As youve probably heard, Mark Zuckerberg has launched a Twitter competitor that goes by the name of Threads. So, lets have a look at how things are with privacy there. What is Threads and how does it operate? Threads is not a fully independent social network. Technically, its a continuation of Instagram, hived off show more ...
The Middle East and Africa region saw a whopping 135% increase in scams over the past year, with finance, telecommunications, and logistics the most-targeted sectors.
We rely on them for communications, military activity, and everyday tasks. How long before attackers really start to look up at the stars?
Risk reduction is the new gold standard for cybersecurity awareness training.
A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections.
Because digital substations are critical elements of electrical systems, they are a prime target for sophisticated cyberattacks.
A bug in Zimbra email servers is already being exploited in the wild, Google TAG researchers warn.
A software bills of materials standard gets an update, but the driver is compliance rather than security.
A flaw in the REST API of Cisco's SD_WAN vManage software could allow remote, unauthenticated attackers to perform data exfiltration.
Citrix addressed a critical vulnerability, tracked as CVE-2023-24492 (CVSS score of 9.6), affecting the Secure Access client for Ubuntu that could be exploited to achieve remote code execution.
During this week’s NATO summit in Vilnius, Lithuania, allies agreed to a number of new cybersecurity pledges. The substance of these commitments has not been detailed — the documents themselves are classified — but here’s what we do know.
FortiGuard Labs claimed to have found several Office maldocs purposed to exploit known vulnerabilities, specifically CVE-2021-40444 and CVE-2022-30190 (Follina). Researchers noted that the version of Lokibot used in the campaign includes MD5 hash. This version of Lokibot info-stealer seems to have appeared first in March.
In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on GitHub, concealing a backdoor with a "crafty" persistence method.
Security researchers published its Digital Risk Trends 2023 report and noted a significant rise in phishing websites, with a 62% year-on-year growth, and a surge of 304% in scam pages. Scammers exhibited a particular interest in brands from the APAC and MEA regions. Organizations must implement robust security measures and foster a proactive cybersecurity culture among employees.
Ukraine’s Computer Emergency Response Team (CERT-UA) has attributed the July campaign to the threat actor group UNC1151, as a part of the GhostWriter operational activities allegedly linked to the Belarusian government.
“A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced,” reads the advisory published by the company.
Mandiant outlined how two USB malware campaigns have been observed this year; one named 'Sogu,' attributed to a Chinese espionage threat group 'TEMP.HEX,' and another named 'Snowydrive,' attributed to UNC4698, which targets Asian oil and gas firms.
Reportedly, Armis detected these flaws in May 2022 and informed Honeywell about 13 code issues found in the Experion C300 controllers and server, which were later rolled into nine new vulnerabilities.
Barracuda Networks teamed up with Columbia University to analyze over 300,000 extortion emails tracked by the firm over a one-year period. They looked specifically at the Bitcoin addresses used by the scammers in order to discern specific trends.
With a recent $50 million Series C funding round led by Paladin Capital Group, Secure Code Warrior plans to improve its platform and expand its workforce to meet the growing demand for cybersecurity skills training.
Multiple hardcoded credentials found on the Technicolor TG670 DSL gateway router allow attackers to completely take over devices, the CERT Coordination Center (CERT/CC) warns.
The NRC said it immediately suspended the database to protect the data and prevent further attacks. They also launched an external forensic investigation to determine the scope and impact of the cyberattack.
Comparitech analyzed 225 confirmed cyberattacks on the sector over the past five years and found that the average organization loses two weeks in downtime due to an incident.
A new version of the Common Vulnerability Scoring System (CVSS 4.0) has been unveiled publicly by the Forum of Incident Response and Security Teams (FIRST) on July 13, 2023.
Residents of Cornelius, North Carolina, are dealing with delayed or unavailable services after a ransomware attack earlier this week. Officials said, on July 11, they discovered a cybersecurity incident later determined to be a ransomware attack.
In a recent development, Apple has taken down a fake version of the popular Threads app from its App Store in Europe. The fake app, developed by SocialKit LTD, had been soaring up the charts of the most downloaded apps.
