In December 2022, Apple announced a raft of new user data protection features. The most important was the expanded list of end-to-end encrypted data uploaded to iCloud. In most cases, only the owner of a key has access to it, and even Apple itself wont be able to read this information. There was also an unofficial show more ...
The rapid maturation and rebranding of ransomware groups calls for relentless preparation and flexibility in response, according to one view from the trenches.
The US Department of Justice hacked into Hive's infrastructure, made off with hundreds of decryptors, and seized the gang's operations.
Expect more regulatory and enforcement action in the US and around the world.
Only one in 10 enterprises will create a robust zero-trust foundation in the next three years, while more than half of attacks won't even be prevented by it, according to Gartner.
After Berlin pledged tanks for Ukraine, some German websites were knocked offline temporarily by Killnet DDoS attacks.
One of the most closely watched security startups continues to build bank because its platform appeals to both developers and security pros.
Hackers don't need a key to get past your defenses, if they can essentially teleport using RMMs, warns CISA and the NSA.
Whether you dream of your child growing into a CISO or just want them to improve their security hygiene, consider this roundup of literary geekery.
Highlighting continued attacks on game developers, attackers stole source code from and issued a ransom demand to the maker of League of Legends.
The accused sold an enormous data set stolen from the Austrian radio and television licensing authority — to an undercover cop.
The first victim of the 2022 Kronos malware had the malware automatically installed through a malicious Chrome extension called Seguridad. This is the first time it was observed utilizing a chrome extension with web injects on financial institutions.
The FBI Columbia field office is leading a multi-agency law enforcement three-day training course this week aimed at better equipping investigators with tools and knowledge to address the ever-growing threat of cybercrime.
The bug isn't a remote code execution flaw; it's a vulnerability that allows someone to pretend to be another to an application or operating system, in the context of identity and certificate cryptography checks on Windows.
As tech transformations—for example, a business unit built around A.I. or a new app geared toward personalized customer experience—have picked up steam in recent years, so have cyber risks and data privacy concerns.
Google addressed six security vulnerabilities in Chrome, none of them actively exploited in the wild. Google released Chrome version 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows to address a total of six vulnerabilities.
The first half of 2022 saw fewer compromises reported due in part to Russia-based cybercriminals distracted by the war in Ukraine and volatility in cryptocurrency markets, according to the Identity Theft Resource Center.
The attack commences with a phishing email containing a ZIP archive, which, in turn, harbors two shortcut (.LNK) files that masquerade as front and back side images of a seemingly legitimate U.K. driver's license.
So-called “advance fee” fraud surged by 82% year-on-year in 2022, with fake ads for loans, jobs, and rental properties among the most common tactics used by scammers, according to Lloyds Bank.
The Circleville Municipal Court was added to the leak site of the LockBit ransomware group last week. The group claimed it stole 500 GB of data that included case information and gave the court a deadline of January 24 to pay a ransom.
The theft of the company's anticheat system source code — even an old system — could help hackers develop better and less-detectable cheats, according to industry experts who spoke to TechCrunch.
Security researchers at Check Point have revealed that Yahoo knocked DHL off the top spot as the most imitated brand in the last quarter of 2022, now responsible for 20% of all phishing attempts recorded in the wild.
A 2020 ransomware attack against Baltimore County Public Schools began with a contractor error, according to a report released Monday by Maryland's Office of the Inspector General for Education.
ServiceNow announced a strategic investment in Snyk. The startup focuses on helping developers detect and fix code vulnerabilities. The Wall Street Journal reported that the investment is worth $25 million.
The U.K NCSC warned that instead of sending surprise phishing emails, the Russia-based SEABORGIUM and Iran-based APT42 (or Charming Kitten) are contacting their targets in a benign fashion and attempting to build a rapport and a sense of trust.
Public authorities in the Netherlands are being told to steer clear of TikTok amid growing concerns across the EU and U.S. that the Chinese-owned video-sharing platform poses privacy risks.
Prompt engineering is the manipulation of prompts given to a chatbot like OpenAI's ChatGPT, designed to force the system to respond in a specific manner desired by the user.
Newfound unease by clinicians over advertising-driven surveillance is causing a Midwest specialty medical care clinic to treat patient exposure to online tracking pixels as a data breach reportable to federal regulators.
The CISA discovered malicious activity within the networks of multiple federal civilian executive branch (FCEB) agencies using the EINSTEIN intrusion detection system after the release of a Silent Push report in mid-October 2022.
Strata closed a $26M Series B round of financing led by Telstra Ventures with participation from existing investors Menlo Ventures, Forgepoint Capital, and Innovating Capital.
According to the notice, threat actors had access to an older database of customers who had signed up for the Zacks Elite product between November 1999 through February 2005.
Multicloud offers numerous benefits, from avoiding vendor lock-in to reliability, agility, and cost-efficiency. At the same time, however, it brings additional layers of complexity, particularly regarding security management.
