Our colleagues recently investigated the extent of some misconceptions in the field of computer security. And they could hardly not include the best-known security tool of all: the humble cactus. As it turns out, more than a third of respondents (37%) believe that cacti absorb harmful radiation from the monitor. Its show more ...
The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.
Analysts find that 98% of QNAP NAS are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection.
The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.
Forward-leading business and technology leaders are seeing the value of the "do-It-yourself" approach.
Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information.
Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.
The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group.
Differences in how the National Vulnerability Database (NVD) and vendors score bugs can make patch prioritization harder, study says.
An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage.
When employees understand how their day-to-day online behaviors — no matter how small — can expose sensitive data, they're less likely to introduce risk in the first place.
Security experts at Proofpoint disclosed that cyber adversaries are using malicious OAuth applications to abuse Microsoft's "verified publisher" status. The activity is intended to gain access to the cloud environments of targeted organizations, pilfer data, and also scan through users' mailboxes, show more ...
Operators of high-yielding investment scams known as "pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps.
Researcher Rustam Amin informed the CISA that he had identified critical and high-severity vulnerabilities in Econolite EOS, a traffic controller software developed for the Econolite Cobalt and other advanced transportation controllers (ATC).
Porsche cut its minting of a new NFT collection short after a dismal turnout and backlash from the crypto community, allowing threat actors to fill the void by creating phishing sites that steal digital assets from cryptocurrency wallets.
No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute. Just as cybercrime networks are getting stronger and larger, so too must collaboration between private companies and law enforcement.
Researchers at incident response firm Security Joes believe that the IceBreaker backdoor is the work of a new advanced threat actor that uses "a very specific social engineering technique," which could lead to a more clear picture of who they are.
The New York- and Tel Aviv-based startup, which is building a cloud security platform, is coming out of stealth today and announced an $11 million seed funding round led by Team8.
A new exploit, dubbed SH1MMER, has been devised to unenroll enterprise- or school-managed Chromebooks from administrative control, letting a user bypass admin restrictions. The exploit uses publicly leaked Return Merchandise Authorization (RMA) shims to modify the management of enrollment of devices. Google is working with hardware partners to address it.
Radware discovered the Passion platform, and although its origins are unknown, the operation has distinctive ties with Russian hacking groups, suck as Killnet, MIRAI, Venom, and Anonymous Russia.
In the past, many CISOs primarily focused on compliance and risk management. However, today’s CISOs are expected to be strategic thought leaders who can help their organizations navigate the ever-changing landscape of cybersecurity threats.
The financial services industry is consistently the most targeted industry across the board. The potential for large payouts and valuable data for use or resale are the most common reasons for targeting the financial services industry.
Dutch cyber authorities said Wednesday that several hospital websites in the Netherlands and Europe were likely targeted by a pro-Kremlin hacking group because of their countries’ support for Ukraine.
The attack is “impacting the trading and clearing of exchange-traded derivatives by ION customers across global markets,” according to the Futures Industry Association (FIA).
A threat intelligence firm spotted North Korean hackers engaged in technological espionage in a campaign that betrayed recurring elements of the Pyongyang hacking toolkit.
As CTI teams prioritize the intelligence requirements of their business stakeholders, it is beneficial to provide context by mapping the impact of cybersecurity threat intelligence programs to the following NIST core functions.
The two issues, which were identified by Latin American cybersecurity firm Metabase Q in version 7.1.0-49, were addressed in ImageMagick version 7.1.0-52, released in November 2022.
Taking advantage of the broad use of open source code in application development, malicious actors are increasingly relying on software supply chain attacks to infect both developers and users with malware.
Discovered by Aqua Security researchers Nitzan Yaakov and Asaf Eitani, who dubbed it HeadCrab, the malware has so far taken control of at least 1,200 Redis servers, which are then used to scan for more targets online.
Researchers warn that many electric vehicle (EV) charging management systems are affected by vulnerabilities that could allow hackers to cause disruption, steal energy, or obtain driver information.
Trend Micro analyzed a cyberespionage campaign targeting organizations in the Middle East in December 2022 using a new backdoor. It abuses compromised email accounts to send stolen data to external mail accounts controlled by attackers.
A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps.
About 98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The Cyentia Institute.
CVE-2023-20076 was discovered by the researchers in a Cisco ISR 4431 router – more specifically, in the Cisco IOx application hosting environment, which allows admins to deploy application containers or virtual machines directly on Cisco devices.
The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted cyber attacks on public authorities and critical information infrastructure in the country.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged show more ...
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set up restaurant menus on their sites. This plugin is vulnerable to missing authorization, insecure direct object reference, cross site request forgery as well as cross site scripting in versions up to, and including, 2.0.2.
Ubuntu Security Notice 5840-1 - It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu show more ...
Ubuntu Security Notice 5839-2 - USN-5839-1 fixed a vulnerability in Apache. This update provides the corresponding update for Ubuntu 16.04 ESM. Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy module incorrectly truncated certain response headers. This may result in later headers not being interpreted by the client.
Debian Linux Security Advisory 5338-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure.
Debian Linux Security Advisory 5337-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in OpenStack Compute (codenamed Nova) may result in information disclosure.
Debian Linux Security Advisory 5336-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitizing in the handling of VMDK images in Glance, the OpenStack image registry and delivery service, may result in information disclosure.
Debian Linux Security Advisory 5335-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing.
Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security.
Denver-based business secures Series A Funding through partnerships with Iron Gate Capital and Kozo Keikaku Engineering.
At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat" dubbed HeadCrab since early September 2021. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers," Aqua security researcher Asaf Eitani
Over the past few years, cybersecurity has become a major concern for businesses around the globe. With the total cost of cybercrime in 2023 forecasted to reach $8 Trillion – with a T, not a B – it’s no wonder that cybersecurity is top of mind for leaders across all industries and regions. However, despite growing attention and budgets for cybersecurity in recent years, attacks have only become
A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged known security flaws in unpatched Zimbra devices to compromise victim systems. That's according to Finnish cybersecurity company WithSecure (formerly F-Secure), which codenamed the incident No Pineapple. Targets of the malicious operation included a healthcare research organization
The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted cyber attacks on public authorities and critical information infrastructure in the country. The advanced persistent threat, also known as Actinium, Armageddon, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa, and UAC-0010, has a track record of
Could a senior Latvian politician really be responsible for scamming hundreds of "mothers-of-two" in the UK? (Probably not, despite Graham's theories...) And should we be getting worried about the AI wonder that is ChatGPT? All this and more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
UK banking group TSB is calling on social networks and dating apps to better protect their users from fake profiles, following an alarming spike in romance fraud. Read more in my article on the Tripwire State of Security blog.
