Cybersecurity researcher John Jacksons published a study on two vulnerabilities he found in the Signal messenger desktop client — the CVE-2023-24068 and the CVE-2023-24069. The expert is sure that malefactors can exploit these vulnerabilities for espionage. Since Signal desktop applications for all operating systems show more ...
On Dec. 23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. show more ...
A researcher is warning that photos and video files shared in Signal chats may be hanging around on devices, even when they deleted the messages in which the images were shared. The post Beware: Images, Video Shared on Signal Hang Around appeared first on The Security Ledger with Paul F. Roberts. Related StoriesIoCs show more ...
The DPRK has turned crypto scams into big business to replenish its depleted state coffers.
The security vulnerability allows attackers to spoof a target certificate and masquerade as any website, among other things.
Participants in a working session on ransomware at the World Economic Forum discussed how planning ahead can reduce cyber risk.
Skyhawk Synthesis extends cloud security misconfiguration detection across multiple clouds, the company says — throwing cloud security posture management in for free.
Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys.
Don't make perfect the enemy of good in vulnerability management. Context is key — prioritize vulnerabilities that are actually exploitable. Act quickly if the vulnerability is on a potential attack path to a critical asset.
Zacks Elite sign-ups for the period 1999–2005 were accessed, including name, address, email address, phone number, and the password associated with Zacks.com.
Two common attacks against on-premises Kerberos authentication servers — known as Pass the Ticket and Silver Ticket — can be used against Microsoft's Azure AD Kerberos, a security firms says.
If you or your company can't find good infosec candidates, consider changing up the qualifications to find more nontraditional talent.
In the Play Store's ToS, a paragraph says Google may remove "harmful" applications from users' devices. Is that a step too far?
For players logging in without a firewall, several things can happen. They could find their stats being totally modified, their accounts banned, their data corrupted, and their PC impacted by a particularly aggressive cheat engine.
Chinese 8220 Gang was seen targeting public cloud infrastructures and poorly secured applications with PwnRig miner and Tsunami IRC bot for cryptomining purposes. Its activities came to light after it attempted to infect one of Radware's Redis honeypots earlier this month. Experts warned that the group’s attack significantly affects a system's performance while exposing systems to other security risks.
IoT vendors are making slow progress in making it easy for security researchers to report security bugs, with only 27.1% of suppliers offering a vulnerability disclosure policy.
Two of the four flaws patched are critical, carrying a severity rating of 9.8 out of a maximum of 10, the virtualization services provider noted in its first security bulletin for 2023.
The problem isn’t software vulnerability alone. It’s also not knowing if you have vulnerable code hiding in your applications. Surprisingly, many security and IT professionals have no idea whether Log4j is part of their software supply chain.
Tracked as CVE-2022-38181 (CVSS score of 8.8), the issue is described as a use-after-free bug that impacts Arm Mali GPU driver versions prior to r40p0 (released on October 7, 2022).
The responsibilities of the House Oversight Committee’s Government Operations subcommittee will now be undertaken by two separate subcommittees, according to a Hill staffer familiar with the matter.
North Korean hackers known for cryptocurrency heists are expanding their targets to include education, government, and healthcare, according to researchers tracking the group.
The lawsuits - one filed on January 13, and the other on December 29, 2022 - are each being heard in the U.S. District Court for the Northern District of Illinois, where Chicago-based CommonSpirit has its headquarters.
The company did not disclose how many users were impacted, but said it's directly contacting the victims to provide additional information and recommend certain "actionable steps" to secure their accounts.
Last year more than 239,000 scams worth $570m were reported to Scamwatch, but the organization says the real number is much higher, as only about 13% of scams are reported.
FortiGuard Labs unearthed a phishing campaign aiming at Chinese language users through malicious QR codes. The email spoofs the Chinese Ministry of Finance and contains a Microsoft Word attachment that has a QR code enclosed. Unsuspecting users scanning it may lose their credentials to the websites owned by the threat actor.
MSD Partners is leading this Series D round, with new backers Section 32 and Omega Venture Partners also participating alongside previous backers Goldman Sachs Asset Management (GSAM), Threshold Ventures, A. Capital and Andreessen Horowitz.
The vulnerabilities in the plugin, used in over 100,000 active sites, were discovered by PatchStack between November 30 and December 2, 2022, and reported to the software vendor.
Google Ads invites are being abused to deliver email messages promoting spam and adult websites to users who are otherwise not necessarily using Google advertising platforms.
Businesses that invest in cybersecurity as a competitive advantage are transforming their business models. Every company is or will become a technology company, and those doing it faster are winning.
PublicWWW results show over 4,500 websites impacted by this malware at the time of writing, while urlscan.io shows evidence of the campaign operating since December 26, 2022.
Fujitsu said it ran trials using its 39-qubit quantum simulator hardware to assess how difficult it would be for quantum computers to crack data encrypted with the RSA cipher, using a Shor's algorithm approach.
