For some, Twitch streaming brings fame and fortune. The platforms genre diversity has long transcended the boundaries of video games: artists, athletes and even bicycle couriers have all found appreciative audiences. From professional gamers to guitarists, all are united by the desire to connect with fans and earn a show more ...
We kick off Episode 311 of the Transatlantic Cable Podcast by talking about how Mexican cartels are using the US governments CBP One app to help immigrants make their way through Mexico to the US borders. Then, were heading over to Finland, where theyve seen a crazy increase in ransomware attacks ever since they show more ...
The new group has already made an impact in multiple countries and industries, including a multistate hospital chain in the US.
Both threats to enterprises and career opportunities are being created by the escalation of generative AI and ChatGPT, warns Maria 'Azeria' Markstedter.
Perception Point's Din Serussi says browser extensions can help mitigate more sophisticated phishing techniques.
Microsoft Defender for Cloud CSPM, which provides risk and compliance monitoring of AWS, Azure, and on-premises cloud, is finally adding GCP to the mix.
The four finalists in the startup competition tackled problems in firmware security, cloud infrastructure, open source software, and vulnerability remediation.
Governor Kathy Hochul has made cybersecurity a key priority, with New York's first chief cyber officer, Colin Ahern, leading the effort.
In an annual survey, 62% of respondents admited their threat intel efforts need stepping up.
Strategically investing in solutions that meet you where you are makes all the difference in staying secure from cyber threats.
The US National Security Agency aims to attract students to cybersecurity in general and its own open positions in particular: 3,000 new jobs this year.
Researchers have observed China's UNC4841 dropping the backdoor on Barracuda's email security appliances, in a spiraling cyber-espionage campaign.
Disguised as harmless PDF documents, LNK files trigger a PowerShell script, initiating a Rust-based injector called Freeze[.]rs and a host of malware infections.
The most serious of the patched flaws, based on their CVSS score, are 18 high-severity issues allowing privilege escalation or, in a few cases, denial-of-service (DoS) attacks.
Tampa General Hospital is facing at least three proposed federal class action lawsuits filed in recent days following the nonprofit Florida healthcare provider's disclosure late last month of a data theft incident that affected 1.3 million people.
FortiGuard Labs has discovered a new injector written in the programming language Rust, which injects shellcode and introduces a malware called XWorm into a victim's system.
The $17.7 million insider funding round brings the total raised by the data security company to more than $35 million. ForgePoint Capital, Prefix Capital, W11 Capital Management, and TSG (The Syndicate Group) participated in the latest funding round.
German software giant SAP has fixed more than a dozen new vulnerabilities with its August 2023 Patch Tuesday updates, including a critical flaw affecting the company’s PowerDesigner data modeling and enterprise architecture product.
Ransomware groups are shifting their tactics from relying on phishing methods and are now prioritizing the exploitation of vulnerabilities to exfiltrate data from victims' systems. Additionally, these groups have adopted a more assertive strategy to extort and capitalize on vulnerabilities. They even invest in show more ...
Anewly identified cyberespionage group in Belarus is targeting foreign embassies often with the assistance of local internet service providers, researchers with the cybersecurity firm ESET said Thursday.
The acquisition comes amid a major funding crunch for startups. Perimeter 81’s exit is coming at a big discount to its last valuation: It raised $100 million in June 2022 at a $1 billion valuation, according to PitchBook data.
Researchers observed that Statc Stealer can steal user’s cookies data, web data, local state, data preferences, login data, various different wallets information, FileZilla, browser autofills, Anydesk, ronin_edge, Metamask, and Telegram data.
The vulnerability, tracked as CVE-2023-38180, was fixed by Microsoft with its August 2023 Patch Tuesday updates, which also address CVE-2023-36884, an Office vulnerability exploited by Russian threat actors.
Over the course of three months beginning in January 2023, Sophos X-Ops investigated four different ransomware attacks, one involving Hive, two by Royal, and one by Black Basta, and noticed distinct similarities between the attacks.
Critical vulnerabilities discovered by IoT and industrial cybersecurity firm Claroty in Western Digital (WD) and Synology network-attached storage (NAS) products could have exposed the files of millions of users.
Alternative education options, such as vocational-technical schooling and industry-relevant certifications, offer cost-effective pathways for aspiring cybersecurity professionals.
