Cyberthreat researchers have of late been sounding the alarm about the rising danger of deepfakes. In particular, they advise to not trust your ears: in the digital age of artificial intelligence the voice at the other end of the line may not belong to whom you think. Speaking of which, any guesses what people were show more ...
A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it.
Only a quarter of hospitals have implemented the strongest level of DMARC, with a third running any version of the email validation protocol.
The TeamTNT threat actor appears to be setting the stage for broader cloud worm attacks, researchers say.
Artificial intelligence can be tricked into making password-based authentication even weaker.
July's updates contained 100+ patches and security policy notes, leaving vulnerability management teams stressed and scrambling to prioritize. We're here to help find some zen.
A few days ago, an attacker leveraged a cross-site scripting (XSS) vulnerability to deface pages on some popular instances, including Lemmy.world, the most popular instance, which has over 100,000 users.
Financial Conduct Authority (FCA) CEO, Nikhil Rathi, said in a speech delivered at the offices of The Economist this week, “We will remain super vigilant on how firms mitigate cyber-risks and fraud given the likelihood that these will rise.”
The move follows urgent calls for the FCC to update its E-rate program to cover advanced firewalls and other network security measures. The pilot program is part of FCC Chairwoman Jessica Rosenworcel’s Learn Without Limits initiative.
The plan contains 69 initiatives focused on defending critical infrastructure, disrupting threat actors, shaping market forces, investing in resilience, and forging international partnerships.
A malicious actor has been linked to a cloud credential stealing campaign in June 2023 that's focused on Azure and Google Cloud Platform (GCP) services, marking the adversary's expansion in targeting beyond Amazon Web Services (AWS).
Facebook and Microsoft’s collective dominance as the most spoofed brands continued into H1 2023, with the former accounting for 18% of all phishing URLs and the latter accounting for 15%, according to Vade.
Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface.
The U.S. Environmental Protection Agency is criticizing a decision by a federal appellate court to place a temporary hold on a new rule that would add cybersecurity assessments to audits of public water systems.
The criminal group behind the cyber fraud platform Genesis Market claimed on Thursday that it had been sold to an unidentified buyer a few months after U.S. authorities sanctioned the platform and seized some of its domains.
In what is shaping up to be a widespread privacy controversy, Spotify has come under scrutiny following allegations by users that the music streaming service made their private playlists public without their consent.
Led by Lightspeed, the new round saw participation from existing investors Endiya Partners, Kalaari Capital, and MassMutual Ventures. Zluri helps organizations manage SaaS apps, mitigate security risks, and optimize costs, from a single dashboard.
The incident serves as a reminder that even seemingly legitimate apps can harbor dangerous intentions, highlighting the importance of staying informed and vigilant against cyber threats.
Cybersecurity firm Trend Micro identified three entities in Pakistan targeted by Shadowpad last year: an unnamed government agency, a state bank, and a telecommunications provider.
Hillsborough County said they've mailed notification letters to 70,636 people who are clients of Healthcare services and vendors of aging services who they know were impacted.
The Russia-linked APT group employs spear-phishing emails and messages, such as on Telegram and Signal, to trick victims into opening malicious attachments. Gamaredon uses malware and PowerShell scripts for reconnaissance and executing commands.
A stealthy Linux malware, dubbed AVrecon, was found targeting more than 70,000 Linux-based SOHO routers at least since May 2021. It reportedly hijacked these devices to form a botnet that could steal bandwidth and provide a hidden residential proxy service. A total of 15 second-stage control servers were discovered by security researchers. It has marked its presence in more than 20 countries.
The fact that WormGPT operates without any ethical boundaries underscores the threat posed by generative AI, even permitting novice cybercriminals to launch attacks swiftly and at scale without having the technical wherewithal to do so.
Researchers with Veriti are warning about “over 700 domains related to Threads being registered daily” in recent weeks, offering an Android version of the app for download outside of Google’s official app store.
Tracked as CVE-2023-38203 (CVSS score of 9.8), the flaw is described as “deserialization of untrusted data” in ColdFusion versions 2023, 2021, and?2018. This allows an attacker to use specially crafted data to trigger the execution of arbitrary code.
Threat actors are taking advantage of Android's WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information.
US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of a highly targeted attack focused on a limited set of customers.
Debian Linux Security Advisory 5454-1 - Riccardo Bonafede discovered that the Kanboard project management software was susceptible to SQL injection.
Travelable version 1.0 suffers from a persistent cross site scripting vulnerability.
BloodBank version 1.1 suffers from a remote SQL injection vulnerability.
Ubuntu Security Notice 6184-2 - USN-6184-1 fixed a vulnerability in CUPS. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that CUPS incorrectly handled certain memory operations. An attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service, or to possibly obtain sensitive information.
BloodBank version 1.1 suffers from a cross site scripting vulnerability.
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
Carlisting version 1.6 suffers from a cross site scripting vulnerability.
Pluck version 4.7.18 suffers from a remote code execution vulnerability.
Carlisting version 1.6 suffers from a remote SQL injection vulnerability.
RecipePoint version 1.9 suffers from a remote SQL injection vulnerability.
Cisco UCS-IMC Supervisor version 2.2.0.0 suffers from an authentication bypass vulnerability.
Debian Linux Security Advisory 5453-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Lawyer CMS version 1.6 suffers from a cross site scripting vulnerability.
JobSeeker version 1.5 suffers from a cross site scripting vulnerability.
News Portal version 4.0 suffers from a remote SQL injection vulnerability.
Ecommerce version 1.15 suffers from a cross site scripting vulnerability.
Insurance version 1.2 suffers from a cross site scripting vulnerability.
Debian Linux Security Advisory 5452-1 - Multiple security issues were discovered in the GPAC multimedia framework which could result in denial of service or the execution of arbitrary code.
ProjeQtOr Project Management System version 10.4.1 suffers from multiple cross site scripting vulnerabilities.
MineStack version 1.0 suffers from a persistent cross site scripting vulnerability.
EX-RATE version 1.0 suffers from a persistent cross site scripting vulnerability.
WinterCMS versions prior to 1.2.3 suffer from a persistent cross site scripting vulnerability.
Montage version 1.0 suffers from a persistent cross site scripting vulnerability.
Wedding Wonders version 1.0 suffers from a persistent cross site scripting vulnerability.
Admidio version 4.2.10 suffers from a remote code execution vulnerability.
Cyber threats are intensifying even as budgets are being scrutinized. Now, more than ever, security and finance professionals need to align on cybersecurity strategies.
SaaS security posture management helps mitigate common threats posed by malicious or negligent insiders.
The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. "As a vector of primary compromise, for the most part, emails and messages in messengers (Telegram, WhatsApp, Signal) are used, in most cases, using previously compromised accounts," the Computer Emergency Response Team of Ukraine (CERT-UA) said in
Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It primarily targets Windows systems and aims to gather sensitive information from
The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but what steps actually make sense for your business? For anyone ready to find an attack surface management (ASM) vendor, review these six questions before getting started to understand the key features to
Cyber attacks using infected USB infection drives as an initial access vector have witnessed a three-fold increase in the first half of 2023, That's according to new findings from Mandiant, which detailed two such campaigns – SOGU and SNOWYDRIVE – targeting both public and private sector entities across the world. SOGU is the "most prevalent USB-based cyber espionage attack using USB flash
Threat actors are taking advantage of Android's WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information. "The attack began with victims receiving SMS messages suggesting the need to update a mobile banking application," researchers from CSIRT KNF said in an analysis released last week. "The
