A couple of months ago, the popular tech blogger Linus Tech was hacked. All three of his YouTube channels (the biggest of which boasts over 15 million subscribers) fell into the hands of cybercriminals, who began broadcasting streams with crypto-scam ads. How did the hackers manage to gain access to the channels? show more ...
One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their show more ...
The company plans on disputing these fines once a final decision is made, but warned shareholders that it set aside the funds to pay it, nonetheless.
By enhancing remote management and adopting hardware-enforced security, productivity can continue without inviting extra cyber-risk.
Attackers could exploit a common AI experience — false recommendations — to spread malicious code via developers that use ChatGPT to create software.
In addition to injecting a card skimmer into target Magento, WooCommerce, Shopify, and WordPress sites, the the threat actor is also hijacking targeted domains to deliver the malware to other sites.
Hackers used a little to do a lot, cracking a high-value target with hardly more than the living-off-the-land tools (PowerShell especially) found on any standard Windows computer.
While Clop would not share the number of organizations breached in the MOVEit Transfer attacks, they said that victims would be displayed on their data leak site if a ransom was not paid.
Microsoft is warning investors it may receive a fine from European privacy regulators adding up to at least hundreds of millions of dollars over targeted advertising on its LinkedIn social network.
KeePass has addressed the CVE-2023-32784 vulnerability, which allowed the retrieval of the clear-text master password from the client’s memory. The company fixed the bug with the release of KeePass version 2.54.
“We have been informed that we are one of the companies impacted by Zellis’ cybersecurity incident, which occurred via one of their third-party suppliers called MOVEit,” reads a statement issued by British Airways.
Although CCP certifications will remain valid until they expire at the latest on December 31, 2026, the move is being made to make way for the launch of new chartered titles in late July this year.
The recent MOVEit Transfer zero-day attacks have been linked to a known ransomware group that has exploited a critical SQL injection vulnerability to steal data from dozens of organizations. While Microsoft linked it to the Cl0p ransomware group, Mandiant attributed the attacks to UNC4857. Either update the software show more ...
For defense contractors, who work with some of the country’s most sensitive information, establishing effective cybersecurity protocols takes on an added layer of importance due to the national security concern.
The Caribbean island is dealing with a cyberattack that has disrupted internet access and other infrastructure for weeks. It has a population of about 360,000 and is controlled by France, serving as the outermost region of the European Union.
There was a time when sextortion schemes typically involved digital material that was either coerced or stolen from a victim. The FBI is warning now that deepfakes are changing the nature of the crime.
Even though these tools can provide what appear to be helpful insights to organizations, there are major downsides. The first – and the reason many companies choose not to use it – is that most employees aren’t fond of it.
The International Criminal Court should not allow those who commit war crimes or crimes against humanity in cyberspace to escape international justice, said President of Estonia Alar Karis at a conference on cyber conflict last week.
A senior official from the Biden administration told Nikkei that attacks directed by the hermit nation had risen sharply since 2018, in lockstep with its nuclear and missile programs.
These apps aren't distributed through the Google Play Store. Instead, users searching for apps like Netflix, PDF viewers, security software, and cracked versions of YouTube on a search engine are redirected to an ad page hosting the malware.
Senior corporate executives are increasingly being targeted by sophisticated cyberattacks that target their corporate and home office environments and even extend to family members, according to a study from BlackCloak and Ponemon Institute.
Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December.
Ransomware accounted for 24% of cybersecurity incidents analyzed by Verizon. The company saw the number of ransomware attacks being higher in the past two years than in the previous five years combined.
The scam works via an advanced fee fraud, tricking victims into believing they've won cryptocurrency rewards but requiring them to pay a small activation fee to access their rewards.
David van Weel, NATO’s assistant secretary general for emerging security challenges, told the 15th annual International Conference on Cyber Conflict (CyCon) that NATO members will begin recognizing cyberspace as “a permanently contested environment.”
CloudSEK used the IoCs provided in Dr. Web’s report to uncover more SpinOk infections, extending the list of bad apps to 193 after discovering an additional 92 apps. Roughly half of those were available on Google Play.
Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023.
A financially motivated Brazil threat actor is allegedly targeting individuals who speak Spanish or Portuguese. The primary objective of these attacks is to steal online banking credentials from the victims. The threat actors used CMD-based scripts, Autolt scripts, and LOLBaS to avoid detection by traditional security measures.
Cyclops ransomware is notable for targeting all major desktop operating systems, including Windows, macOS, and Linux. It's also designed to terminate any potential processes that could interfere with encryption.
As the digital revolution changes the claims process, both carriers and customers are increasingly concerned about data privacy, according to a report by LexisNexis Risk Solutions.
Apple’s Safari browser is getting an improved Private Browsing mode, which will lock when not in use, so that users can leave tabs open even if they need to step away from the device.
In a statement on Friday, the office of Augusta Mayor Garnett Johnson said it has continued to work with the city’s IT team and outside security specialists to address the cyberattack that started on May 21.
Ubuntu Security Notice 6142-1 - Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
Red Hat Security Advisory 2023-3460-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a denial of service vulnerability.
Ubuntu Security Notice 6141-1 - Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibly use this issue to inject arbitrary arguments into the default browser or file manager.
Red Hat Security Advisory 2023-3465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
WordPress Getwid Gutenberg Blocks plugin versions 1.8.3 and below suffer from improper authorization and server-side request forgery vulnerabilities.
Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate show more ...
Red Hat Security Advisory 2023-3462-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-3461-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
Expert Job Portal Management System version 1.0 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2023-3470-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3433-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include out of bounds read and use-after-free vulnerabilities.
ManageEngine ADManager Plus versions prior to build 7181 are vulnerable to an authenticated command injection vulnerability due to insufficient validation of user input when performing the ChangePasswordAction function before passing it into a string that is later used as an OS command to execute.
Red Hat Security Advisory 2023-3432-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include out of bounds read and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3441-01 - An update for etcd is now available for Red Hat OpenStack Platform 17.0 (Wallaby).
Red Hat Security Advisory 2023-3447-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.1 (Train).
Red Hat Security Advisory 2023-3440-01 - An update for python-flask is now available for Red Hat OpenStack Platform 17.0 (Wallaby).
Red Hat Security Advisory 2023-3444-01 - An update for python-flask is now available for Red Hat OpenStack Platform 16.2 (Train).
Red Hat Security Advisory 2023-3428-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3425-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-3446-01 - An update for python-flask is now available for Red Hat OpenStack Platform 16.1 (Train).
Red Hat Security Advisory 2023-3431-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-3429-02 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3426-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-3423-01 - The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System distribution but is now maintained independently. Issues addressed include a code execution vulnerability.
Implementation is part of Transdev's Cloud-First approach to better manage technological obsolescence.
Joint research highlights disconnect between legal IT and recommended cybersecurity practices.
A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip fee to avoid additional fines. The messages also contain a shortened URL to conceal the actual
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated attacker to cause a
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive data from infected hosts. "The threat actor behind this [ransomware-as-a-service] promotes its offering on forums," Uptycs said in a new report. "There it requests a share of profits from those engaging in malicious activities using its malware."
Attacks on critical infrastructure and other OT systems are on the rise as digital transformation and OT/IT convergence continue to accelerate. Water treatment facilities, energy providers, factories, and chemical plants — the infrastructure that undergirds our daily lives could all be at risk. Disrupting or manipulating OT systems stands to pose real physical harm to citizens, environments, and
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023. "Type
A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of siphoning cryptocurrency using a rogue extension for Chromium-based browsers. "The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim's account by performing web injections into targeted cryptocurrency websites," Kaspersky
Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular apps to redirect users to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue," Bitdefender said in a technical report shared with The Hacker News. "However,
North Korean state-sponsored hackers are targeting think tanks, research centres, media organisations, and academics in the United States and South Korea to gather intelligence. Read more in my article on the Hot for Security blog.
