Despite some instability over the past six months, the cryptocurrency market is still seen by many as a get-rich-quick scheme. Accordingly, the stream of scammers feeding off this topic wont be running dry any time soon. To lure victims into their traps, they continue to come up with new ploys, each more innovative show more ...
If you haven't done so already, it's time to take the first step toward solving this application security dilemma.
A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language.
The second malicious ChatGPT extension for Chrome has been discovered, giving malicious actors access to users' Facebook accounts through stolen cookies.
GitHub hastens to replace its RSA SSH host key after an exposure mishap threatens users with man-in-the-middle attacks and organization impersonation.
A contrarian mindset with applied imagination allows security professionals to assess problems in their organization, prevent failure, or mitigate vulnerabilities.
In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest.
The targeted employee receives a standard notification about someone sharing a file. This is unlikely to arouse suspicion because itâs a real notification from a real SharePoint server.
Guardio Labs found a new version of the FakeGPT Chrome extension that is again targeting Facebook accounts, through malicious sponsored Google search results. At the time of removal from the Google Play Store, the FakeGPT extension was downloaded by more than 9,000 users. To prevent such attacks and protect data privacy, awareness is crucial.
The flaw (CVE-2023-27532) affects all VBR versions and can be exploited by unauthenticated attackers to breach backup infrastructure after stealing cleartext credentials and gaining remote code execution as SYSTEM.
The vulnerability was discovered by white hat security researcher Michael Mazzolini and responsibly disclosed through HackerOne, giving websites time to install the patched version 5.6.2 before full details of the exploit are released on April 6th.
SideCopy APT traditionally uses spear phishing as its method to gain initial entry. Emails in the latest campaign purportedly contain research material about military technologies sent as attachments.
The Cybernews research team discovered that the South Korean social platform, powderroom.co.kr â which markets itself as the nationâs biggest beauty community â was leaking the private data of a million users.
This pure Python open-source library has a modular design and is currently offering ten modules, which are meant to be replacements for existing tools for finding known secrets.
McDonald's was slapped with a ?696 million ($530,000) fine for storing backup files that contained users of its McDelivery service on an SMB volume that left sharing enabled. Hackers waltzed in and accessed 4,876,106 users' info.
CISA and the NSA point out that IAM solutions should be managed, patched, and updated as any other software, to prevent vulnerability exploitation that could lead to the compromise of multiple systems and data.
The round was led by Madrona, with participation from Guillermo Rauch, Mango Capital, Dave Wilner, Andreessen Horowitz, S28 Capital, and Fathom Capital. Madronaâs managing director Karan Mehandru joined the board.
Akamai shed light on a Magecart skimmer campaign camouflaged as the Google Tag Manager script. Threat actors reportedly used a new skimmer, Kritec, named after one of its domain names. Its skimming code is heavily obfuscated, mostly via obfuscator[.]io, and loads the malicious JavaScript in an unprecedented way.
As first spotted by Windows enthusiast Xeno, Microsoft released Windows 11 Snipping Tool version 11.2302.20.0 yesterday to Windows Insiders in the Canary channel via the Microsoft Store.
In this case, Form W-9 is being used as a lure for people to download something sinister. The attachment, W-9 form.zip, is 709 KB in size. Opening the attachment reveals a Word document called W-9 form.doc that is over 500MB in size.
When a victim who is shopping at a compromised online store goes to the checkout page, there will be additional fields injected in the contact form that aren't normally there.
The malicious program appears to be developed and used by several members of a pro-Russia hacktivist group and is typically distributed inside decoy installers for legitimate software.
In a succinct blog post published today, GitHub acknowledged discovering this week that the RSA SSH private key for GitHub.com had been ephemerally exposed in a public GitHub repository.
âToday, the City of Toronto has confirmed that unauthorized access to City data did occur through a third party vendor. The access is limited to files that were unable to be processed through the third-party secure file transfer system,â it said.
Ciscoâs Talos threat intelligence and research unit this week disclosed the details of two high-severity vulnerabilities discovered last year in WellinTechâs KingHistorian industrial data historian software.
Unit 42 researchers have been tracking a widespread malicious JavaScript (JS) injection campaign that redirects victims to malicious content such as adware and scam pages.
Attack chains mounted by the group commence with a spear-phishing email to deploy a wide range of tools for backdoor access, command-and-control (C2), and data exfiltration.
RSA NetWitness Endpoint EDR Agent version 12.x suffers from incorrect access controls that allow for code execution. It allows local users to stop the Endpoint Windows agent from sending the events to a SIEM or make the agent run user-supplied commands.
Ubuntu Security Notice 5971-1 - It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that graphviz contains null pointer dereference vulnerabilities. show more ...
Joomla! versions prior to 4.2.8 suffer from an unauthenticated information disclosure vulnerability.
Ubuntu Security Notice 5970-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that show more ...
Online Graduate Tracer System version 1.0 suffers from a remote SQL injection vulnerability.
Ubuntu Security Notice 5969-1 - It was discovered that gif2apng contained multiple heap-base overflows. An attacker could potentially exploit this to cause a denial of service.
Red Hat Security Advisory 2023-1448-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.
Red Hat Security Advisory 2023-1453-01 - An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Moderate.
WordPress WooCommerce Payments plugin versions 5.6.1 and below suffer from authentication bypass and privilege escalation vulnerabilities. Details surrounding these issues seem minimal at this point.
Red Hat Security Advisory 2023-1454-01 - An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Moderate.
Sales Tracker Management System version 1.0 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2023-1452-01 - An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Moderate.
Debian Linux Security Advisory 5377-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Ubuntu Security Notice 5966-2 - USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes in amanda until a better fix is provided. Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within show more ...
Red Hat Security Advisory 2023-1440-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
Red Hat Security Advisory 2023-1445-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
Red Hat Security Advisory 2023-1444-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
Red Hat Security Advisory 2023-1437-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
Red Hat Security Advisory 2023-1439-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
Red Hat Security Advisory 2023-1441-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
Red Hat Security Advisory 2023-1438-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
Red Hat Security Advisory 2023-1442-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.
Red Hat Security Advisory 2023-1443-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0.
Bitbucket version 7.0.0 suffers from a remote command execution vulnerability.
Red Hat Security Advisory 2023-1406-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
The joint partnership represents expanded market opportunities.
A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte, Mustang Panda, RedDelta, and Red Lich. Attack chains mounted by the group commence with a
Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. The flaw, if left unresolved, could enable a bad actor to gain unauthorized admin access to impacted stores, the company said in an advisory on March 23, 2023. It impacts versions 4.8.0 through 5.6.1. Put differently, the issue could permit
A malicious Python package on the Python Package Index (PyPI) repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and exfiltrate credentials and other valuable data. It has since been taken down, but not before attracting
Any app that can improve business operations is quickly added to the SaaS stack. However, employees don't realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk. Whether employees connect through Microsoft 365, Google Workspace, Slack, Salesforce, or any other app, security teams have no way to quantify their
Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations "out of an abundance of caution" after it was briefly exposed in a public repository. The activity, which was carried out at 05:00 UTC on March 24, 2023, is said to have been undertaken as a measure to prevent any bad actor from impersonating the service or
