Were used to website names ending in .com, .org, .net, and so on. Recent years have seen new domain extensions appear, such as .aero, .club, and others. These are known as top-level domains (TLDs), and the list, already long, gets new additions every now and then. Google announced in May that eight more domains were show more ...
Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What follows is an interview with a Russian hacker responsible for a series of aggressive crypto spam campaigns that recently prompted several large Mastodon show more ...
Shorter certificate lifespans are beneficial, but they require a rethink of how to properly manage them.
Secure email gateways and end users alike are being fooled by a cyberattack campaign that's enjoying skyrocketing volumes against businesses in every industry, globally.
Widespread cyber incidents will happen, but unlike for natural disasters, specific security controls can help prevent a catastrophe.
Threat actors are circumventing geo-location-based security detections, using a combination of cybercrime-as-a-service platforms and the purchasing of local IP addresses.
Victims of the cybercrime schemes are coerced to participate through violence and having their belongings taken away.
Changes in the way risk is viewed are leading to changes in the way training is conducted.
A February 2022 attack, knocked the giant tire maker's North American operations offline for several days.
Security experts are raising concerns about the increasing interest of threat actors in voice cloning-as-a-service (VCaaS) platforms available on the dark web. to manipulate and impersonate voices for malicious purposes. Some of these automated voice cloning platforms are being offered for free, while others cost a show more ...
During their threat-hunting process in early February, Fortinet researchers encountered a kernel driver that used the Donut tool. The driver is called WinTapix.sys and is believed to be used in targeted attacks against countries in the Middle East.
The US announced it commenced over 4,000 legal actions in three months — mostly harshly worded letters — to rein in "money mules" involved in romance scams, business email compromise, and other fraudulent schemes.
These flaws allow attackers to escape the browser sandbox, access sensitive information on the compromised device, and achieve arbitrary code execution following successful exploitation.
A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instances to carry out illicit crypto mining operations.
Applications in scope for the Mobile VRP include those developed by Google LLC, Developed with Google, Research at Google, Red Hot Labs, Google Samples, Fitbit LLC, Nest Labs Inc, Waymo LLC, and Waze.
Clarke County Hospital on Wednesday disclosed that it suffered a data breach, one month after the Royal ransomware gang claimed responsibility for the attack and used a brazen extortion tactic.
About 30% of adults have fallen victim or know someone who has fallen victim to an online scam while trying to save money when booking travel, according to a new report by McAfee.
Rheinmetall’s spokesperson stressed that the incident, which was detected on April 14, only affected the company’s civilian business, which operated using “strictly separated IT infrastructure.”
ReversingLabs laid bare two malicious npm packages—nodejs-encrypt-agent and nodejs-cookie-proxy-agent—harboring an open-source information-stealing malware known as TurkoRat. The packages were collectively downloaded around 1,200 times and remained accessible to users for over two months. The malware can gather sensitive data, including login credentials, crypto wallets, and website cookies.
Micron CFO Mark Murphy on Monday said at a conference that China's Cyberspace Administration (CAC), which on Sunday announced the chipmaker had failed a security review, has offered no reason for that opinion.
"There is NO explosion or incident taking place at or near the Pentagon reservation, and there is no immediate danger or hazards to the public," Arlington Fire & EMS said.
The command injection vulnerability (CVE-2023-28771) affects Zyxel APT, USG FLEX, and VPN firewalls running versions v4.60 to v5.35 of the ZDL firmware, and Zyxel ZyWALL/USG gateways/firewalls running ZLD v4.60 to v4.73.
Since May 10, the production of bikes and scooters at Suzuki Motorcycle's Indian plant has reportedly been temporarily suspended with the loss of an estimated 20,000 vehicles.
Despite the impact that cyber incidents have on an organization’s overall business operations, security spending remains within the purview of the IT budget, albeit a small part.
Security researchers with Tencent Labs and Zhejiang University uncovered a new attack method dubbed BrutePrint to breach the security of Android smartphones via brute-force techniques. Researchers experimented with Android, iOS, and HarmonyOS-based smartphones, however, only Android phones were found susceptible to attacks.
According to a report by 'Scam Sniffer,' the phishing service has created at least 689 fake websites since March 27, 2023. Most of the phishing sites came online after May 14, 2023, with analysts reporting a spike in new sites around that time.
Proposed class action lawsuits are piling up in federal courts over hackers' use of a vulnerability in Fortra's GoAnywhere secure file transfer and a resulting health data breach affecting more than 3 million individuals.
Such fraud schemes, perpetrated primarily by Chinese organized crime groups, have exploded in size in recent years, with Cambodia as the epicenter of the industry and Myanmar increasingly becoming a hub.
