Over the first 23 years of this century, the Linux operating system has become as ubiquitous as Windows. Although only 3% of people use it on their laptops and PCs, Linux dominates the Internet of Things, and is also the most popular server OS. You almost certainly have at least one Linux device at home — your Wi-Fi show more ...
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to show more ...
It's important to know the difference between the two terms. Here's why.
Kenyan data protection regulator issues monetary penalties to multiple firms for improper handling of personal data.
Researchers spot attackers using an existing phishing obfuscation tactic in order to better ensure recipients fall for their scam.
One of the already-patched flaws enables elevation of privilege, while the other enables remote code execution.
Sophisticated attacks on MGM and Caesars underscore the reality that even robust identity and access management may not be enough to protect you.
Sophisticated hackers are rewriting router firmware in real time and hiding their footprints, leaving defenders with hardly a fighting chance.
The US government aims to support open source projects, while the European Union seeks to make open source projects liable for their software. Which approach will lead to more security?
It's the latest step in the gradual shift away from traditional passwords.
A new Xenomorph malware campaign was detected in August 2023. It appears to have widened its target scope, including financial institutions and crypto-wallet apps, with each sample aiming at over 100 different targets. This Android malware leverages its Automated Transfer System for versatile actions based on specific conditions. With the emergence of this variant, researchers anticipate more attacks in the future.
The complainant alleges that ChatGPT generated false information about them and that OpenAI failed to address their concerns regarding the processing of their personal data, violating GDPR requirements.
The PQC Coalition features Microsoft, IBM Quantum, MITRE, PQShield, SandboxAQ, and the University of Waterloo among its founding members. The goal will be to improve the uptake of PQC in commercial and open-source technologies.
The majority of the leaked files seem to originate from servers associated with Creators Cloud, and the hackers have not provided evidence that all Sony systems have been compromised.
Microsoft updated Windows 11 on Tuesday to simplify passwordless adoption, protect against malicious code, and have the ability to refresh configuration in the event of tampering.
The vulnerability in libwebp, which stems from an issue in the Huffman coding algorithm, can result in out-of-bounds data writing to the heap when processing specially crafted WebP lossless files.
The cyberattack on the entity on October 2, 2022, resulted in about $160 million in damages, including lost revenue, remediation costs, and related expenses, not counting insurance recoveries, according to CommonSpirit.
The ZeroFont phishing technique exploits flaws in AI and natural language processing systems to insert hidden words or characters in emails, evading security filters and tricking recipients.
The group's malware includes trojans named DangerAds and AtlasAgent, with AtlasAgent being a custom C++ trojan that can execute various commands and evade detection by security tools.
Ukrainian cyber defenders are girding for an onslaught of cyberattacks against energy and other critical infrastructure sectors as cold weather returns to the country, currently in its second year of fending off a Russian war of conquest.
The Philippine Health Insurance Corporation (PhilHealth), which manages the country's universal healthcare system, has been hit by a ransomware attack. The incident forced the organization to shut down several websites and portals.
Pension providers reported a staggering quadruple-digit percentage increase in data breaches to the UK regulator last year, according to new data compiled by professional services firm RPC.
The attack affected key systems and financial information, making it difficult for the company to secure investment and funding, ultimately leading to job losses for hundreds of employees.
A global survey by Keeper Security highlighted the shortcomings in reporting cyberattacks and breaches. It found that 40% of IT and security leaders had experienced a cyberattack, while 74% were concerned about future cybersecurity disasters.
A new report from Akamai revealed that financial services organizations in the EMEA region suffered around one billion web app and API attacks during the period, with insurance the most attacked sub-sector, accounting for 55% of all web attacks.
The US Cybersecurity and Infrastructure Security Agency (CISA) has published new guidance designed to improve the accuracy of risk assessments related to hardware products in the supply chain.
CISOs often face being used as scapegoats for security incidents, leading to high turnover rates in the role. Lack of board support and prioritization of cybersecurity contributes to CISO churn.
The leak consisted of publicly accessible environment files hosted on the airline's website. It included MySQL database credentials, SMTP configuration, and other sensitive information, potentially allowing unauthorized access and phishing attacks.
While certified election systems are regularly tested, this represents the first time that manufacturers have voluntarily opened their systems to third-party scrutiny as part of a vulnerability disclosure process.
The new attack method, named GPU.zip, was discovered and detailed by representatives of the University of Texas at Austin, Carnegie Mellon University, University of Washington, and University of Illinois Urbana-Champaign.
The leaked data, including email and password pairs, provides cybercriminals with almost limitless attack capabilities, making affected users vulnerable to targeted phishing campaigns.
The attack involves creating fake commit messages titled "fix" to introduce malware that extracts secrets from targeted repositories and steals passwords from web-form submissions.
Researchers have discovered the infrastructure linked to a threat group called ShadowSyndicate, believed to have launched attacks using seven distinct ransomware families in the last year. ShadowSyndicate has been identified as using a consistent SSH fingerprint across 85 servers.
A new malware strain called ZenRAT has emerged in the wild to steal information from Windows systems. It was initially discovered on a website pretending to be associated with the open-source password manager Bitwarden. People should be wary of ads in search engine results as they remain a major driver of malware infection.
This Metasploit module takes advantage of a bug in the way Windows error reporting opens the report parser. If you open a report, Windows uses a relative path to locate the rendering program. By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary executable as SYSTEM. If the current user is a local admin, the system will attempt impersonation and the exploit will fail.
Whitepaper called Everlasting ROBOT: the Marvin Attack. In this paper, the author shows that Bleichenbacher-style attacks on RSA decryption are not only still possible, but also that vulnerable implementations are common. The Marvin Attack is a return of a 25 year old vulnerability that allows performing RSA show more ...
Ubuntu Security Notice 6399-1 - It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP request Smuggling attack.
Ubuntu Security Notice 6398-1 - It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks. A remote attacker could possibly use this issue to trick the local DLNA server to leak information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was show more ...
Ubuntu Security Notice 6387-2 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that show more ...
Ubuntu Security Notice 6397-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the show more ...
Ubuntu Security Notice 6396-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Daniel Moghimi discovered that some Intel Processors did show more ...
Red Hat Security Advisory 2023-5353-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-5362-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
Red Hat Security Advisory 2023-5361-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, bypass, and denial of service vulnerabilities.
Red Hat Security Advisory 2023-5360-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
Red Hat Security Advisory 2023-5363-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
Ubuntu Security Notice 6361-2 - USN-6361-1 fixed a vulnerability in CUPS. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents.
Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild. Tracked as CVE-2023-5129, the issue has been given the maximum severity score of 10.0 on the CVSS rating system. It has been described as an issue rooted in the Huffman coding algorithm - With a specially
A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager. "The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint said in a technical report. "The malware is a modular remote access trojan (RAT) with information
A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage. "This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression," a group of academics from the University of Texas at Austin, Carnegie Mellon University, University of
Data security is in the headlines often, and it’s almost never for a positive reason. Major breaches, new ways to hack into an organization’s supposedly secure data, and other threats make the news because well, it’s scary — and expensive. Data breaches, ransomware and malware attacks, and other cybercrime might be pricey to prevent, but they are even more costly when they occur, with the
A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a "high technical level and cautious attack attitude," adding that "the phishing attack activity captured this time is part of the attacker's targeted strike on
UK charities including Shelter, the RSPCA, the Dogs Trust, Battersea Dogs and Cats Home, and Friends of the Earth have warned their supporters that hackers have stolen their data following a breach at a supplier.
While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles
