No sooner had we written about vulnerabilities in both Apple and Microsoft operating systems, as well as in Samsung Exynos chips, allowing the hacking of smartphones without any action on the part of their owner, than news broke about a couple of very serious security holes in both iOS and macOS — besides the ones show more ...
In early April, Kaspersky experts discovered a mass e-mailing campaign sending messages with a malicious PDF attached. The attackers are taking aim at companies: a dangerous document is attached to business correspondence (we saw e-mails written in English, German, Italian and French). The objective of the campaign is show more ...
A little preconference reconnoitering of upcoming seminars, keynotes, and track sessions makes plotting your days easier. Here's one attendee's list.
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Because the security vulnerability is under active exploit, Google isn't releasing full details of the flaw while users could remain vulnerable.
Members of the former ransomware group are using a FIN7 backdoor to deliver malware —including Cobalt Strike — to victim systems.
Communicating cyber-risk upward to C-suite and board takes simplification and better understanding of the audience.
Thousands of restaurants impacted by what Aloha PoS parent company NCR says was a ransomware attack on one of its data centers.
Learning how to break the latest AI models is important, but security researchers should also question whether there are enough guardrails to prevent the technology's misuse.
Analyzing devices compromised with BlackLotus, the Microsoft Incident Response team identified several points in the malware installation and execution process that allow its detection.
"Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week.
The funds raised will be used for product innovation and entering new global markets in North America, Europe, and MENA region in addition to growing the existing markets in SEA, including India, Singapore, and Japan.
The LockBit group is the first ransomware gang that has created encryptors to target macOS systems, MalwareHunterTeam warns. The researchers discovered the LockBit encryptors in a ZIP archive uploaded to VirusTotal.
The authoring agencies urged technology and software manufacturers “to revamp their design and development programs to permit only secure-by-design and -default products to be shipped to customers.”
If you’ve ever searched for free online movie streaming sites, you’ve probably come across Movie365 and other similar sites. While these sites promise access to the latest movies, they’re often not what they seem.
The company further emphasized that it's committing to publicly disclose incidents when it finds evidence of active exploitation of vulnerabilities across its product portfolio.
The FSB claims that despite many of the attacks being presented as activities by the "IT Army of Ukraine," it was able to discern the involvement of pro-west hacker groups like "Anonymous," "Sailens," "Goast clan," "Ji-En-Ji," "SquadZOZ," and others.
Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks.
Over the weekend, Rheinmetall, a leading German armaments and technology company, was the victim of a cyberattack that targeted all three of its divisions. However, company officials have stated that the attack did not impact operations.
NCR is suffering an outage on its Aloha point of sale (PoS) platform since Wednesday after it was hit by a ransomware attack conducted by the BlackCat/ALPHV ransomware group.
They used a technique dubbed Business Email Compromise (BEC). As part of this, it's claimed, the fraudsters broke into people's email accounts, too, and chatted via mobile apps to organize their crimes.
Action1 is a remote monitoring and management (RMM) product that is commonly used by managed service providers (MSPs) and the enterprise to remotely manage endpoints on a network.
This was found in the Targeting Scams report from the Australian Competition and Consumer Commission, which compiles data from Scamwatch, ReportCyber, major banks, and money remitters, based on an analysis of more than 500,000 reports.
On February 17, 2023, the Cybernews research team discovered public access to sensitive files hosted on dimasvolvo.com.br website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.
While much of the cybersecurity world’s attention is on fending off Russian hacks against Ukraine, American officials are increasingly worried about another growing threat: attacks by China on U.S. soil.
ZeroFox (ZFOX), which advertises itself as an external cybersecurity solutions provider, on Monday, announced that it’s in the process of acquiring threat intelligence and attack surface management company LookingGlass.
The phishing attack is hosted on a landing page at payroll-microsoft365-access-panel-2023[.]softr[.]app/ which redirects to azaleastays[.]com/devr365web2023/ once a button is clicked.
The latest intrusion wave, spotted by IBM Security X-Force two months ago, involves the use of Dave Loader, a crypter previously attributed to the Conti group (aka Gold Blackburn, ITG23, or Wizard Spider), to deploy the Domino backdoor.
Discovered by security researchers at Kaspersky, the malicious campaign relied on messages written in different languages, including English, German, Italian, and French.
A Chinese hacker group, Vixen Panda, is suspected of targeting the Foreign Ministry in a recent cyberattack. As per a new report by Euractiv, the hackers showed a keen interest in policy documents.
The malware spreads through methods like phishing, malicious ads, and cracked software. It also uses a technique called process hollowing to inject the malicious code into a legitimate process called AppLaunch.exe.
In October 2022, threat actors sent phishing emails that contained links to a password-protected file hosted in Drive. The final payload was the Go-written GC2 tool that gets commands from Google Sheets and exfiltrates data to Google Drive.
Ubuntu Security Notice 6022-1 - It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. It was discovered that show more ...
Ubuntu Security Notice 6023-1 - It was discovered that LibreOffice may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Debian Linux Security Advisory 5390-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code.
Red Hat Security Advisory 2023-1677-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only show more ...
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
Red Hat Security Advisory 2023-1788-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
AspEmail version 5.6.0.2 suffers from weak permission vulnerability that allows for local privilege escalation.
Red Hat Security Advisory 2023-1786-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
Ubuntu Security Notice 5855-4 - USN-5855-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially show more ...
Red Hat Security Advisory 2023-1787-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
Red Hat Security Advisory 2023-1785-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
Bang Resto version 1.0 suffers from multiple SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to nu11secur1ty in December of 2022.
Bang Resto version 1.0 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2023-1789-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
Debian Linux Security Advisory 5389-1 - Two vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could lead to XSS and DOM based cross-site scripting (CRS). This update also fixes a regression introduced in previous update that may block certain access for apps using development environment.
Red Hat Security Advisory 2023-1792-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
Red Hat Security Advisory 2023-1790-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
GDidees CMS version 3.9.1 suffers from file disclosure and directory traversal vulnerabilities.
Red Hat Security Advisory 2023-1791-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.
lockr preserves open access to information across the Internet while honoring consumer privacy and choice.
Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. "Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and scripts] negate the need to bring in external tools that might be flagged by
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week. "Once the
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google's infrastructure for malicious ends. The tech giant's Threat Analysis Group (TAG) attributed the campaign to a threat actor it tracks under the geological and geographical-themed moniker HOODOO, which is
The Deep, Dark Web – The Underground – is a haven for cybercriminals, teeming with tools and resources to launch attacks for financial gain, political motives, and other causes. But did you know that the underground also offers a goldmine of threat intelligence and information that can be harnessed to bolster your cyber defense strategies? The challenge lies in continuously monitoring the right
Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its hacking toolset was exposed by Citizen Lab and Microsoft. The development was reported by the Israeli business newspaper Calcalist, citing unnamed sources, adding the company "hasn't been fully active for a while" and that it "has been in a difficult situation for several
A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spain, the U.S., Russia, France, the U.K., and Morocco. QBot (aka Qakbot or Pinkslipbot) is a banking
A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino, is primarily designed to facilitate follow-on exploitation on compromised systems, including delivering a lesser-known information stealer that
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are used interchangeably, this confusion is understandable. This confusion, though, is dangerous to organizations that need to secure
