Disclaimer. This is the April Fools Day blog post. The methods of cybersecurity trainings described in it are not entirely ethical, and are not universally considered acceptable. We recommend that you think twice before using them in real life and ideally obtain the consent of the team for such actions beforehand. show more ...
Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating DDoS-for-hire services, KrebsOnSecurity has learned. FlyHosting first advertised on cybercrime forums in November 2022, saying it was a Germany-based hosting firm that was open show more ...
With companies pushing to adopt zero-trust frameworks, adaptive authentication and access — once languishing — looks finally ready to move out of the doldrums.
"Anonymous Sudan" has been claiming that its DDoS attacks are in retaliation for anti-Islamic activities, but at least one security vendor is suspicious about its true motives.
Decentralized identity products are increasingly projected to be introduced to the market in the next couple of years.
Russia's invasion of Ukraine spurs Space Force to seek astronomical investments in cybersecurity.
The physical and cyber safety issues surrounding medical devices like IV pumps is finally being meaningfully addressed by a new policy taking effect this week.
A successful multi-orbit cryptography test beamed quantum-agile data up to two different satellites and back down to Earth.
Until a degree of confidence is established, a platform's credibility can be eroded by scammers and unsuspecting gamers who fall victim to their attacks.
Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities.
Network protocols can be used to identify operating systems and discern other device information.
Researchers from Orca Security discovered the cross-site scripting (XSS) flaw — which they dubbed Super FabriXss — in December and reported it to Microsoft, which issued a fix for it in March's round of Patch Tuesday updates.
Votiro is revolutionizing file security and safety by expanding its disarming with enhanced data detection and analytics capabilities and making them easily accessible as a browser- and cloud-based services.
The vulnerabilities include remote code execution, cross-site request forgery (CSRF), authentication bypass, cross-site scripting (XSS), command injection, backdoor access, file disclosure, and session hijacking issues.
The San Jose, California-based networking giant said its proposed buy of Lightspin will allow clients to identify and address key cloud security risks without the hassle of extensive configuration requirements.
Almost a month after attending a concert at Cornell University featuring the Beach Bunny band on January 28, several Ithaca College students’ credit and debit card information was breached and varying amounts of money were stolen.
DataDome has raised a total of $81 million in VC funding since launching in 2015 with software to help businesses deal with bots and online fraud activity. The company said the new funding would be used on market expansion and R&D activities.
The flaws in question were abused as part of several exploit chains in two separate highly-targeted campaigns targeting Android and iOS users, as Google's Threat Analysis Group (TAG) recently revealed.
The hackers said they were able to enter the colonel’s military accounts and found information about his subordinates, the movement of troops, and documents related to Russian military equipment.
An APT group known in the security industry as Winter Vivern has been exploiting a vulnerability in the Zimbra Collaboration software to gain access to mailboxes from government agencies in several European countries.
According to a guidance document published earlier today, applicants seeking approval for new medical devices must submit a plan designed to “monitor, identify and address” possible cybersecurity issues associated with them.
Almost a year after the crisis began, a senior White House official told reporters today that the United States plans to provide $25 million in cybersecurity assistance to help Costa Rica strengthen its digital infrastructure.
In early 2020, Formbook was rebranded as Xloader, and the operators behind it moved to a malware-as-a-service (MaaS) business model, renting C2 infrastructure to customers.
New studies by NCC Group and Barracuda Networks show threat actors are increasing ransomware exploits, with consumer goods and services receiving the brunt of attacks and a large percentage of victims being hit multiple times.
To defend against RedGolf attacks, organizations are recommended to apply patches regularly, monitor access to external facing network devices, track and block identified C2 infrastructure, and configure IDS/IPS to monitor for malware detections.
The crime group created over 100 fake "phishing" sites targeting users in France, Spain, Poland, the Czech Republic, Portugal, and other European countries, enticing them with products below market prices.
