Amid the many dramatic events of 2022, you could be forgiven for not noticing that numerous unwanted records were set during the year in terms of the number of information leaks, serious computer security incidents, and other problems of the digital world. We here at Kaspersky all really hope that 2023 will be calmer, show more ...
In the ad, cybercriminals are offering to sell employee-level access to Telegram, researchers warn.
Traditional metrics don't reflect real-world severity. Instead, analyzing previously reported incidents can help teams decide how to react, a new report says.
This Tech Tip outlines the steps enterprise defenders should take as they protect their data in cloud environments in response to the security incident with the CI/CD platform.
Unpatched Cisco bugs, tracked as CVE-2023-20025 and CVE-2023-20026, allow lateral movement, data theft, and malware infestations.
A security vendor's investigation of infrastructure associated with a new, crypto-focused Magecart skimmer leads to discovery of cryptoscam sites, malware distribution marketplace, Bitcoin mixers, and more.
Russia's NoName057(16) group offers incentives and prizes via Telegram channel for "heroes" to mount attacks against targets within Ukraine and pro-Ukrainian countries.
Energy has become the new battleground for both physical and cyber security warfare, driven by nation state actors, increasing financial rewards for ransomware gangs and decentralized devices. Chris Price reports.
Organizations must be vigilant about balancing performance gains with security, governance, and compliance as they expand their use of Kubernetes.
SBOMs aren't enough. OpenSSF's Alpha-Omega brings in new blood to help secure the open source projects most impactful to the software supply chain.
New research by Check Point revealed that the number of cyberattacks in 2022 rose by 38%, as compared to 2021. Also, Q4 2022 observed the highest number of attacks at 1,168 weekly attacks per organization. Africa faced the highest number of cyberattacks with 1,875 weekly attacks per organization, followed by Asia Pacific with 1,691 attacks.
Censinet has raised $9 million in funding led by MemorialCare Innovation Fund including Rex Health Ventures and Ballad Ventures, bringing the Company’s total funding to more than $22 million.
The security flaw (CVE-2023-20025) was found in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 routers by Hou Liuyang of Qihoo 360 Netlab.
Microsoft researchers detected a Kinsing cryptojacking operation trying to gain initial access to Kubernetes environments by abusing weakly configured PostgreSQL containers and exploiting vulnerable images. Vulnerable applications running PHPUnit, Liferay, WebLogic, and WordPress were exploited by hackers.
For the last decade, healthcare provider organizations have borne the brunt of securing the expansive, complex medical device ecosystem. And most of even the best-equipped health systems struggle (and don’t) close all medical device security risks.
The FAA said that an overnight outage to its Notice to Air Missions (NOTAM) system that provides safety information to flight crews was the reason, but did not provide any additional details.
Cerberus Sentinel has signed a definitive agreement for the acquisition of RAN Security. Under the terms of the agreement, RAN Security will become a wholly owned subsidiary of Cerberus Sentinel.
The compromised information includes names, addresses, birth dates, Social Security numbers, ID and driver’s license numbers, and medical and health insurance information.
US House lawmakers introduced bipartisan legislation on Wednesday to create a civilian organization tasked with supporting the digital and cyber needs of federal agencies.
Avanon researchers spotted a new credential harvesting campaign that is leveraging Facebook copyright infringement notices to pilfer credentials from unsuspecting users. The email threatens to permanently disable the account if the user doesn’t appeal this suspension within 24 hours. Users need to follow safety tips to nullify such phishing efforts.
During an incident response engagement to a Lorenz ransomware attack, researchers at S-RM determined that the hackers had breached the victim network five months before starting to move laterally, steal data, and encrypt systems.
SAP this week announced the release of 12 new and updated security notes as part of the January 2023 Security Patch Day, including seven ‘hot news’ notes that address critical severity vulnerabilities.
Named 'Trojan Puzzle,' the attack stands out for bypassing static detection and signature-based dataset cleansing models, resulting in the AI models being trained to learn how to reproduce dangerous payloads.
Data brokers, like the name suggests, are the intermediaries through whose hands most large-scale data transactions pass. It’s the best point in the data-distribution chain to get a feel for which of your personal information is being sold online.
Google on Tuesday announced the release of Chrome 109 in the stable channel with patches for 17 vulnerabilities, including 14 bugs reported by external researchers. Most of the externally reported security defects are medium- and low-severity flaws.
Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data.
Royal Mail has asked customers to stop sending parcels and letters to overseas destinations after a cyber incident caused “severe service disruption” to international exports.
Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 PLCs that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them.
The discovered database included sensitive data such as usernames, full personal names, Facebook IDs, phone numbers, and passwords hashed with the BCrypt algorithm, which is considered safe.
Since the mid-December outage, the FRV has reinstated a number of systems, including access to telephone and email, but the overall IT infrastructure is not fully operational.
Researchers at the Beijing University of Posts and Telecommunications and the University of Birmingham have found a way to access encrypted call metadata (VoLTE activity logs) that describe call times, duration, and direction for mobile calls.
Apple "unlawfully records and uses consumers' personal information and activity," claims a new lawsuit accusing the company of tracking iPhone users' device data even when they've asked for tracking to be switched off.
