Airbnb is a very handy service that makes life easier for millions of travelers worldwide. But popular doesnt mean problem-free. On the contrary, its universality makes it more of a target for scammers looking to maximize the number of their potential victims. This post walks you through the main dangers you might show more ...
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it show more ...
Recent regulations for privacy, AI, and breaches tend to be overly broad, suggesting that the rulemakers lack tech acumen.
More tech giants turn to the Rust programming language for its built-in memory safety and other security features.
It is unclear who the threat actors were or what kind of cyberattack was attempted on the observatory, but for now it, and a sister site in Chile, remain closed to the skies.
The incident marks the second time since 2019 that a misconfiguration could have let threat actors "have it their way" when it comes to BK's data.
Tailor your business project proposal to suit the language your company's CISO speaks, be it business, technical, or compliance. Do your research first and gather support from around the company.
The cyberattacks used the legitimate Salesforce.com domain by chaining the vulnerability to an abuse of Facebook's Web games platform, slipping past email protections.
SynSaber’s analysis, conducted in collaboration with the ICS Advisory Project, shows that CISA published 185 ICS advisories in the first half of 2023, down from 205 in the first half of 2022.
Dozens of vulnerabilities impacting the Milesight UR32L industrial router could be exploited to execute arbitrary code or commands, Cisco’s Talos security researchers warn.
Researchers warned of a new hVNC malware targeting macOS devices. The malware, advertised on a Russian hacker forum, has been available since April 2023. It provides threat actors with stealthy remote control over infected machines with reverse shell, file management, and browser detection capabilities. to protect your systems, updating to the versions above 13.2 is suggested.
The list of LOLBAS files - legitimate binaries and scripts present in Windows that can be abused for malicious purposes, will soon include the main executables for Microsoft’s Outlook email client and Access database management system.
The cipher, designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication at Tohoku University, addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.
Rilide was first documented by the cybersecurity company in April 2023, uncovering two different attack chains that made use of Ekipa RAT and Aurora Stealer to deploy rogue browser extensions capable of data and crypto theft.
The five key risk areas are misconfigurations, external-facing vulnerabilities, weaponized vulnerabilities, malware inside a cloud environment, and remediation lag (that is, delays in patching).
While the Common Vulnerabilities and Exposures (CVE) Program published over 25,000 new security vulnerabilities until the end of 2022, only five vulnerabilities made it to the list of the top 12 flaws exploited in attacks the same year.
Scammers were found impersonating Flipper Devices and offering free FlipperZero gadgets in exchange for completing an offer. However, the website directs users to insecure browser extensions and fraudulent sites. The real Flipper Devices warns users to be cautious, as they have no affiliation with the fake site. The show more ...
About 55% of all cloud compromises analyzed by Google Cloud’s incident response teams during the quarter were the result of weak or nonexistent passwords, the company said in its Threat Horizons Report.
Most medical infusion pumps sold via secondary market sources still contain Wi-Fi configuration settings from the original organization that deployed them, cybersecurity firm Rapid7 has discovered.
The National Science Foundation’s NOIRLab did not respond to requests for comment but published a notice on Tuesday night explaining that the lab had discovered an attempted cyberattack on its systems that morning.
A rather sophisticated version of the Rilide malware was identified targeting Chromium-based web browsers to steal sensitive data and cryptocurrency. Experts identified over 1,300 phishing websites distributing the new version of Rilide Stealer along with other harmful malware such as Bumblebee, IcedID, and show more ...
On June 1st, 2023, the Cybernews research team discovered a publicly accessible environment file (.env) belonging to Burger King’s French website, containing various credentials. The file was hosted on the subdomain used for posting job offers.
"Campaigns using versioning commonly target users' credentials, data, and finances," Google Cybersecurity Action Team (GCAT) said in its August 2023 Threat Horizons Report shared with The Hacker News.