Exposed personal information, the company says, includes names, addresses, phone numbers, email addresses, birth dates, driver’s license numbers, Social Security numbers, and employment positions.
It appears that domain registrars and certificate-issuing authorities are becoming less effective at preventing fraudsters from obtaining and using legitimate certificates to enhance their phishing success rates.
The data breach at Nebu has affected Nederlandse Spoorwegen (NS), VodafoneZiggo, ArboNed, Heineken, International Film Festival Rotterdam, the Dutch Golf Federation, CZ (insurance firm), Trevvel, and the Dutch Rental Commission (Huurcommissie).
An Azure Active Directory (AAD) misconfiguration by Microsoft in one of its own cloud-hosted applications could have allowed miscreants to subvert the IT giant's Bing search engine – even changing search results.
Acoalition of 11 countries committed on Thursday to counter the misuse of commercial spyware, a step toward building an international agreement to curb technology deployed by authoritarian countries to spy on dissidents and journalists.
The leaked documents, referred to as The Vulkan Files, were obtained by a whistleblower and analyzed by Mandiant in collaboration with several major media outlets in Europe and the United States.
Soon after Latitude Financial revealed it suffered a cyberattack, DXC Technology quietly published a note on its website stating its global network and customer support networks were not compromised.
While hack-for-hire groups may advertise, they aren’t usually helping clients get a cryptocurrency payout. And you can’t sign up for a subscription service. It’s more than likely that hack-for-hire clients have a specific target and goal in mind.
Officials noted that the Washington County Sheriff's Office had its app, finance system, and jail networks disrupted by a ransomware attack between February 21 and early March, with the attack claimed by LockBit on February 27.
In a data breach notification letter sent yesterday to impacted individuals, the Canadian finance giant informs that hackers breached its systems in early December 2022 but did not detect the breach until February 13th, 2023.
Ubuntu Security Notice 5991-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux show more ...
Ubuntu Security Notice 5990-1 - It was discovered that musl did not handle certain i386 math functions properly. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. It was discovered show more ...
Ubuntu Security Notice 5989-1 - Tao Lyu discovered that GlusterFS did not properly handle certain event notifications. An attacker could possibly use this issue to cause a denial of service.
Judging Management System version 1.0 suffers from bypass and remote shell upload vulnerabilities.
Judging Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for login bypass.
EQ Enterprise Management System version 2.2.0 suffers from a remote SQL injection vulnerability.
Online Pizza Ordering version 1.0 suffers from a remote SQL injection vulnerability.
rconfig version 3.9.7 suffers from a remote SQL injection vulnerability.
CoolerMaster MasterPlus version 1.8.5 suffers from an unquoted service path vulnerability.
Ubuntu Security Notice 5988-1 - It was discovered that integer overflows vulnerabilities existed in Xcftools. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
Qubes Mirage Firewall versions 0.8.0 through 0.8.3 suffer from a denial of service vulnerability.
WordPress WooCommerce plugin version 7.1.0 suffers from a remote code execution vulnerability.
Cacti version 1.2.22 suffers from a remote command execution vulnerability.
Textpattern version 4.8.8 suffers from an authenticated remote code execution vulnerability.
Bludit version 3-14-1 suffers from a remote shell upload vulnerability.
Launching CSPM, container workload security, and cloud vulnerability management to modernize cloud security operations.
The State of Email Security Report reveals cyber risk commands the C-suite's focus.
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union. The suspects are alleged to have created more than 100 phishing
Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related incidents. The SANS Institute provides research and education on information security. In the upcoming webinar, we’ll outline, in detail, six components of a SANS incident response plan,
Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS. The company said it's engaging the services of Google-owned Mandiant to review the incident. In the
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe," Proofpoint
My guess is that if you stumbled across a website that called itself "Hack the Pentagon" and was decorated with a grisly-looking skull, you would probably think that you might be somewhere less than legitimate. After all, normally if you hacked The Pentagon you would find yourself in heaps of trouble. Read more in my article on the Hot for Security blog.
