Season 3 of The Mandalorian TV series gave us a look at the state of information security in the Star Wars universe nine years after the Battle of Yavin. And the more I watch this show, the more I get the impression that all the infosec problems of the galaxy far, far away have two roots — negligence and droids. show more ...
Sharing information is critical to help organizations protect data and systems. To be even more effective, collaboration should be inclusive — vendors, researchers, and private companies large and small.
Three vulnerabilities in the platform's API Management Service could allow access sensitive data, mount further attacks, and even hijack developer portals.
In part one of this three-part series, Microsoft details how cybercriminals innovate and evade detection to make money or sow destruction.
Cybersecurity is a hotbed of startup activity, and with good reason. Startups typically look for an IPO or acquisition, but right now IPOs are off the table.
The debate over whether ChatGPT and other generative AI tools will benefit defenders or further embolden attackers may be ongoing, but companies are going forward with new tools.
Courts closed, but police, fire rescues unaffected following ransomware attack.
Google's new program aims to offer accessible training to fill 750K open cybersecurity jobs with diverse array of talent.
Scammers are leveraging the popularity of ChatGPT in phishing attacks. Here's a look at research on these newly registered domains and tactics.
The Orion software suite had about 33,000 customers, some of whom had started receiving the hacked software update in March. That meant some customers might have been compromised for eight months already.
A researcher with the pseudonym 'neskafe3v1' reached out to BleepingComputer stating he had taken over fourteen Packagist packages, with one of them having over 500 million installs.
Dallas was hit with a computer ransomware attack Wednesday that brought down its Police Department and City Hall websites and caused some jury trials to be canceled, officials said.
A group of more than 40 media and digital rights organizations are calling on Five Eyes nations and democratic governments around the world to reject efforts to weaken encryption and support a global vision of a free and open internet.
Try2Check’s websites have now been taken offline and the State Department has issued a $10m reward for information leading to the capture of the man accused of running the platform.
The FTC proposed on Wednesday that Facebook be prohibited from profiting off of data it collects from minors, a move that comes in response to alleged violations of the company’s previous agreements with the agency to protect user privacy.
Vulnerabilities in Netgear’s NMS300 ProSAFE network management system allow attackers to retrieve cleartext credentials and escalate privileges, cybersecurity firm Flashpoint reports.
A court victory in the closely watched insurance case is expected to stabilize a turbulent market and provide some assurance for organizations amid a rise in nation-state activity.
Iran’s cyber-enabled influence operations, which combine offensive cyberattacks with social media posts and SMS campaigns, mostly target Israel, the U.S., and activists who oppose the Iranian regime, Microsoft said in a report published Tuesday.
The operation, dubbed SpecTor, also included the seizure of 117 firearms, 850 kilograms of drugs — including 64 kilograms of fentanyl or fentanyl-laced narcotics — and $53.4 million in cash and virtual currencies, the DoJ said in a statement.
Russia-linked APT group Sandworm is behind destructive cyberattacks against Ukrainian state networks, the Ukrainian Government Computer Emergency Response Team (CERT-UA) warns.
Cybercriminals have been using AT&T-provided email addresses to steal large amounts of cryptocurrency by accessing accounts via mail keys. One victim claimed to have lost $134,000 from its Coinbase account. The firms are suggested to update their security controls to prevent such activities and proactively require a password reset on some email accounts.
Orqa, a maker of First Person View (FPV) drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them.
The UK government has announced a new fraud strategy which will focus heavily on mitigating the impact of telephone and online scams, although critics have said it doesn’t go far enough.
Trend Micro noticed a ransomware variant called Rapture that adopts a minimalistic approach and leaves behind only a small digital footprint. The attackers utilized the commercial packer Themida to pack the ransomware, hence making the analysis challenging. An RSA key configuration file used by the attackers was found to be similar to that used by the Paradise ransomware.
Hackers have published a trove of sensitive data stolen from payment software company AvidXchange after the company fell victim to ransomware for the second time this year.
The Kids Online Safety Act, known as KOSA, would place a duty of care on platforms to prevent promoting to users under 17 content that includes harmful behaviors such as eating disorders and suicide.
Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware gang stole data using a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform.
The list encompasses a number of communications equipment and service providers that have been determined by the US government to pose a potential national security risk according to the Secure and Trusted Communications Networks Act of 2019.
Google wants to take us further into a passwordless future by allowing personal account holders to login using passkeys rather than using passphrases and multifactor authentication (MFA).
The vulnerability, which has now been fixed, was caused by a window message event handler that does not properly validate the message origin, providing attackers access to sensitive user information.
Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI's ChatGPT as a lure to propagate about 10 malware families since March 2023.
FortiGuard Labs warned of attackers exploiting a five-year-old authentication bypass vulnerability in TBK DVR devices, that has over 600,000 cameras and 50,000 recorders installed globally, providing a significant threat to camera video feeds. A remote attacker can also exploit the flaw to bypass authentication and obtain administrative privileges.
Security experts are cautioning against malware impersonating a ChatGPT Windows desktop client that is capable of copying login credentials from the Google Chrome login data directory. Users are advised to not click on random emails or links without prior knowledge or idea.
Russian state-sponsored hacking group APT28 is targeting Ukrainian government entities with malicious emails disguised as Windows update instructions - warned CERT-UA. The attack begins with phishing emails sent to employees in government bodies, masquerading as system administrators of their departments.
The law enforcement command of the Islamic Republic of Iran (FARAJA) is allegedly physically deploying a malware strain known as BouldSpy on the devices of a section of people. As per reports, it is in use since at least 2020 and has claimed more than 300 victims to date. The malware serves the purpose of snooping on the activities of minority groups in the country.
Experts at Cyble laid bare AresLoader, a new type of loader that distributes multiple malware strains, including IcedID, Aurora Stealer, and Laplas Clipper. A GitHub repository masquerading as a Citrix project was being used to distribute the malware. Experts recommend creating multiple lines of defense, including implementing genuine anti-virus software, firewalls, and an anti-phishing solution.
Ubuntu Security Notice 6055-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffer using memcpy with the length of payload type as the length parameter. There are no checks that the payload type is less than 8-bytes long or actually an integer.
Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.
Companymaps version 8.0 suffers from a remote SQL injection vulnerability.
Companymaps version 8.0 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2023-2104-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private show more ...
Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. SDP supports attributes acfg and pcfg that allow configuration information to be specified as integers. The baseband software allocates a fixed-size buffer for this information, but show more ...
Red Hat Security Advisory 2023-2097-03 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of show more ...
GV-Edge Recording Manager version 2.2.3.0 suffers from a privilege escalation vulnerability.
Red Hat Security Advisory 2023-2100-01 - This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. The purpose of this text-only errata is to inform you show more ...
Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. SDP supports an attribute chatroom that allows multiple chat properties to be specified. The baseband software allocates a fixed-size buffer for these types, but does not check that show more ...
Red Hat Security Advisory 2023-2101-01 - Red Hat Update Infrastructure offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux instances. Issues addressed include denial of service and remote shell upload vulnerabilities.
Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. SDP supports an attribute accept-type that allows multiple format types to be specified. The baseband software allocates a fixed-size buffer for these types, but does not check that show more ...
Red Hat Security Advisory 2023-2098-01 - Multicluster Engine for Kubernetes 2.0.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use show more ...
Red Hat Security Advisory 2023-2099-01 - A patch is now available for Camel for Spring Boot 3.18.3. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include denial of service and resource exhaustion vulnerabilities.
Researchers find attackers are successfully evading detection by blending in with normal network traffic via HTTP and HTTPS.
The InsightCyber Platform delivers continuous AI-monitoring of cyber-physical assets.
Organizations can effectively classify unstructured data, automatically apply policies, and remediate violations.
Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI's ChatGPT as a lure to propagate about 10 malware families since March 2023. The development comes against the backdrop of fake ChatGPT web browser extensions being increasingly used to steal users' Facebook account credentials with an aim to run
IT and cybersecurity teams are so inundated with security notifications and alerts within their own systems, it’s difficult to monitor external malicious environments – which only makes them that much more threatening. In March, a high-profile data breach hit national headlines when personally identifiable information connected to hundreds of lawmakers and staff was leaked on the dark web. The
Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. "Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links, downloading malware or sharing personal information across the internet," Guy Rosen, chief information
Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery (SSRF) flaws and one instance of unrestricted file upload functionality in the API Management developer portal, according to Israeli cloud security firm Ermetic. "
Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 (CVSS score: 9.8), the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. While the flaw was patched by the
Two unsavoury websites suffer from a worrying leak, scientists are going animal crackers over AI, and the BBC is intercepting scammers’ live phone calls with victims. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham show more ...
Apple and Google have announced that they are teaming up in order to combat the safety risks associated with AirTags and other tracking devices. Read more in my article on the Hot for Security blog.
Businesses should patch their TP-Link routers as soon as possible, after the revelation that a legendary IoT botnet is targeting them for recruitment. Read more in my article on the Tripwire State of Security blog.
