The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one.
The technology conglomerate has until later this year to end its transfer of European user's data across the Atlantic.
Techniques used in cyber warfare can be sold to anyone — irrespective of borders, authorities, or affiliations. We need to develop strategies to respond at scale.
The purchase gives IBM access to a new category of products called "data security posture management" for security data in cloud and SaaS repositories.
Security vendors, businesses, and US government agencies need to work together to fight ransomware and protect critical infrastructure.
The seed round was led by First Round Capital and closes alongside news that Manifest secured two new contracts from the U.S. government to help federal agencies and the military understand what’s in the software that they use.
The threat actors publish malicious packages to the PyPI repository and attempt to trick developers into using them using social engineering tricks, such as intentional typos in their names and high version numbers.
U.S. District Judge Xavier Rodriguez on Thursday sided with Rackspace in dismissing litigation that had been brought by 37 plaintiffs from across the U.S. who lost access to email and related data as a result of the December 2022 attack.
The malicious websites were discovered by Cyble, which reports seeing two campaigns distributing different malware strains. No specific information about how victims are directed on these sites was provided.
The FIN7 gang has made a comeback with a new attack tactic involving Cl0p ransomware strains. It has previously utilized ransomware strains developed by various groups such as REvil and Maze. It uses Impacket and OpenSSH to infiltrate targeted networks and move laterally to deploy Cl0p ransomware. Organizations show more ... should use threat intelligence sharing platforms to stay updated on the latest global and internal events in real time..
Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser.
Ransomware attacks have never been this popular, a new report from cybersecurity researchers Securin, Ivanti, and Cyware has stated. The report identified 12 vulnerabilities newly associated with ransomware in Q1 2023.
The FTC made a few bold moves to ramp up its oversight of data privacy, including an effort to codify sweeping changes to the Health Breach Notification Rule and releasing a policy statement warning of greater scrutiny over the use of biometric data.
Researchers at Tencent Labs and Zhejiang University have presented a new attack called 'BrutePrint,' which brute-forces fingerprints on modern smartphones to bypass user authentication and take control of the device.
Tejay Fletcher, 35, from London, was found guilty of running a multi-million-pound fraud website that led to at least £100m ($124.2m) being stolen globally. Of this, £43m ($53.4m) was taken from UK victims.
Critical infrastructure providers are poised to increase global spending on cybersecurity at a compound annual growth rate of 13%, according to projections ABI Research released Tuesday.
The company informed the Maine Attorney General about the data breach last week and shared a copy of the notification letter sent to impacted people. Dish told authorities that the incident impacted more than 296,000 individuals.
The Royal ransomware group is enhancing its downloader malware by adopting tactics and techniques that seem to be directly influenced by other post-Conti groups. The malware loader appears to be at its nascent stage and has a single purpose of deploying Cobalt Strike. Organizations are urged to timely report TTPs of the threat so that other organizations can fend it off.
DDoS attacks appear to reflect major geo-political challenges and social tensions and have become an increasingly significant part in the hybrid warfare arsenal, according to Arelion.
The majority of organizations use six or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%), according to Armorblox.
The ransomware attack against Dallas entered a new and all-too-common phase Friday as Royal, the threat actor behind the attack, listed the city on its leak site almost three weeks after the city was first made aware of the attack.
Cybersecurity firm Onfido acquired Airside Mobile to deliver user-controlled, shareable digital identity designed with data privacy and time-saving convenience at its core.
The bad news train keeps rolling for Capita, with more local British councils surfacing to say their data was put on the line by an unsecured AWS bucket, and, separately, pension clients warning of possible data theft in March's mega breach.
Researchers have developed DarkBERT, a language model pre-trained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s virtual underbelly.
Trend Micro researchers reported on an incident involving the BlackCat ransomware that took place in February 2023. The researchers highlighted a new capability, which involved the utilization of a signed kernel driver for evasion.
The European Union slapped Meta with a record $1.3 billion privacy fine Monday and ordered it to stop transferring user data across the Atlantic, the latest salvo in a decadelong case sparked by U.S. cyberespionage fears.
A new US Government Accountability Office (GAO) report shows that the Departments of Agriculture, Homeland Security (DHS), Labor, and the Treasury have not fully implemented six key cloud security practices for their systems.
