
Online Food Ordering System version 2.0 suffers from a remote shell upload vulnerability.
Ubuntu Security Notice 5782-3 - USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. show more ...
WordPress Mega Main Menu plugin version 2.2.2 suffers from a backup disclosure vulnerability.
Ubuntu Security Notice 5792-2 - Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization. A local attacker could possibly use this to cause a denial of service. It was discovered that a race condition show more ...
Ubuntu Security Notice 5791-2 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the show more ...
WordPress Slider Revolution plugin version 4.6.5 suffers from a remote shell upload vulnerability.
Red Hat Security Advisory 2023-0046-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include out of bounds access and use-after-free vulnerabilities.
nVisium's cloud and application security experts join NetSPI to support, scale, and deliver the most comprehensive suite of offensive security solutions.
New Add-On Empowers SOCs and MSPs to Automate & Orchestrate Incident Response for Microsoft 365.
2023 Security Service Edge (SSE) Adoption Report finds that SSE technology addresses key pain points including much-needed solution consolidation, transition to hybrid work and need for hardened security.
401 distinct cloud apps shown to deliver malware; Microsoft OneDrive delivered 30% of all cloud malware downloads.
Annual survey uncovers surprising data but warns against complacency.
Moving Analytics, leading provider of virtual cardiac rehabilitation and prevention, announced that it is launching single sign on authentication for its entire software platform.
US cybersecurity services firm continues expansion into Latin America.
A high-severity security flaw has been disclosed in the open source jsonwebtoken (JWT) library that, if successfully exploited, could lead to remote code execution on a target server. "By exploiting this vulnerability, attackers could achieve remote code execution (RCE) on a server verifying a maliciously crafted JSON web token (JWT) request," Palo Alto Networks Unit 42 researcher Artur Oleyarsh
A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users' private keys. The seven attacks span three different threat models, according to ETH Zurich researchers Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong Truong,
A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto wallets from victim machines," Uptycs security researcher Karthickkumar Kathiresan said in a report.
The advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. "A copycat website, mimicking the Shagle service, is used to distribute StrongPity's mobile show more ...