This week, the Cl0p ransomware gang published Shutterfly's name on its data leak site, among other companies it has targeted, largely via the MOVEit SQL Injection vulnerability, tracked as CVE-2023-34362.
Cisco’s cybersecurity shopping spree hit another gear Thursday with the planned acquisition of Oort, an early-stage startup selling software in the Identity Threat Detection and Response (ITDR) category.
A majority of the infections are located in the U.K. and the U.S., followed by Argentina, Nigeria, Brazil, Italy, Bangladesh, Vietnam, India, Russia, and South Africa, among others.
It was discovered that AIOS version 5.1.9 writes plaintext passwords from login attempts to the database, which essentially provides any privileged user with access to the login credentials of all other administrator users.
The BlackLotus source code that was published on GitHub on Wednesday has been stripped of the ‘Baton Drop’ exploit targeting CVE-2022-21894, and uses the bootlicker UEFI firmware rootkit, but contains the rest of the original code.
The inclusion of the four vulnerabilities — CVE-2023-32046, CVE-2023-32049, CVE-2023-35311, and CVE-2023-36874 — into CISA’s catalog means the bugs are already being exploited by hackers.
The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read or limited write permissions to the configuration of the affected instance.
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
Ubuntu Security Notice 6230-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor.
Ubuntu Security Notice 6229-1 - It was discovered that LibTIFF was not properly handling variables used to perform memory management operations when processing an image through tiffcrop, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute show more ...
BloodBank version 1.0 suffers from a cross site scripting vulnerability.
Blogator version 0.93 suffers from a cross site scripting vulnerability.
Bigware Shop version 2.3 suffers from a cross site scripting vulnerability.
Bazaar Social Listing Shopping Web PHP Template version 2.3.2 suffers from a cross site scripting vulnerability.
A new malware strain has been found covertly targeting small office/home office (SOHO) routers for more than two years, infiltrating over 70,000 devices and creating a botnet with 40,000 nodes spanning 20 countries. Lumen Black Lotus Labs has dubbed the malware AVrecon, making it the third such strain to focus on SOHO routers after ZuoRAT and HiatusRAT over the past year. "This makes AVrecon one
Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. "A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced," the company said in an advisory. It also said that the issue has been addressed and that it's expected to
As security practices continue to evolve, one primary concern persists in the minds of security professionals—the risk of employees unintentionally or deliberately exposing vital information. Insider threats, whether originating from deliberate actions or accidental incidents, pose a significant challenge to safeguarding sensitive data. To effectively address insider risks, organizations must
All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users' passwords being added to the database in plaintext format. "A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them," UpdraftPlus, the maintainers of AIOS,
A malicious actor has been linked to a cloud credential stealing campaign in June 2023 that's focused on Azure and Google Cloud Platform (GCP) services, marking the adversary's expansion in targeting beyond Amazon Web Services (AWS). The findings come from SentinelOne and Permiso, which said the "campaigns share similarity with tools attributed to the notorious TeamTNT cryptojacking crew,"
Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system (DCS) and QuickBlox, that, if successfully exploited, could result in severe compromise of affected systems. Dubbed Crit.IX, the nine flaws in the Honeywell Experion DCS platform allow for "unauthorized remote code execution, which means an attacker would have
Going for a jog can be bad for your privacy (but even worse for your health), and Britain's consumer finance champion finds his face is being faked. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
A computer security engineer has been charged in connection with a multi-million dollar hack of a cryptocurrency exchange. Read more in my article on the Hot for Security blog.
A London court has heard that two British teens hacked and blackmailed a series of companies, causing millions of dollars worth of damage. Read more in my article on the Hot for Security blog.
A federal grand jury has indicted a former employee of a contractor operating a California town's wastewater treatment facility, alleging that he remotely turned off critical systems and could have endangered public health and safety. Read more in my article on the Tripwire State of Security blog.
Here's how cybercriminals have adjusted their tactics in response to Microsoft's stricter security policies, plus other interesting findings from ESET's new Threat Report