Cisco Talos recently discovered three vulnerabilities in Asus router software. The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also support mesh networking with other Asus routers.
Understanding what exactly Microsoft macros are, the advantages they offer and the threats targeting them has become important as IT teams finally work to find the balance between productivity and security.
For the past two weeks, hackers have been exploiting a critical vulnerability in the SugarCRM software to infect users with malware that gives them full control of their servers.
Amid heightened threats to healthcare systems, more than 20 leading healthcare organizations have come together to identify effective, efficient, and new innovative approaches to reduce cyber risk across the industry’s third-party ecosystem.
A new analysis of Raspberry Robin's attack infrastructure has revealed that it's possible for other threat actors to repurpose the infections for their own malicious activities, making it an even more potent threat.
Debian Linux Security Advisory 5316-1 - Several out-of-memory, stack overflow or HTTP request smuggling vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework, which may allow attackers to cause a denial of service or bypass restrictions when used as a proxy.
Red Hat Security Advisory 2023-0114-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2023-0110-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.
Debian Linux Security Advisory 5315-1 - XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation of the processed input stream. The attack uses show more ...
eCart Web version 5.0.0 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2023-0123-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Red Hat Security Advisory 2023-0128-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Issues addressed include a randomization vulnerability.
Online Food Ordering System version 2.0 suffers from a remote shell upload vulnerability.
Red Hat Security Advisory 2023-0113-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2023-0100-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
Foloosi Shopping version 5.5.7 appears to leave a default administrative account in place post installation.
Flex version 5.2.2 appears to leave a default administrative account in place post installation.
Red Hat Security Advisory 2023-0116-01 - A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions.
Red Hat Security Advisory 2023-0099-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds read vulnerability.
ChiKoi version 1.0 suffers from a remote SQL injection vulnerability.
Red Hat Security Advisory 2023-0101-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2023-0103-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.
Deprixa Pro version 7.5 appears to leave a default administrative account in place post installation.
Blesta version 5.4.1 appears to leave a default administrative account in place post installation.
Debian Linux Security Advisory 5314-1 - It was discovered that missing input sanitising in the ctags functionality of Emacs may result in the execution of arbitrary shell commands.
Red Hat Security Advisory 2023-0089-01 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Issues addressed include a script execution vulnerability.
2ad Guestbook version 2.0 suffers from a database disclosure vulnerability.
Red Hat Security Advisory 2023-0095-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, denial of service, double free, and out of bounds read vulnerabilities.
Red Hat Security Advisory 2023-0096-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.
Red Hat Security Advisory 2023-0087-01 - The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes. To enforce a user-defined policy, USBGuard uses the Linux kernel USB device authorization feature.
Space Rogue gives a behind the scenes look at the famous hacking group, their senate testimony, and how their legacy continues to shape the security of the online world today.
Corsha’s Annual State of API Secrets Management Report finds over 50% of respondents suffered a data breach due to compromised API secrets.
This move accelerates the company’s vision of becoming the de facto identity security platform of choice for the modern enterprise.
This move accelerates the company’s vision of becoming the de facto identity security platform of choice for the modern enterprise.
Malicious actors are actively attempting to exploit a recently patched critical vulnerability in Control Web Panel (CWP) that enables elevated privileges and unauthenticated remote code execution (RCE) on susceptible servers. Tracked as CVE-2022-44877 (CVSS score: 9.8), the bug impacts all versions of the software before 0.9.8.1147 and was patched by its maintainers on October 25, 2022. Control
Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data. "The issue arose from the way the browser interacted with symlinks when processing files and directories," Imperva researcher Ron Masas said. "Specifically, the browser did not properly check
A recently published Security Navigator report data shows that businesses are still taking 215 days to patch a reported vulnerability. Even for critical vulnerabilities, it generally takes more than 6 months to patch. Good vulnerability management is not about being fast enough in patching all potential breaches. It's about focusing on the real risk using vulnerability prioritization to correct
Twitter on Wednesday said that its investigation found "no evidence" that users' data sold online was obtained by exploiting any security vulnerabilities in its systems. "Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained show more ...
Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them. Discovered by Red Balloon Security, the issues are tracked as CVE-2022-38773 (CVSS score: 4.6), with the low severity
A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access. "Throughout the attack, the attacker followed a routine of recon commands, credential theft, lateral movement by abusing Windows protocols, and executing Cobalt Strike on the newly compromised host," Cybereason researchers said in
Three weeks after The Guardian newspaper was hit by a ransomware attack, it warns staff members that their personal data was accessed.
The experts at security firm Bitdefender have released a universal decryptor for victims of the MegaCortex family of ransomware, which is estimated to have caused more than 1800 infections - mostly of businesses.
It's time for you and your colleagues to become more skeptical about what you read. That's a takeaway from a series of experiments undertaken using GPT-3 AI text-generating interfaces to create malicious messages designed to spear-phish, scam, harrass, and spread fake news. Read more in my article on the Tripwire State of Security blog.
Someone called OxShagger thinks he has come up with the perfect Valentine’s surprise for Oxford students, but is the way he has gone about “bookworms with benefits” really a good idea? Robot security guards are trundling the streets of – you guessed it – America. And a writer of paranormal bully romances show more ...
