The rise of generative AI is creating new ways to both attack and defend assets. Which threats are solid and which are vapor?
A widespread disinformation campaign aimed at Americans wasn't that effective, but it was certainly creative, even slipping in influence articles to legitimate news outlets like AZCentral.com.
Complex security issues arise when different clouds and computing models interact.
The North Korean APT is setting up legitimate accounts on GitHub and social media platforms to pose as developers or recruiters — ultimately to fool targets into loading npm repositories with malicious code.
KillNet is amassing members, capabilities, and know-how, as it looks to consolidate cybercrime power under its own umbrella.
Cl0p stands to make $100M on the MOVEit campaign, and according to a just-released survey, more than half of businesses are willing to pass data breach costs onto customers.
The security vulnerabilities allow full takeover of Atlassian instances, so admins should patch now.
Researchers at Check Point Software have discovered a new phishing scam campaign that exploits Google Docs to distribute illegitimate URLs and steal cryptocurrency credentials.
The China-linked threat actors behind the theft of U.S. State Department and other Microsoft customer emails may have gained access to applications beyond Exchange Online and Outlook.com, according to a report released Friday by Wiz.
The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom.
U.S. enterprises are responding to growing cybersecurity threats by working to make the best use of tools and services to ensure business resilience, according to an ISG report.
The attackers employed deceptive tactics such as creating fake LinkedIn profiles to appear credible and using customized command and control (C2) centers for each target, exploiting legitimate services for illicit activities.
As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps.
In its latest advisory, India's federal cybersecurity agency warned of a ransomware called 'Akira' that steals vital personal information and encrypts data leading to extortion of money from people.
Google’s malware scanning platform VirusTotal published an apology on Friday after hundreds of individuals working for defense and intelligence agencies globally had their names and email addresses accidentally exposed by an employee.
According to a Coveware report, in the second quarter of 2023, the percentage of ransomware attacks resulting in payment decreased to a record low of 34%. This is attributed to companies investing in security measures and incident response training.
Seven leading AI companies, including Amazon, Anthropic, Google, Meta, Microsoft, OpenAI, and Inflection, have committed to building secure systems and increasing transparency regarding model behavior, The White House announced Friday.
For the first time, the banking sector has been explicitly targeted by two distinct Open-Source Software (OSS) supply chain attacks that enabled attackers to stealthily overlay the banking sites. Organizations must equip themselves with the best early threat alerting and sharing platforms that can enable them to promptly identify the risks and perform threat assessment in real-time.
The flaws, discovered by Mandiant on February 28, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, and June 26, respectively.
Twelve Norwegian government ministries have been hit by a cyberattack, the Norwegian government said on Monday, the latest attack to hit the public sector of Europe's largest gas supplier and NATO's northernmost member.
Details have emerged about a now-patched flaw in OpenSSH that could be exploited to run arbitrary commands remotely. The vulnerability is being tracked under the CVE identifier CVE-2023-38408. It impacts all versions of OpenSSH before 9.3p2.
Cybersecurity researcher Erhad Husovic published a blog post in late June to disclose the details of a local privilege escalation vulnerability discovered in Perimeter81’s macOS application.
The most severe of these issues, tracked as CVE-2023-22508 (CVSS score of 8.5), was introduced in Confluence version 7.4.0. The second bug, tracked as CVE-2023-22505 (CVSS score of 8.0), was introduced in Confluence version 8.0.0.
ASEC discovered that the North Korean state-sponsored Lazarus APT group is attacking Windows Internet Information Service (IIS) web servers and using them to distribute malware. It is imperative for organizations to adopt stringent measures, including attack surface management, to identify exposed assets and continuously apply the latest security patches.
A new exploit technique targeting a recent Citrix Application Delivery Controller (ADC) and Gateway vulnerability can be used against thousands of unpatched devices, cybersecurity firm Bishop Fox claims.
Debian Linux Security Advisory 5457-1 - An anonymous researcher discovered that processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Red Hat Security Advisory 2023-4166-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.
Omnis Studio version 10.22.00 suffers from a locked class bypass vulnerability.
Omnis Studio version 10.22.00 suffers from a private library access bypass vulnerability.
Perch version 3.2 suffers from a cross site scripting vulnerability.
Perch version 3.2 suffers from a remote code execution vulnerability.
Red Hat Security Advisory 2023-4233-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.
mooDating version 1.2 suffers from a cross site scripting vulnerability.
CMSctweb Creative version 1.0 suffers from a cross site scripting vulnerability.
CMS Ultimate Solutions DreamSus version 1.4 suffers from a cross site scripting vulnerability.
WordPress Page Builder KingComposer plugin version 2.9.6 suffers from an open redirection vulnerability.
WordPress Image Optimization plugin version 3.8.2 suffers from an open redirection vulnerability.
CMS Ultimate Solutions DreamSus version 1.4 suffers from a remote shell upload vulnerability.
Considering adopting extended detection and response (XDR) in your cybersecurity defense program? Here's what you need to know about the technology platform.
Learn the importance of adding security practices into DevOps life cycles and how to make security stronger.
Funding will accelerate platform innovation as organizations scale trust across privacy, security, ethics, and ESG.
Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the banking sector. "These attacks showcased advanced techniques, including targeting specific components in web assets of the victim bank by attaching malicious functionalities to it," Checkmarx said in a report published last week. "The attackers
Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks. The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and
Google has announced that it intends to add support for Message Layer Security (MLS) to its Messages service for Android and open source implementation of the specification. "Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform," Giles Hogben, privacy engineering
The healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven’t changed in 2023. The U.S. Government’s Office for Civil Rights reported 145 data breaches in the United States during the first quarter of this year. That follows 707 incidents a year ago, during which over 50 million records were
Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent," Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.
Some employees at Google will have internet access from their desktop PCs significantly restricted, with only internal web-based tools and Google-owned sites such as Google Drive, Google Maps, and Gmail accessible. But will such an approach protect the tech giant from attacks? Read more in my article on the Hot for Security blog.