The 25-year-old now faces charges of violating data privacy and computer trespassing laws, and laundering cryptocurrency valued at around $491,000, according to media reports.
The General Services Administration announced Tuesday that it is accepting advisory board member nominations for the FedRAMP cybersecurity authorization program, marking the first step in implementing recent legislation that reformed the program.
Threat actors are auctioning the alleged source code for Riot Game's League of Legends and the Packman anti-cheat software, confirmed to be stolen in a recent hack of the game company's developer environment.
In 2022, U.S. organizations issued 1,802 data breach notifications, reporting the exposure of records or personal information affecting more than 400 million individuals, the Identity Theft Resource Center reports.
The CISA released a report outlining a variety of steps that K-12 schools and districts should take to enhance their cybersecurity practices, amid an increase in ransomware attacks and other digital threats targeting education institutions.
The Federal Trade Commission will mark its annual Identity Theft Awareness Week with a series of free events January 30-February 3 focused on how identity theft affects people of every community and ways to reduce your risk.
The team identified the bug, tracked under CVE-2007-4559, in Python’s tarfile module late last year. It was first reported to the Python project in 2007 but left unchecked.
Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure Web Gateway. While it is show more ...
Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP show more ...
Red Hat Security Advisory 2023-0468-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Red Hat Security Advisory 2023-0466-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.
Red Hat Security Advisory 2023-0467-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a bypass vulnerability.
Ubuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation show more ...
Ubuntu Security Notice 5827-1 - Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A show more ...
Ubuntu Security Notice 5826-1 - Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform cross-site scripting attacks.
Red Hat Security Advisory 2023-0274-01 - Angular JavaScript library packaged for setuptools / pip.
Red Hat Security Advisory 2023-0459-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0276-01 - Python ServerView Common Command Interface Client Library.
Red Hat Security Advisory 2023-0462-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0461-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0460-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0463-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0408-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat Security Advisory 2023-0237-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0456-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-0275-01 - OpenStack Networking is a virtual network service for OpenStack. Just as OpenStack Compute provides an API to dynamically request and configure virtual servers, OpenStack Networking provides an API to dynamically request and configure virtual networks. These networks connect show more ...
Red Hat Security Advisory 2023-0457-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Issues addressed include a bypass vulnerability.
Program provides financial assistance to aspiring information security professionals, enabling students toward long-term career success.
Advanced workflow, approval process, and management dashboard enhance control, distribution, and supervision, while reducing errors and streamlining the entire SBOM management process.
New guidance seeks to cultivate trust in AI technologies and promote AI innovation while mitigating risk
A vulnerability within Microsoft's OAuth application registration allows an attacker to create hidden forwarding rules that act as a malicious SaaS rootkit.
Cybersecurity researchers have unearthed a new Python-based attack campaign that leverages a Python-based remote access trojan (RAT) to gain control over compromised systems since at least August 2022. "This malware is unique in its utilization of WebSockets to avoid detection and for both command-and-control (C2) communication and exfiltration," Securonix said in a report shared with The Hacker
At least two federal agencies in the U.S. fell victim to a "widespread cyber campaign" that involved the use of legitimate remote monitoring and management (RMM) software to perpetuate a phishing scam. "Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate RMM software – ScreenConnect (now ConnectWise Control) and AnyDesk – which the actors used in a
Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization's reputation and bottom line. There are two main reasons why regular pen testing is necessary for secure web application development: Security: Web applications are constantly evolving, and new
The infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. "Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals," Europol said in a statement. The U.S. Department of
Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022. "Most DRAGONBRIDGE activity is low quality content without a political message, populated across many channels and blogs," the company's Threat Analysis Group (TAG) said in a report shared with The Hacker News. "However, a
Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber Security Centre (NCSC) reported to Microsoft last year. Tracked as CVE-2022-34689 (CVSS score: 7.5), the spoofing vulnerability was addressed by the tech giant as part of Patch Tuesday updates released in
New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham's Ax that emerged in November 2022. This is based on "several commonalities across the iconography, videography, and leak sites used by the groups, suggesting they are likely operated by the same entity," Secureworks Counter Threat Unit (CTU) said
What are prisoners getting up to with mobile phones? Why might ransomware no longer be generating as much revenue for cybercriminals? And how on earth did an airline leave the US government's "No Fly" list accessible for anyone in the world to download? All this and much more is discussed in the latest show more ...
Websites used by the Hive ransomware-as-a-service gang to extort ransoms and leak data stolen from corporate victims have been seized in a joint operation involving police around the world.
A 22-year-old suspected of being "Seyzo", a member of the ShinyHunters cybercrime gang, has been extradited from Morocco to the United States, where - if convicted - he could face up to 116 years in prison. The ShinyHunters gang became notorious in 2020, following a series of data breaches that impacted over 60 companies - including Microsoft. Read more in my article on the Tripwire State of Security blog.
