Many companies, especially small ones, dont use specialized systems like Slack or Microsoft Teams for communication among employees, and instead use ordinary messengers such as WhatsApp, Telegram, and Signal. And whereas people mainly prefer the mobile versions for personal use, when it comes to work needs, many show more ...
An Acer statement confirms that a document server for repair techs was compromised, but says customer data doesn't appear to be part of the leak.
Two novel malware binaries, including "HiatusRAT," offer unique capabilities that point to the need for better security for companies' router infrastructure.
By working together as an industry, we can develop the technologies needed to account for human error.
The third iteration of the Exploit Prediction Scoring System (EPSS) performs 82% better than previous versions, giving companies a better tool for evaluating vulnerabilities and prioritizing patching.
More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information.
The health, manufacturing, and energy sectors are the most vulnerable to ransomware.
Attackers use phishing emails that appear to come from reputable organizations, dropping the payload using public cloud servers and an old Windows UAC bypass technique.
Flaw in Toyota's C360 customer relationship management tool exposed personal data of unknown number of customers in Mexico, a disclosure says.
The strategy document does nothing to change things on the ground in the near term; legislation, regulation, and follow-up executive action are all going to be key to moving forward the administration's agenda.
Clear communication is essential. Communication strategies differ before and after a cyber incident. The way a company approaches both is as important as incident mitigation itself.
The researchers informed DJI of the 16 detected vulnerabilities prior to releasing the information to the public. In the course of the responsible disclosure process, the manufacturer has fixed these issues.
The official forum of The Pirate Bay is the latest victim of an apparent cyberattack that forced its site to remain offline for several days. The forum allows users to request torrent reseeding and report malware found in torrent files.
Bitdefender researchers have discovered a new phishing scam in which cybercriminals are redirecting unsuspecting users to a fake ChatGPT version. The primary targets were found in Ireland, Australia, Germany, Denmark, and the Netherlands.
A new plug-in, created by Microsoft and MITRE, integrates various open-source software tools to aid cybersecurity professionals in bolstering their defenses against attacks on machine learning (ML) systems.
The Play ransomware gang has begun to leak data from the City of Oakland, California. The initial data leak consists of a 10GB multi-part RAR archive allegedly containing confidential documents, employee information, passports, and IDs.
Over two-thirds of European organizations have begun developing a zero trust strategy, up from around a quarter in 2020, according to Forrester. The analyst house said a further 15% were planning to adopt zero trust tech.
The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating the game, trying to infect them with malware.
“The hospital’s press department said that all written work was being done on paper and that the hospital was diverting new urgent cases to other hospitals in the city,” states the Associated Press.
Sirattacker is one of the latest Chaos ransomware variants. It was first released in the middle of February 2023. ALC is a recently reported ransomware. It is known for a message aimed at “Russia and its counterpart” in its ransom note.
Two out of every five (40.6%) operational technology (OT) computers used in industrial settings have been affected by malware in 2022. The data comes from a report published earlier today by security researchers at Kaspersky.
A new phishing campaign targets organizations in Eastern European countries with the Remcos RAT malware with aid from an old Windows User Account Control bypass discovered over two years ago.
ESET researchers have identified an active Transparent Tribe campaign, targeting mostly Indian and Pakistani Android users – presumably with a military or political orientation.
The most severe of the patched vulnerabilities are two remote code execution (RCE) flaws in the System component, both of which were addressed as part of the 2023-03-01 security patch level.
Tracked as CVE-2021-39144 (CVSS score of 9.8), the issue was disclosed in October 2022, when VMware announced patches for it, although the affected product had reached end-of-life (EOL) status in January 2022.
Hackers have stolen several terabytes of corporate and employee information from controversial Brazilian multi-national Andrade Gutierrez, in a raid the firm reportedly still hasn’t acknowledged.
The list of stolen data included confidential slides and presentations, technical manuals, Windows Imaging Format files, binaries of various types, backend infrastructure data, product model documentation, and information about various devices.
Morphisec has tracked an advanced info-stealer called SYS01stealer since November 2022. It uses similar lures and loading techniques to another information stealer recently named S1deload by Bitdefender, but the actual payload is different.
The university warned that “significant amounts of data from various areas” were copied, including usernames and “cryptographically secured” passwords, email addresses, and mobile phone numbers.
Arris DG3450 cable gateway version AR01.02.056.18_041520_711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities.
Oracle Database Vault had a flaw that would allow unauthorized privileged users to extract data from a protected table. Oracle 19c versions 19.18 and below are affected. Fixed in the Oracle Critical Patch Update October 2022.
CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives root.
ZwiiCMS version 12.2.04 suffers from an authenticated remote code execution vulnerability.
OpenBSD version 7.2 suffers from an overflow vulnerability. ip_dooptions() will allow IPOPT_SSRR with optlen = 2. save_rte() will set isr_nhops to very large value, which will cause an overflow in the next ip_srcroute() call.
Ubuntu Security Notice 5931-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.
Ubuntu Security Notice 5930-1 - It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code.
Red Hat Security Advisory 2023-1101-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Red Hat Security Advisory 2023-1102-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
Red Hat Security Advisory 2023-1093-01 - The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Issues addressed include a privilege escalation vulnerability.
Red Hat Security Advisory 2023-1091-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-1030-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.30.
Red Hat Security Advisory 2023-1095-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Issues addressed include a buffer over-read vulnerability.
Red Hat Security Advisory 2023-1090-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
Red Hat Security Advisory 2023-1103-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Red Hat Security Advisory 2023-1092-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
Ubuntu Security Notice 5929-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute show more ...
Ubuntu Security Notice 5928-1 - It was discovered that systemd did not properly validate the time and accuracy values provided to the format_timespan function. An attacker could possibly use this issue to cause a buffer overrun, leading to a denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu show more ...
Red Hat Security Advisory 2023-1042-01 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates.
Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute show more ...
Ubuntu Security Notice 5926-1 - Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. Lee Jones discovered that a use-after-free vulnerability show more ...
Ubuntu Security Notice 5925-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute show more ...
Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute show more ...
Red Hat Security Advisory 2023-1079-01 - An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train).
Ubuntu Security Notice 5923-1 - It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in show more ...
Third annual report identifies top security gaps and challenges for organizations operating in the cloud.
Securin Inc. will provide tech-enabled security solutions, vulnerability intelligence and deep domain expertise.
The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home computer, in what's a sobering reminder of the dangers of failing to keep software up-to-date. The embattled password management service last week revealed how unidentified actors leveraged information stolen from an earlier incident that took place prior to August 12, 2022, along with
An older version of Shein's Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server. The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that was released on December 16, 2021. The issue has since been addressed as of May 2022. Shein, originally named ZZKKO, is a Chinese online fast
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors. "The threat actors behind the campaign are targeting Facebook business accounts by using Google ads and fake Facebook profiles that promote things like games, adult content, and cracked software, etc. to lure
A suspected Pakistan-aligned advanced persistent threat (APT) group known as Transparent Tribe has been linked to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT. "Transparent Tribe distributed the Android CapraRAT backdoor via trojanized secure messaging and calling apps branded as MeetsApp and MeetUp," ESET said in a report
Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. — by Gus Malezis, CEO of Imprivata Digitalization has created immeasurable opportunities for businesses over the past two decades. But the growth of hybrid work and expansion of Internet of Things (IoT) has outpaced traditional 'castle and moat' cybersecurity, introducing
