The gaming community is actively discussing news about malware dubbed fractureiser, found in mods for Minecraft. It was downloaded from CurseForge and dev.bukkit.org. Gamers are advised not to download new .jar files from those sites. Anyone who did recently should check their computers with antimalware solutions. The show more ...
Cisco laid out its AI plans and a vision for unified cloud security during Cisco Live 2023.
By stepping in to provide aid, the federal government could help protect companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack.
Experts and researchers warn individuals and organizations that the cybercrime group is not to be trusted in their demands.
A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit.
Ransomware continues its runaway growth with median payments reaching $50,000 per incident.
The FTC has demanded additional data privacy protections for kids using Xbox gaming systems, extending COPPA protections.
Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns.
Today, technology companies have high success rates against generative AI-created voices and videos, but future detection will be much more difficult.
A researcher guides Dark Reading through the most important bits of Cl0p's latest exploit.
Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy.
Insikt Group researchers linked the campaign to APT38, a state-sponsored group in North Korea notorious for several high-profile attacks on cryptocurrency firms and other organizations.
The settlement with the Federal Trade Commission comes in response to charges that Microsoft’s Xbox gaming system illegally gathered and retained children’s personal information without alerting their parents or getting their approval.
Although the hackers did not directly release user data, the compromised admin panel credentials potentially grant access to a substantial amount of personal information and data centers.
"PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption," according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023.
CISOs and ITDMs (IT security decision-makers) continue to be most occupied with business, IT and security program strategy, but they are spending less time on threat research, awareness, and hunting compared to 2022, according to Nuspire.
Mercer University, based in Macon, Georgia, is facing a bunch of class action lawsuits after the personal data of nearly 100,000 people was stolen from its tech infrastructure.
Attackers could have used the flaw to redirect anyone to malicious websites, prompting users to part with their login credentials, credit card numbers, or other sensitive data.
Passkeys are an alternative authentication method to passwords, allowing users to sign in to apps and websites with their fingerprint, with facial recognition, or with their device’s PIN or pattern.
Potentially hundreds of companies globally are being extorted by the Clop ransomware group after it exploited a vulnerability in the file transfer tool MOVEit to break into computer networks around the world and steal sensitive information.
Gartner analysts are calling for organizations to adopt a “minimum effective toolset” for enterprise security, using the fewest technologies required to observe, respond and defend against threats.
The research findings from Veracode come amid a flurry of recent initiatives by the federal government to strengthen cybersecurity, including efforts to reduce vulnerabilities in applications that perform critical government functions.
The document — 2013’s Presidential Policy Directive 21, or PPD-21 — established which agencies were responsible for steering protection of each of the 16 critical infrastructure sectors, today known as sector risk management agencies (SRMAs).
Volodymyr Kondrashov, spokesperson for Ukraine's State Service of Special Communications and Information Protection tweeted Tuesday the campaign targets Microsoft Windows machines used by government agencies and media organizations.
The number of new vulnerabilities reported by the US government in 2022 increased by a quarter annually to hit 25,096, a new all-time high, according to data compiled by Skybox Security.
LLMs can be trained to identify potential security threats, thus acting as an added layer of protection. Moreover, they’re fantastic tools for fostering cybersecurity awareness, capable of simulating threats, and providing real-time guidance.
VMware issued multiple security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers to gain remote execution or access sensitive information.
The Guide to Securing Remote Access Software (PDF) is authored by the CISA, the FBI, the NSA, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Israel National Cyber Directorate (INCD).
“Between November 2022-April 2023, we noticed a 910% increase in monthly registrations for domains, both benign and malicious, related to ChatGPT,” according to the latest Network Threat Trends Research Report from Palo Alto Networks' Unit 42.
A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a low-profile and seemingly not very active threat actor – seems to be among them.
Red Hat Security Advisory 2023-3363-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a denial of service vulnerability.
Ubuntu Security Notice 6144-1 - It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to show more ...
Ubuntu Security Notice 6143-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Jun Kokatsu discovered show more ...
Debian Linux Security Advisory 5419-1 - Two vulnerabilities were discovered in c-ares, an asynchronous name resolver library.
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.
Red Hat Security Advisory 2023-3362-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a resource exhaustion vulnerability.
Red Hat Security Advisory 2023-3525-01 - Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine.
This Metasploit module leverages an authentication bypass in PaperCut NG. If necessary it updates Papercut configuration options, specifically the print-and-de vice.script.enabled and print.script.sandboxed options to allow for arbitrary code execution running in the builtin RhinoJS engine. This module logs at most 2 events in the application log of papercut. Each event is tied to modification of server settings.
Red Hat Security Advisory 2023-3366-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.2. Issues addressed include a traversal vulnerability.
Whitepaper called Bughunter's Life-Style: A DIY guide to become an alone long time bughunter for ordinary people. Written in Spanish.
Ubuntu Security Notice 6028-2 - USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.
Red Hat Security Advisory 2023-3491-01 - An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
Magento eCommerce version 2.4.0 suffers from an information disclosure vulnerability.
Wizcyb Interactive version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3517-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-3481-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
USB Flash Drives Control version 4.1.0.0 suffers from an unquoted service path vulnerability.
Red Hat Security Advisory 2023-3489-01 - Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol server, as well as command-line utilities and Web UI packages for server administration.
CloudPanel versions 2.0.0 through 2.2.2 suffer from a privilege escalation vulnerability when a traversal is leveraged against clpctlWrapper for which all normal users have sudo access.
Expert Job Portal Management System version 1.0 suffers from a remote SQL injection vulnerability.
WordPress Updraft plugin version 0.6.1 suffers from an information disclosure vulnerability.
In a zero-trust world, a trusted identity is the key that unlocks access for people and devices to enter your enterprise’s key networks, systems, and resources.
OIE upgrade roadmap helps organizations become more secure; saves time, resources.
CIARA V4.0 boosts compliance with security regulations and best practices while providing effective mitigation guidance. "CISOs are doing more with less, making it challenging to understand their current standing across the OT Cybersecurity landscape," said Ilan Barda, Radiflow CEO and co-founder.
An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. "PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption," according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023. "The name is derived from the tool,
Microsoft has agreed to pay a penalty of $20 million to settle U.S. Federal Trade Commission (FTC) charges that the company illegally collected and retained the data of children who signed up to use its Xbox video game console without their parents' knowledge or consent. "Our proposed order makes it easier for parents to protect their children's privacy on Xbox, and limits what information
Get exclusive insights from a real ransomware negotiator who shares authentic stories from network hostage situations and how he managed them. The Ransomware Industry Ransomware is an industry. As such, it has its own business logic: organizations pay money, in crypto-currency, in order to regain control over their systems and data. This industry's landscape is made up of approximately 10-20
The Russia-linked cybercrime gang thought to be behind a hack that has impacted companies around the world has posted a message to its corporate victims. In short, firms affected by the MOVEit hack are being told to congtact the Cl0p ransomware group before June 14, or face the consequences.
TikTok is making headlines again, and - as usual - it's not for a good reason. Read more in my article on the Hot for Security blog.
