Digital wellbeing isnt just about privacy and protection against online scammers and equipment failure. Its also about having some level of control over our social networks, our screen time, and what we spend on digital services. These outlays are increasingly taking the form of subscriptions. Sure, recurring payments show more ...
The "MrTonyScam" has a surprisingly high success rate, spreading a Python-based stealer to some 100,000 business accounts per week.
Hospitality behemoth struggles to recover following a Sunday cyber incident that looks a lot like a ransomware attack.
The data security broker from Baffle brings field and file level encryption of sensitive data to new IBM Cloud Security Compliance Center.
The security vulnerability could lead to arbitrary code execution by way of application crashing.
Attacks against critical infrastructure are becoming more commonplace and, if a recent PRC-sponsored attack is anything to go by, easier to pull off.
State-sponsored attacks are alarming and difficult to prevent, but they suffer from a fundamental weakness that can be leveraged by defenders.
Vital medical equipment was unaffected, but attackers stole and leaked lots of personal data.
Telegram has not stated why it has suspended the group's primary account, but it is likely due to its use of bots.
By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want.
Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego.
In particular, China-affiliated actors are employing AI-generated media to target politically divisive topics such as gun violence and disparaging US political figures and symbols.
The incident occurred on September 4, when the Australian-Curaçaoan online platform Stake.com announced that hackers had stolen funds from its Ethereum (ETH) and Binance Smart Chain (BSC) hot wallets.
A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets' accounts.
At a recent summit, Anne Neuberger, deputy national security advisor for cyber and emerging technology, raised the possibility of a letter-grade rating that would hold key providers accountable for maintaining a certain level of cyber resilience.
Hospitality and entertainment giant MGM Resorts on Monday said a “cybersecurity issue” forced the shutdown of certain computer systems, including the websites for some of the biggest Las Vegas and New York properties.
Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user's interests from third-party cookies to the Chrome browser.
The attack likely started on August 26, 2023, when a gov[dot]lk domain user said they had received suspicious links over the past few weeks and that someone may have clicked one.
China's cyber espionage activities, including hacking into rival nations' digital systems, pose a significant threat to the government and private sector of Western countries.
Google on Monday released an emergency Chrome 116 security update to patch the fourth zero-day vulnerability discovered in the browser in 2023. Tracked as CVE-2023-4863, it is a critical severity heap buffer overflow issue in the WebP component.
One of Myanmar’s biggest and most powerful ethnic minority militias has arrested and repatriated more than 1,200 Chinese nationals allegedly involved in criminal online scam operations, an official of the group said Saturday.
Digital information exchange can be safer, cheaper and more environmentally friendly with the help of a new type of random number generator for encryption developed at Linköping University.
The Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog.
The hacker group Anonymous Sudan has launched a distributed denial-of-service (DDoS) attack against Telegram in retaliation to the messaging platform’s decision to suspend their primary account, threat intelligence firm SOCRadar reports.
The ransomware attack was first reported on September 7 by Hinds County administrator Kenny Wayne Jones. Hinds County government offices were forced to close last Thursday and Friday due to employees not being able to access their computers.
ESET researchers have identified a series of cyberattacks by the Iranian Charming Kitten group using a new Sponsor backdoor. The campaign, named "Sponsoring Access," targeted 34 organizations in Brazil, Israel, and the UAE. Researchers recommend defenders promptly patch any internet-exposed devices and stay watchful for any new applications within their organizations.
ESET is tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that the group primarily singles out education, government, and healthcare organizations, as well as human rights activists and journalists.
The regulator claimed that over half of women responding to a recent poll said that transparency over how their data is used (59%) and data security (57%) are bigger concerns when choosing an app than cost (55%) and ease of use (55%).
The WiKI-Eve attack is designed to intercept WiFi signals during password entry, so it's a real-time attack that must be carried out while the target actively uses their smartphone and attempts to access a specific application.
Reported ransomware attacks on organizations in the UK reached record levels last year, when criminals compromised data on potentially over 5.3 million people from over 700 organizations, according to a dataset published by the ICO.
A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines.
The new funding round, which brings the total raised by Binalyze to $30.5 million, was led by Molten Ventures, with participation from Earlybird Digital East, OpenOcean, Cisco Investments, Citi Ventures, and Deutsche Bank Corporate Venture Capital.
Cybercrime crew BianLian claims to have broken into the IT systems of a top non-profit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data.
Online banking fraud detection and prevention firm Cleafy today announced that it has raised €10 million ($10.7 million) in its first funding round, which was led by United Ventures.
A dark cloud of threats hovers over Windows users as security researchers uncovered a phishing campaign delivering Agent Tesla, OriginBotnet, and RedLine Clipper via maldocs. Attackers can extract a wide range of data from compromised systems, such as credentials, crypto wallet data, and other sensitive information. show more ...
Unlike other recent macOS malware, MetaStealer relies on social engineering tactics to persuade victims to launch malicious payloads, often disguised as legitimate files or software.
Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.
Ubuntu Security Notice 6237-3 - USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts.
Red Hat Security Advisory 2023-5061-01 - The dmidecode packages provide utilities for extracting Intel 64 and Intel Itanium hardware information from the system BIOS or Extensible Firmware Interface, depending on the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, and asset tag, as well as other details, depending on the manufacturer.
Ubuntu Security Notice 6339-3 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan show more ...
Ubuntu Security Notice 6164-2 - USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5094-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5068-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
Equipment Rental Script version 1.0 suffers from a remote SQL injection vulnerability.
Kolifa Download CMS version 1.2 suffers from an html injection vulnerability.
KALIMATAN GMS version 1.0.0 suffers from a cross site scripting vulnerability.
Kylin CMS version 1.3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2023-5044-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5049-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP response splitting vulnerability.
Red Hat Security Advisory 2023-5046-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5047-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5045-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5050-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP response splitting vulnerability.
Red Hat Security Advisory 2023-5048-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
Kaledo RD CMS version 1.0 suffers from a remote SQL injection vulnerability.
A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS businesses by posing as fake clients in order to socially engineer victims into launching malicious payloads," SentinelOne
Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash. Apple Security Engineering and Architecture (SEAR
A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "could allow an attacker to exploit a race condition within GitHub's repository creation and username renaming operations," Checkmarx security researcher Elad Rapoport said in a technical report shared with The Hacker News. "Successful exploitation of
SaaS applications are the backbone of modern businesses, constituting a staggering 70% of total software usage. Applications like Box, Google Workplace, and Microsoft 365 are integral to daily operations. This widespread adoption has transformed them into potential breeding grounds for cyber threats. Each SaaS application presents unique security challenges, and the landscape constantly evolves
A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. "The attackers managed to steal credentials and compromise multiple computers on the organization's network," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with
A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and OriginBotnet, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document as an attachment, presenting a deliberately blurred image and a counterfeit reCAPTCHA to lure the recipient into
State-sponsored hackers, backed by the regime in North Korea, are believed to be using zero-day exploits to target cybersecurity researchers working in the field of vulnerability research and development. Read more in my article on the Hot for Security blog.
Closing intrusion vectors force cybercriminals to revisit old attack avenues, but also to look for new ways to attack their victims