The database, hosted on Oracle’s cloud and more than 1.7 terabytes in size at the time it was exposed, contained customer’s personal information, including names, gender, dates of birth, home addresses, flight information and passport numbers.
The personal information compromised in the attack includes any combination of the following: name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits for the year.
Debian Linux Security Advisory 5466-1 - It was discovered that ntpd in ntpsec, a secure, hardened, and improved implementation derived from the original NTP project, could crash if NTS is disabled and an NTS-enabled client request (mode 3) is received.
The Canon PIXMA TR4550 stores sensitive data, such as the SSID and the Wi-Fi pre-shared key (PSK), unencrypted in its persistent storage (EEPROM). Resetting the product to factory settings does not securely delete this sensitive information. Versions 1.020 and 1.080 are affected.
Ubuntu Security Notice 6274-1 - Jurien de Jong discovered that XMLTooling did not properly handle certain KeyInfo element content within an XML signature. An attacker could possibly use this issue to achieve server-side request forgery.
This Metasploit module exploits an authenticated file upload vulnerability in Subrion CMS versions 4.2.1 and lower. The vulnerability is caused by the .htaccess file not preventing the execution of .pht, .phar, and .xhtml files. Files with these extensions are not included in the .htaccess blacklist, hence these files show more ...
A vulnerability exists within Citrix ADC that allows an unauthenticated attacker to trigger a stack buffer overflow of the nsppe process by making a specially crafted HTTP GET request. Successful exploitation results in remote code execution as root.
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
Debian Linux Security Advisory 5464-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, spoofing or sandbox bypass.
WordPress Adivaha Travel plugin version 2.3 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2023-4475-01 - Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include bug fixes and container upgrades.
Ubuntu Security Notice 6273-1 - Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that poppler show more ...
Debian Linux Security Advisory 5465-1 - Seokchan Yoon discovered that missing sanitising in the email and URL validators of Django, a Python web development framework, could result in denial of service.
Red Hat Security Advisory 2023-4471-01 - Red Hat OpenShift Serverless Client kn 1.29.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.29.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements.
Xlight FTP Server version 3.9.3.6 suffers from a stack buffer overflow vulnerability.
Red Hat Security Advisory 2023-4472-01 - Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13. This release includes security and bug fixes, and enhancements.
Ubuntu Security Notice 5064-3 - USN-5064-1 fixed a vulnerability in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.
WordPress EventON Calendar plugin version 4.4 suffers from an insecure direct object reference vulnerability.
WordPress Ninja Forms plugin version 3.6.25 suffers from a cross site scripting vulnerability.
Ubuntu Security Notice 6275-1 - Addison Crump discovered that Cargo incorrectly set file permissions on UNIX-like systems when extracting crate archives. If the crate would contain files writable by any user, a local attacker could possibly use this issue to execute code as another user.
COURIER DEPRIXA version 2.5 suffers from a cross site request forgery vulnerability.
Webedition CMS version 2.9.8.8 suffers from a persistent cross site scripting vulnerability.
Webedition CMS version 2.9.8.8 suffers from a remote code execution vulnerability.
Webutler version 3.2 suffers from a remote shell upload vulnerability.
Red Hat Security Advisory 2023-4461-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.
Ubuntu Security Notice 6272-1 - Motoyasu Saburi discovered that OpenJDK 20 incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. Eirik Bjørsnøs discovered that OpenJDK 20 incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service.
Videoplay version 1.3.0 appears to leave default credentials installed after installation.
A four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. "In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," cybersecurity and intelligence agencies from the Five
A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following the seizure of roughly 95,000 of the stolen
Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security and identity teams face inherent obstacles during the PAM journey, hindering these solutions from reaching their full potential. These challenges deprive organizations of the resilience they seek, making it essential to address them
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demonstrated increasing functionality and refinement," hours after which they were removed and re-uploaded under different
Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. Read more in my article on the Tripwire State of Security blog.
When you invest in a company, do you check its cybersecurity? The U.S. Securities and Exchange Commission has adopted new cybersecurity rules.