A spokesperson for the company said they are aware of the post, which was created on Tuesday morning and offers emails, phone numbers, courses taken, and other information on how customers use the platform.
This week, Ticketmaster testified in Senate Judiciary Committee hearings that it's not the company's monopoly on the live music market that caused the Swifty sales collapse — it was instead a cyberattack, executives said.
On Monday, a nationwide blackout in Pakistan left millions of people in the darkness, and the authorities are investigating if it was caused by a cyberattack. The power outage impacted all the major cities in Pakistan.
Much of the wiper malware seen in the first half of 2022, whether attributed or not, was deployed against Ukrainian organizations. These include HermeticWiper, CaddyWiper, IsaacWiper, WhisperGate, and others.
The newest wave of Emotet infections leverages .XLS files attached to spam emails. It attempts to trick users into allowing macros to download the dropper. In addition to this, the new variant of Emotet has now moved from 32-bit to 64-bit as another method for evading detection. To stay protected against Emotet, show more ...
The list of malware installed in these campaigns linked to the threat actor DEV-0569 so far includes RedLine Stealer, Gozi/Ursnif, Vidar, and potentially, Cobalt Strike and ransomware.
The capital will be used to help Egerie further develop its automated data recovery technology while at the same time opening the doors to an insurer-specific reporting functionality as the company ramps up pan-European expansion plans.
Sydney Local Court found the man guilty of obtaining and supplying data with intent to commit a computer offense. It dished out a jail term of 32 months to a man who stole more than AU$100,000 ($69,751) in an SMS phishing scam impacting 450 victims.
Medical device regulation is an important part of the healthcare industry as it also helps protect patients by ensuring that any device used for diagnosis, treatment or prevention of a medical condition meets certain standards of safety and quality.
As of December 2022, Unit 42 researchers observed 134 million exploit attempts in total leveraging this vulnerability, and about 97% of these attacks occurred after the start of August 2022. At the time of writing, the attack is still ongoing.
Inout Jobs Portal version 2.2.2 suffers from a cross site scripting vulnerability.
Inout Jobs Portal version 2.2.2 suffers from a remote SQL injection vulnerability.
Inout Music version 5.1.1 suffers from a remote SQL injection vulnerability.
Ubuntu Security Notice 5825-1 - It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication.
Red Hat Security Advisory 2023-0446-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Red Hat Security Advisory 2023-0445-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Ubuntu Security Notice 5823-2 - USN-5823-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to MySQL 5.7.41.
Ubuntu Security Notice 5823-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Debian Linux Security Advisory 5327-1 - Sebastien Meriot discovered that the S3 API of Swift, a distributed virtual object store, was susceptible to information disclosure.
Debian Linux Security Advisory 5326-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup.
Red Hat Security Advisory 2023-0403-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
Red Hat Security Advisory 2023-0442-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
Red Hat Security Advisory 2023-0402-01 - An update for bind is now available for Red Hat Enterprise Linux 7.
Red Hat Security Advisory 2023-0441-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Red Hat Security Advisory 2023-0427-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a file download vulnerability.
Red Hat Security Advisory 2023-0440-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2023-0399-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2023-0404-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Red Hat Security Advisory 2023-0400-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2023-0432-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds read vulnerability.
Red Hat Security Advisory 2023-0407-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.0 RPMs. Issues addressed include denial of service and out of bounds read vulnerabilities.
The Wordfence Threat Intelligence team has released their 2022 State of WordPress Security report. In the report, they look at changes in the threat landscape, analyze impactful trends, and provide recommendations based on their findings.
Some predictions about impending security challenges, with a few tips for proactively addressing them.
Despite economic headwinds and layoffs in other areas, most retail and hospitality CISOs expect to add staff in 2023, according to a new report.
Report identifies 1.75m cyberattacks were stopped by BlackBerry in the last 90 days.
New Cyberseek™ data shows US is short nearly 530,000 skilled cybersecurity staff.
Delivering secure, global IoT device connectivity, deployment, and management at scale.
LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers' data along with an encryption key for some of those backups in a November 2022 incident. The breach, which targeted a third-party cloud storage service, impacted Central, Pro, join.me, Hamachi, and RemotelyAnywhere products, the company said. "The
VMware on Tuesday released software to remediate four security vulnerabilities affecting vRealize Log Insight (aka Aria Operations for Logs) that could expose users to remote code execution attacks. Two of the flaws are critical, carrying a severity rating of 9.8 out of a maximum of 10, the virtualization services provider noted in its first security bulletin for 2023. Tracked as CVE-2022-31706
Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions provided is no longer sufficient. Therefore,
A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy. The state-aligned threat actor is being tracked by Proofpoint under the name TA444, and by the larger cybersecurity community as
A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that's been believed to be active since at least 2017. According to GoDaddy-owned Sucuri, the infections involve the injection of obfuscated JavaScript hosted on a malicious domain named "track[.]violetlovelines[.]com" that's designed to redirect visitors to unwanted sites. The latest operation is