Proofpoint came across EvilProxy, a phishing platform, being used in a large-scale campaign targeting MFA-protected Microsoft 365 accounts, with over 120,000 phishing emails sent to more than hundreds of organizations. The campaign primarily targeted high-ranking executives. Organizations must enhance their email and web security to defend against advanced hybrid threats.
The Federal Office for the Protection of the Constitution (BfV) reported it had found concrete attempts by the group known as Charming Kitten to target the Iranian opposition and exiles based in Germany.
Intelligence gathered in cyberspace is helping Ukraine understand Russia's plans and stop the enemy from carrying them out, according to the country’s top cyber and information security official.
The flaw, tracked as CVE-2023-39250, is caused by a static AES encryption key, shared across all installs, that is used to encrypt the vCenter credentials stored in the program's configuration file.
The NSA Codebreaker Challenge is a competition for high school and university students across the US that started in 2013 to explain what the missions of NSA agents are using fictitious scenarios.
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory detailing the malware, dubbed “Whirlpool.” It claimed the backdoor established a TLS reverse shell to a command-and-control (C2) server.
Indian lawmakers Wednesday approved a data protection legislation that “seeks to better regulate big tech firms and penalize companies for data breaches” as several groups expressed concern over citizens’ privacy rights.
The LockBit gang added 15 victims to its leak site on Wednesday including El Cerrito, which is home to more than 25,000 residents and is about 10 minutes north of Oakland.
The strategy’s primary pillars – unification, resilience, and preparedness – are designed to enable New York State to not only deter cyberattacks but also neutralize potential threats effectively.
Security researchers at Akamai say they have identified a server-side template injection campaign aimed at Magneto 2 shops that have yet to address CVE-2022-24086, an input validation flaw with a CVSS score of 9.8.
The remote code execution bugs, in particular, could be abused to backdoor OT devices and interfere with the functioning of programmable logic controllers (PLCs) in a manner that could pave the way for information theft.
Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks.
Debian Linux Security Advisory 5475-1 - Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode show more ...
Debian Linux Security Advisory 5474-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.
Ubuntu Security Notice 6278-2 - USN-6278-1 fixed several vulnerabilities in .NET. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that .NET did properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code execution.
Ubuntu Security Notice 6277-2 - USN-6277-1 fixed vulnerabilities in Dompdf. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
Ubuntu Security Notice 6282-1 - Jackson Henry discovered that Velocity Tools incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code.
TP-Link Archer AX21 suffers from an unauthenticated remote command injection vulnerability.
systemd version 246 suffers from a local root privilege escalation vulnerability.
Maltrail version 0.53 suffers from an unauthenticated remote code execution vulnerability.
Request-Baskets version 1.2.1 suffers from a server-side request forgery vulnerability.
OutSystems Service Studio version 11.53.30 suffers from a dll hijacking vulnerability.
i2soft CMS version 2.0 suffers from an insecure direct object reference vulnerability.
helloGTX Travel Portal CRM version 1.6 suffers from an insecure direct object reference vulnerability.
FlatApp Premium Admin Dashboard version 1.0 suffers from a remote SQL injection vulnerability.
Greeva version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Easy Web Portal version 2.1.1 suffers from a cross site scripting vulnerability.
Easy Password Manager version 1.1 suffers from an administrative information disclosure vulnerability.
Easy Member Pro version 3.0 suffers from an insecure direct object reference vulnerability.
DigaSell Digital Store PHP Script version 1.0.0 suffers from a cross site scripting vulnerability.
A set of 16 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47378 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-38180 (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It
An unknown threat actor has been linked to a cyber attack on a power generation company in South Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. "The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a South African nation's critical infrastructure," Kurt Baumgartner, principal security researcher at
Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O'Brien said in a post published Thursday. Kyber was chosen by the U.S. Department of Commerce's
The Chinese threat actor known as APT31 (aka Bronze Vinewood, Judgement Panda, or Violet Typhoon) has been linked to a set of advanced backdoors that are capable of exfiltrating harvested sensitive information to Dropbox. The malware is part of a broader collection of more than 15 implants that have been put to use by the adversary in attacks targeting industrial organizations in Eastern Europe
A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets," ESET security researcher Matthieu
I doubt there will be many people shedding tears at the news that a stalkerware company has announced it is permanently ceasing operations at the end of this month - after it suffered a devastating data breach. Read more in my article on the Hot for Security blog.
Unsurprisingly, artificial intelligence took the center stage at this year's edition of Black Hat, one of the world's largest gatherings of cybersecurity professionals
What happens to cyberweapons after a cyberwar?