The Lemon Group gained control over millions of smartphones globally through the preinstallation of a malware called Guerrilla, reported Trend Micro. The campaign has been active since 2018. Lemon Group conducts business for marketing and advertising companies and utilizes big data. This highlights the risk to users' privacy posed by copycat brands of premium devices.
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged show more ... the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports show more ... Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the show more ... TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5900-2 - USN-5900-1 fixed vulnerabilities in tar. This update fixes it to Ubuntu 23.04. It was discovered that tar incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information or cause a crash.
Red Hat Security Advisory 2023-3245-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only show more ... allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3247-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only show more ... allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3246-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only show more ... allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3243-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only show more ... allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Red Hat Security Advisory 2023-3248-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only show more ... allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.
Gentoo Linux Security Advisory 202305-28 - Multiple vulnerabilities have been found in snakeyaml, the worst of which could result in denial of service. Versions greater than or equal to 1.33 are affected.
Gentoo Linux Security Advisory 202305-27 - A vulnerability has been discovered in Tinyproxy which could be used to achieve memory disclosure. Versions greater than or equal to 1.8.3-r3 are affected.
Gentoo Linux Security Advisory 202305-25 - Multiple vulnerabilities have been discovered in ModSecurity Core Rule Set, the worst of which could result in bypassing the WAF. Versions greater than or equal to 3.3.4 are affected.
Gentoo Linux Security Advisory 202305-24 - Multiple vulnerabilities have been found in MediaWiki, the worst of which could result in denial of service. Versions greater than or equal to 1.25.2 are affected.
Gentoo Linux Security Advisory 202305-26 - Multiple vulnerabilities have been discovered in LibreCAD, the worst of which could result in denial of service. Versions greater than or equal to 2.1.3-r7 are affected.
Debian Linux Security Advisory 5408-1 - Irvan Kurniawan discovered a double free in the libwebp image compression library which may result in denial of service.
Debian Linux Security Advisory 5407-1 - It was discovered that missing input sanitising in cups-filters, when using the Backend Error Handler (beh) backend to create an accessible network printer, may result in the execution of arbitrary commands.
Debian Linux Security Advisory 5406-1 - Max Chernoff discovered that improperly secured shell-escape in LuaTeX may result in arbitrary shell command execution, even with shell escape disabled, if specially crafted tex files are processed.
W3 Eden Download Manager versions 3.2.70 and below suffer from a persistent cross site scripting vulnerability via ShortCode.
In eBankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any email address or phone number without validation.
WBiz Desk version 1.2 suffers from a remote SQL injection vulnerability.
hyiplab version 2.1 leaves a default set of administrative credentials installed post installation.
Esg version 2.5 suffers from a remote SQL injection vulnerability.
Code Bakers version 1.0 suffers from a remote SQL injection vulnerability.
A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux, and macOS, and is expected to be patched in version 2.54, which is likely to be released early
A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He pleaded guilty last month to a number of cyber offenses, including facilitating fraud and possessing and transferring
New findings about a hacker group linked to cyber attacks targeting companies in the Russo-Ukrainian conflict area reveal that it may have been around for much longer than previously thought. The threat actor, tracked as Bad Magic (aka Red Stinger), has not only been linked to a fresh sophisticated campaign, but also to an activity cluster that first came to light in May 2016. "While the
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization's reputation, induce considerable financial losses, and even have serious legal repercussions. From the infamous Cambridge Analytica scandal to the Equifax data breach, there have been some pretty high-profile leaks resulting in massive
A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations. Cloud security company's Permiso P0 Labs, which first detected the group in November 2021, has assigned it the moniker GUI-vil (pronounced Goo-ee-vil). "The group displays a preference for Graphical
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the personal data of users in the region to the U.S. In a binding decision taken by the European Data Protection Board (EDPB), the social media giant has been ordered to bring its data transfers into compliance with the GDPR and delete unlawfully stored and processed
Personal details of more than 100,000 pension holders may have been stolen by the hackers. And that's just the tip of the iceberg...
Since earlier this month some owners of HP OfficeJet printers have been reporting that they are faced with a blue screen error message, and a bricked device. Read more in my article on the Hot for Security blog.
