The first episode of 2023 of the Transatlantic Cable Podcast kicks off with news around the recent Twitter hack – emphasis on recent as the data was actually siphoned from Twitter back in 2021, but has only recently come to light – timing is everything it seems. From there, the team look at news that the Web3 show more ...
No company can operate successfully without smooth cooperation between the general management and the specialists responsible for different areas of the business. Such cooperation of course requires communication, which can sometimes be difficult since managers and specialists work in different information bubbles and show more ...
For businesses looking to invest in the creation of a safer and more productive modern office environment, here’s a rundown of the top 2023 technologies to secure your hybrid workspace. The post 2023 Technologies to Secure Your Hybrid Workspace appeared first on The Security Ledger with Paul F. Roberts. Related show more ...
Shift your mindset from risk to resilience.
After a delay of more than a year, Intel's on-chip confidential computing feature is coming to all the major cloud providers, starting with Microsoft's Azure.
With artificial intelligence poised to displace many SOC professionals, it's important to think ahead to potential niches for cybersmart humans — even to outer space.
Are you asking the right questions about potential scenarios when thinking about disaster recovery and business continuity?
Organizations are looking for new methods to safeguard the virtual machines, containers, and workload services they use in the cloud.
School to resume Thursday, Jan. 12, after Iowa school district detected unusual network activity and pulled the plug.
Current defenses are able to protect against today's AI-enhanced cybersecurity threats, but that won't be the case for long as these attacks become more effective and sophisticated.
This revelatory information from the Pakistan government was delivered last week in a cabinet advisory titled “Leakage of Sensitive Data on Dark Web (AdvisorvNo.53)” that was issued without fanfare.
Siemens has published six new advisories that describe a total of 20 vulnerabilities. Schneider Electric has also released six new advisories, but they only cover a total of seven vulnerabilities.
Two of the US government's leading security agencies are building a ML-based analytics environment to defend against rapidly evolving threats and create more resilient infrastructures for both government entities and private organizations.
The campaign was first detected on December 22, 2022, when a malicious package named PyroLogin was identified as Python malware designed to fetch code from a remote server and execute it silently.
Zoom addressed four high-severity vulnerabilities impacting its videoconferencing platform Zoom Rooms. The flaws are tracked as CVE-2022-36930 (CVSS Score 8.2), CVE-2022-36929 (CVSS Score 7.8), and CVE-2022-36926 and CVE-2022-36927 (CVSS Score 8.8).
The incident highlights the risks organizations take when they rely too much on mitigations alone to keep them safe from vulnerability exploits, says Mike Parkin, senior technical engineer at Vulcan Cyber.
The most prominent update, for the widely deployed Adobe Acrobat and Reader software, fixes critical severity flaws that expose Windows and macOS users to code execution attacks.
On Monday, Des Moines Public Schools – which serves 30,000 students and has nearly 5,000 staff members – said it preemptively took the school district’s internet and network services offline in response to “unusual activity on the network.”
According to the report, the Interior Department’s password complexity requirements were outdated and ineffective. It also failed to disable inactive accounts in a timely manner or to enforce password age limits.
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild.
Once installed, the RAT is capable of collecting information and capturing screenshots, and exporting them to an offsite server. Regardless of its cybercrime connections, however, RomCom’s efforts focus on people.
Resecurity outlined a new marketplace called “Kraken,” which emerged right at the beginning of 2023 following the Christmas holidays, designed in the best traditions of Hydra.
xdr33 is a backdoor born from the CIA Hive project, its main purpose is to collect sensitive information and provide a foothold for subsequent intrusions. For network communication, xdr33 uses XTEA or AES algorithm to encrypt the original traffic.
The starting point of the cyber assault is to direct users searching for healthcare-related keywords to an infected WordPress blog that tricks them into downloading malware-laced ZIP files.
Government and military organizations in the Asia-Pacific region are being targeted by a previously unknown advanced persistent threat (APT) actor, per the latest research conducted by Albert Priego of Group-IB
NetSPI has acquired nVisium to further scale its offensive security solutions and address heightened demand for human-delivered penetration testing. nVisium will support NetSPI’s efforts to deliver strategic security testing solutions to enterprises.
Back in the spring of 2020, an advert for a new skimmer was posted to a criminal forum. The product, called mr.SNIFFA, claims to have code that cannot be seen using browser tools and works across different browsers.
Global insurer Aflac's Japanese branch has revealed that personal data describing more than three million customers of its cancer insurance product has been leaked online.
The acquisition of PMG is a key strategic move that complements Simeio’s successful organic strategy of expanding into new industries and talent pools and adding new capabilities around identity orchestration and automation.
The websites of the central bank and Bankdata, a company that develops IT solutions for the financial industry, were hit by DDoS attacks, which direct traffic toward targeted servers in a bid to knock them offline.
Researchers at LookingGlass examined public internet-facing assets from over 7 million IP addresses belonging to the sector in November 2022 – finding that a seven-year-old RCE vulnerability affecting Microsoft Windows topped the list.
The multi-stage infection sequence begins with a phishing email containing a link that downloads a password-protected ZIP archive file with two files: a shortcut (.LNK) file and a batch (.BAT) file.
The number of victims posted on ransomware extortion sites rose more than 20% in December to 241 organizations — the highest monthly count since April, according to data collected by Recorded Future.
According to ESET researchers, attackers use a fake Shagle website that tricks victims into downloading the malicious APK file. In reality, the app is a trojanized version of the standard Telegram app for Android.
