The Microsoft July patch collection turned out to be quite surprising. Firstly, they are once again fixing the seemingly dead Internet Explorer. Secondly, as many as six of the vulnerabilities are already being actively exploited by attackers. And thirdly, two of these six were closed not with patches, but with show more ...
The latest edition of the Transatlantic Cable Podcast begins with news that a judge has ruled that the United States government must limit its contact with social media networks. From there discussion moves to news that the U.K government is trying to push through new legislation to enable it to essentially break show more ...
Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple issued (and then show more ...
New threats demand that we transform the way we think about securing the endpoints. Case in point: APIs, writes Ross Moore. The post Attacks on APIs demand a Security Re-Think appeared first on The Security Ledger with Paul F. Roberts. Related StoriesMalicious Automation is driving API Security BreachesThe surveys show more ...
A group of cybersecurity organizations is urging the White House to move with haste in nominating a new National Cyber Director, amid a complex and shifting threat landscape.
Generative AI is the cybersecurity resource that never sleeps. Here are some of the ways security-focused generative AI can benefit different members of the SOC team.
Using open source tools, attackers target Chinese speakers with malicious drivers with expired certificates, potentially allowing for full system takeover.
QuickBlox users should update to the latest version of the platform in order to protect against several avenues of exploitation.
The startup, one of four finalists in this year's Black Hat USA Startup Spotlight competition, automates vulnerability remediation using AI.
Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office, .Net, and Azure Active Directory, among others.
Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability.
A good backup strategy can be effective at mitigating a ransomware attack, but how many organizations consider that their backup data can also be targeted?
Platform's independent server "instances" may have different security levels, creating potential for supply chain-like vulnerabilities.
"We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns," the company said in its Release Notes for Firefox 115.0 shipped last week.
Of the 130 vulnerabilities, nine are rated Critical and 121 are rated Important in severity. This is in addition to eight flaws the tech giant patched in its Chromium-based Edge browser towards the end of last month.
Cybercriminals attempted to access accounts of a Scranton couple who are among clients whose personal information was exposed in a data breach at a Commonwealth Health cardiology group's practice, according to a proposed class-action lawsuit.
Apple has pulled its latest Rapid Security Response updates for iOS and macOS after users complained that they were getting errors when accessing some websites through Safari.
Cybersecurity funding fell by more than half to $1.9 billion during Q2 2023, as fears of a recession and uncertainty in the banking sector roiled investments across technology and information security, as per a report by Pinpoint Search Group.
“The City has no evidence of a breach of personal information of any employee or member of the public and is continuing to investigate the matter with the assistance of cybersecurity professionals,” officials said.
Blackberry's research team has reported a phishing campaign targeting the upcoming NATO Summit in Vilnius as well as an organization supporting Ukraine abroad. Security experts believe this could be a RomCom RAT’s rebranded operation. This execution chain also involves the abuse of the Follina bug, CVE-2022-30190. The summit is scheduled for July 11-12.
The company’s scheduled July Patch Tuesday rollout includes fixes for a dozen documented vulnerabilities in Adobe InDesign, including a bug serious enough to lead to arbitrary code execution attacks.
The group consisted of highly professional cybercriminals who posed as employees of legitimate Spanish banks to make fraudulent calls and SMS messages, Spanish authorities said.
Cybercriminals have been observed targeting Chinese-speaking Microsoft users with a tool called RedDriver that allows them to intercept web browser traffic. The authors of RedDriver also exhibited familiarity or experience with software development lifecycles. A previous version of RedDriver was bundled with software intended for use in internet cafes.
Shakeeb Ahmed, 34, of New York, has been charged with wire fraud and money laundering in connection with a scheme involving flash loans and inflated fees that were not legitimately earned.
Johns Hopkins University and its Johns Hopkins Health System are facing at least two proposed federal class action lawsuits filed in recent days following the institution's disclosure that it was among the victims of the MOVEit Transfer hacks.
Siemens has released five new advisories to inform customers about the availability of patches for more than 40 vulnerabilities. Meanwhile, Schneider Electric has released four new advisories covering six vulnerabilities in the company’s products.
A Moroccan man has been charged with four counts relating to a scheme to steal nearly half-a-million dollars’ worth of cryptocurrency and non-fungible tokens (NFT) from a US victim.
According to StormWall’s Q2 2023 Report, the United States, India, and China remain the most heavily targeted countries, bearing the brunt of the escalating DDoS attacks.
German enterprise software maker SAP on Tuesday announced the release of 16 new security notes as part of its July 2023 Security Patch Day. In addition, updates were announced for two previously released notes.
Three Twitter accounts that appear to have links to the Chinese government have been spreading propaganda in Latin America and successfully avoided Twitter's efforts to label state media, researchers said in an analysis published Tuesday.
The information and technology minister of Bangladesh, Zunaid Ahmed, told local media that the data was exposed due to security weaknesses of a website, not a cyberattack.
Trend Micro has attributed the new activity cluster to the same threat actor that was previously identified as behind the FiveSys rootkit, which came to light in October 2021.
The funds were raised in two investment rounds: $10 million in seed funding in 2021, and $20 million in a Series A funding round led by Canaan, with participation from previous investors Cyberstarts and Lightspeed.