The mastermind behind a criminal website that sold tools for scammers who defrauded victims globally of more than 115 million euros received a 13-year, four-month prison sentence in the UK just months after law enforcement seized the site.
The issue allowed security researcher Joseph Harris to effectively merge his own account with anyone else’s, giving him the ability to update that account’s password and take control of it.
The latest activity cluster associated with the group commenced on May 5, 2023, and leverages a variant of RandomQuery that's specifically designed to enumerate files and siphon sensitive data.
The stolen data, now publicly released on Cuba's extortion portal, includes financial documents, correspondence with bank employees, account movements, balance sheets, tax documents, compensation, and source code.
The U.S. Cybersecurity and Infrastructure Security Agency on Friday gave federal agencies until June 9 to patch affected Samsung-made Android devices and added the flaw to its Known Exploited Vulnerabilities Catalog.
Apart from targeting Ukrainian government entities, a threat actor identified by researchers as UAC-0063 “has also shown interest” in targeting Mongolia, Kazakhstan, Kyrgyzstan, Israel, and India, according to the report published on Monday.
Cybercriminals are distributing a fake version of CapCut, ByteDance's official video editor tool, to infect users with different malware. In most cases, they employ SEO poisoning techniques, utilize search ads, and leverage social media platforms to promote the tool via malicious websites created by them. Users are suggested to be sure of advertised results on the Google search engine before clicking on links.
The Treasury Department issued sanctions on Tuesday cracking down on four entities and one individual involved in malicious cyber activities supporting the Democratic People’s Republic of Korea and its weapons programs.
This exploit takes advantage of a vulnerability in sudoedit, part of the sudo package. The sudoedit (aka sudo -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. show more ...
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
WBiz Desk version 1.2 suffers from a cross site scripting vulnerability.
WBiz Desk version 1.2 suffers from a remote SQL injection vulnerability in the idtk parameter. This is a variant finding from the original discovery of SQL injection in this version attributed to h4ck3r in May of 2023.
Ubuntu Security Notice 5725-2 - USN-5725-1 fixed a vulnerability in Go. This update provides the corresponding update for Ubuntu 16.04 LTS. Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this issue to cause Go applications to hang or crash, resulting in a denial of service.
Ubuntu Security Notice 6073-9 - USN-6073-4 fixed a vulnerability in os-brick. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume show more ...
Ubuntu Security Notice 6073-6 - USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. show more ...
Ubuntu Security Notice 6073-7 - USN-6073-2 fixed a vulnerability in Glance_store. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. Jan Wasilewski and Gorka Eguileor discovered that Glance_store incorrectly handled deleted volume show more ...
Ubuntu Security Notice 6073-8 - USN-6073-3 fixed a vulnerability in Nova. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information.
Ubuntu Security Notice 6099-1 - It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that ncurses show more ...
Debian Linux Security Advisory 5409-1 - Two security issues have been discovered in libssh, a tiny C SSH library.
Ubuntu Security Notice 6094-1 - Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service. Jordy Zomer and Alexandra Sandulescu discovered that the Linux show more ...
Ubuntu Security Notice 6096-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM show more ...
Ubuntu Security Notice 6095-1 - Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information. Xingyuan Mo discovered that the x86 KVM show more ...
Affiliate Me version 5.0.1 suffers from a remote SQL injection vulnerability.
China has banned U.S. chip maker Micron from selling its products to Chinese companies working on key infrastructure projects, citing national security risks. The development comes nearly two months after the country's cybersecurity authority initiated a probe in late March 2023 to assess potential network security risks. "The purpose of this network security review of Micron's products is to
The most precious asset in today's information age is the secret safeguarded under lock and key. Regrettably, maintaining secrets has become increasingly challenging, as highlighted by the 2023 State of Secrets Sprawl report, the largest analysis of public GitHub activity. The report shows a 67% year-over-year increase in the number of secrets found, with 10 million hard-coded secrets detected
An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. Fortinet Fortiguard Labs, which dubbed the artifact WINTAPIX (WinTapix.sys), attributed the malware with low confidence to an Iranian threat actor. "WinTapix.sys is essentially a loader," security researchers Geri Revay and Hossein Jazi said
Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group's activities since mid-2020, characterized the adversary as both capable and stealthy. The targeting scope of the campaign is focused on Afghanistan, Azerbaijan, Iran, Iraq,
The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of reconnaissance campaigns to enable subsequent attacks," SentinelOne researchers Aleksandar Milenkoski and Tom
The Indian manufacturing plant responsible for manufacturing Suzuki motorcycles has been forced to shut down following a cyber attack, with the loss of an estimated 20,000 vehicles. Read more in my article on the Hot for Security blog.