AnyDesk is a popular remote desktop application for Windows, Linux, and macOS, used by millions of people worldwide for secure remote connectivity or performing system administration.
S-RM researchers identified a Lorenz ransomware attack that was completed months after the attackers gained initial access. They exploited CVE-2022-29499, a vulnerability in Mitel telephony infrastructure.
The CISA has added two more security vulnerabilities to its catalog of exploited bugs, one of which affects Microsoft Exchange and the second one is in Windows Advanced Local Procedure Call.
More than 10,000 beneficiaries of a local branch of the French social security agency CAF, or Family Allowance Fund, saw their data exposed for about 18 months, after a file containing personal information was sent to a service provider.
The US Supreme Court gave the green light on Monday for WhatsApp to pursue a lawsuit against NSO Group, the Israeli surveillance company, for installing the Pegasus spyware on roughly 1400 devices where WhatsApp was also installed.
Gentoo Linux Security Advisory 202301-9 - A vulnerability has been discovered in protobuf-java which could result in denial of service. Versions less than 3.20.3 are affected.
Ubuntu Security Notice 5799-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.
Debian Linux Security Advisory 5313-1 - It was found that those using java.sql.Statement or java.sql.PreparedStatement in hsqldb, a Java SQL database, to process untrusted input may be vulnerable to a remote code execution attack.
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
Gentoo Linux Security Advisory 202301-8 - Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution. Versions less than 2.28.1 are affected.
Ubuntu Security Notice 5793-3 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was show more ...
WordPress Royal Elementor add-ons versions 1.3.59 and below suffer from cross site request forgery, insufficient access control, cross site scripting vulnerabilities.
Gentoo Linux Security Advisory 202301-7 - Multiple vulnerabilities have been found in Alpine, the worst of which could result in denial of service. Versions less than 2.25 are affected.
Ubuntu Security Notice 5793-4 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was show more ...
khugepaged on Linux races with rmap-based zap, races with GUP-fast, and fails to call MMU notifiers.
Debian Linux Security Advisory 5312-1 - Several flaws have been discovered in libjettison-java, a collection of StAX parsers and writers for JSON. Specially crafted user input may cause a denial of service via out-of-memory or stack overflow errors.
Gentoo Linux Security Advisory 202301-6 - Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Versions less than 3.22.0 are affected.
Red Hat Security Advisory 2023-0058-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
Online Food Ordering System version 2.0 suffers from a cross site scripting vulnerability.
Gentoo Linux Security Advisory 202301-5 - A vulnerability has been discovered in Apache Commons Text which could result in arbitrary code execution. Versions less than 1.10.0 are affected.
Ubuntu Security Notice 5791-3 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the show more ...
Ubuntu Security Notice 5798-1 - Johan Gorter discovered that .NET 6 incorrectly processed certain invalid HTTP requests. An attacker could possibly use this issue to cause a denial of service condition for an exposed endpoint.
Gentoo Linux Security Advisory 202301-4 - A vulnerability has been discovered in jupyter_core which could allow for the execution of code as another user. Versions less than 4.11.2 are affected.
Gentoo Linux Security Advisory 202301-3 - A vulnerability was found in scikit-learn which could result in denial of service. Versions less than 1.1.1 are affected.
Tiki Wiki CMS Groupware version 25.0 suffers from a cross site scripting vulnerability.
Medisense-Healthcare Solutions CRM version 2.0 suffers from a cross site request forgery vulnerability.
Red Hat Security Advisory 2023-0059-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Gentoo Linux Security Advisory 202301-2 - Multiple vulnerabilities have been discovered in Twisted, the worst of which could result in denial of service. Versions less than 22.10.0 are affected.
ERPGo SaaS CRM version 3.3 suffers from an arbitrary file upload vulnerability.
eCart Web version 4.0.0 appears to leave a default administrative account in place post installation.
Jesper Andersen has decided to retire and will continue to serve on the Board of Directors.
CISOs' top cloud challenge is harmonizing standards, policies, and procedures across blended environments.
Catchpoint’s Internet Performance Monitoring Platform helps IT teams identify and mitigate BGP incidents, including hijack attempts and routing issues, with the industry’s broadest network of vantage points in the world drawing on real-time BGP monitoring.
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild. 11 of the 98 issues are rated Critical and 87 are rated Important in severity, with one of the vulnerabilities also listed as publicly known at the time of release. Separately, the Windows maker is expected to
Government and military organizations in the Asia Pacific region are being targeted by a previously unknown advanced persistent threat (APT) actor, per the latest research. Singapore-headquartered Group-IB, in a report shared with The Hacker News, said it's tracking the ongoing campaign under the name Dark Pink and attributed seven successful attacks to the adversarial collective between June
A wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player. Gootkit, also called Gootloader, is known to employ search engine optimization (SEO) poisoning tactics (aka spamdexing) for initial access. It typically works by compromising and abusing legitimate infrastructure and seeding those sites with common keywords
Are you looking to take your career in the information security industry to the next level? Look no further than the 2023 Certified Technology Professional Bundle! This unparalleled offer grants you lifetime access to nine comprehensive courses in information security, hacking, and cybersecurity at a remarkable price of just $49.99. Yes, you heard me right. Instead of paying the full price of $
A new analysis of Raspberry Robin's attack infrastructure has revealed that it's possible for other threat actors to repurpose the infections for their own malicious activities, making it an even more potent threat. Raspberry Robin (aka QNAP worm), attributed to a threat actor dubbed DEV-0856, is malware that has increasingly come under the radar for being used in attacks aimed at finance,