The number of impacted clients has not been determined, but Deutsche Bank said they have all been informed accordingly on the direct impact and what precautions they should take regarding their exposed data.
The number of organizations affected by a recently exploited vulnerability in a popular file transfer tool surpassed 250 as major corporations like Radisson Hotels and two major insurance companies confirmed that their data was accessed by hackers.
Threat actors are increasingly using specialized mobile Android OS device spoofing techniques to get beyond anti-fraud measures by posing as compromised account holders. Cybersecurity firm Resecurity has identified a surge in the emergence of such types of tools on the dark web in Q1 2023. Payment firms, online show more ...
The total amount of ransom paid since 2020 is estimated to be at least $2 billion, and this has both motivated and enabled the groups who are profiting from this activity to become more professional.
"The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said.
At his first Senate confirmation hearing on Wednesday, Air Force Lt. Gen. Timothy Haugh, Cyber Command’s deputy chief, will explain how he plans to fill the shoes of Paul Nakasone.
The growing list of MOVEit cyberattack victims has grown. Sixty-two clients of Big Four accounting firm Ernst & Young now appear on the Clop ransomware group's data leak sites.
In Group-IB’s new Digital Risk Trends 2023 report, security researchers have recorded a 62% year-on-year (YoY) increase in phishing websites and a 304% surge in scam pages in 2022.
The vulnerability impacts FortiOS and FortiProxy versions 7.2.x and 7.0.x and was resolved in FortiOS versions 7.4.0, 7.2.4, and 7.0.11, and FortiProxy versions 7.2.3 and 7.0.10.
A British Crown Court on Tuesday lifted a reporting restriction, allowing the naming of teenager Arion Kurtaj who is accused of hacking Uber, Revolut, and video game developer Rockstar Games in a short period of time last September.
Ubuntu Security Notice 6220-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG show more ...
Red Hat Security Advisory 2023-4038-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
Ubuntu Security Notice 6218-1 - A use-after-free was discovered in Firefox when handling workers. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.
Red Hat Security Advisory 2023-4037-01 - An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides show more ...
The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hard-coded encryption key and missing file type validation on the ur_upload_profile_pic function in versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with subscriber-level capabilities or show more ...
Ubuntu Security Notice 6217-1 - McKee-Harris, Matt Cotterell, and Jack Moran discovered that .NET did not properly update account lockout maximum failed attempts. An attacker could possibly use this issue to bypass the security feature and attempt to guess more passwords for an account.
Red Hat Security Advisory 2023-4032-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
Frappe Framework (ERPNext) version 13.4.0 suffers from a remote code execution vulnerability.
Spring Cloud version 3.2.2 suffers from a remote command execution vulnerability.
Red Hat Security Advisory 2023-4039-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4034-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4033-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4036-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4035-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow and denial of service vulnerabilities.
Red Hat Security Advisory 2023-3976-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.24.
Red Hat Security Advisory 2023-4030-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Banner RotatorCMS version 1.0 suffers from a database disclosure vulnerability.
Avidi Media version 2.0 appears to leave default credentials installed after installation.
AtTestimonials CMS version 1.2 suffers from a missing authentication vulnerability.
Atom CMS version 2.0 suffers from a directory traversal vulnerability.
Nedal CMS version 1.2 suffers from a remote SQL injection vulnerability.
Asanhamayesh CMS version 3.4.6 suffers from a directory traversal vulnerability.
ARTISTRY LIMITED LMS version 0.5 appears to leave default credentials installed after installation.
Firedome's on device real-time detection, prevention and response along with Microsoft Defender for IoT cloud-based security provides a holistic view of IoT attacks for the first time.
Partnership program empowers underrepresented groups by removing barriers to entering the cybersecurity workforce.
Keeper Security highlights S&P Market Intelligence's latest research showing that lack of PAM is leaving SMBs vulnerable to attack.
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. Of the 132 vulnerabilities, nine are rated Critical, 122 are rated Important in severity, and one has been assigned a severity rating of "None." This is in addition to eight flaws the tech giant patched in
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said. "This is the first publicly
Ransomware has emerged as the only cryptocurrency-based crime to grow in 2023, with cybercriminals extorting nearly $175.8 million more than they did a year ago, according to findings from Chainalysis. "Ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June," the blockchain analytics firm said in a midyear crypto crime report
Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding unauthorized use, including data loss risks and legal consequences. In this article, we will explore the risks associated with AI implementation and discuss measures to minimize damages. Additionally, we will examine regulatory
Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations, some of which include government agencies, in a cyber espionage campaign designed to acquire confidential data. The attacks, which commenced on May 15, 2023, entailed access to email accounts affecting approximately 25 entities and a small number of related
Cybersecurity researchers have unearthed a novel rootkit signed by Microsoft that's engineered to communicate with an actor-controlled attack infrastructure. Trend Micro has attributed the activity cluster to the same actor that was previously identified as behind the FiveSys rootkit, which came to light in October 2021. "This malicious actor originates from China and their main victims are the
A British IT worker who exploited a ransomware attack against the company he worked for, in an attempt to extort money from them for himself, has been sentenced to jail for three years and seven months.
Here's a story of how an analysis of a supposed game cheat turned into the discovery of a powerful UEFI threat
