Guess which of your possessions is the most active at collecting your personal information for analysis and resale? Your car. According to experts at the Mozilla Foundation, neither smart watches, smart speakers, surveillance cameras, nor any other gadgets analyzed by the Privacy Not Included project come close to the show more ...
One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their show more ...
Should CISOs include only known information in the SEC filings for a material security incident, or is there room to include details that may change during the investigation?
The hacktivists known as SiegedSec identify ICS targets, but there's no evidence of attacks yet.
Facing a potential cascade of legal challenges from industry groups and state attorneys general, the EPA has rescinded its cyber-rules. But where does that leave local water safety?
The CISO Survival Guide explores the complex and shifting challenges, perceptions, and innovations that will shape how organizations securely expand in the future.
If not correctly locked down, Jupyter Notebook offers a novel initial access vector that hackers can use to compromise enterprise cloud environments, as seen in a recent hacking incident.
The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge.
Endpoint management based on open source agents, such as osquery, could simplify IT management and security, while giving larger firms more customization options.
Building a culture of cybersecurity is achievable by acknowledging its importance and consistently reinforcing that message.
The router specialist says the attacker's claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish.
The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems.
Under the Security Appraisal Framework and Enablement (SAFE) program, device manufacturers would be able to work with approved auditors to verify firmware.
For Israeli startups and those closely linked to the country, the deepening crisis in the Middle East following the deadly Hamas attacks of Oct. 7 pose a fraught mix of complications.
The sensitive nature of medical records, combined with providers' focus on patient care, make small doctor's offices ideal targets for cyber extortion.
Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else.
Prove Identity, the smartphone-based identity verification startup formerly known as Payfone, has raised $40 million in funding co-led by MassMutual Ventures and Capital One Ventures.
Two federal class action lawsuits have been filed against IBM and Johnson & Johnson, alleging negligence in protecting sensitive health information and seeking financial damages and improved data security practices.
Hackers are targeting Israeli Android users by distributing a malicious version of the popular RedAlert – Rocket Alerts app, which acts as spyware and collects sensitive data from victims. To tackle the current threat, Android users are advised to avoid using internet URLs or third-party app stores to download the app.
The vulnerability stems from the use of the insecure randomness of the JavaScript Math.random() method, which can be exploited to predict and access restricted functionality.
The FBI has issued a warning about cybercriminals targeting plastic surgery offices through phishing attacks. These attackers gain access to the networks and steal sensitive data, including personal information and medical records.
Just 34% of organizations in the UK, France, and Germany are prepared for the EU's updated Network and Information Security Directive (NIS2), according to a survey by cybersecurity firm Sailpoint.
Security researchers have discovered a backdoor called BLOODALCHEMY that is part of the REF5961 intrusion set, believed to be linked to a group with ties to China, targeting governments and organizations in the ASEAN region.
The slow progress in implementing privacy requirements and the lack of resources and guidance for emerging technologies pose significant challenges for the government in addressing privacy risks.
The campaign involves malicious ads that redirect users to a fake Notepad++ website, where a system fingerprinting process takes place. If the user passes the checks, they are assigned a unique ID and given a time-sensitive download link.
Attackers are using Starjacking and Typosquatting techniques to inject malicious code into open-source projects, compromising developers' systems and stealing sensitive data.
The Malicious Packages Repository, which has already collected over 15,000 reports, provides a centralized database for shared intelligence, enabling early detection and prevention of malicious code in open-source projects.
AIDS Alabama has confirmed a data breach that occurred between October 2021 and August 2022. Sensitive personal information such as names, addresses, Social Security numbers, medical diagnoses, and more were compromised.
The threat actor behind Qubitstrike, likely from Tunisia, employs sophisticated techniques to evade detection and exploit cloud services, with the potential for carrying out various attacks on compromised systems.
The intelligence alliance emphasizes the importance of adopting security measures to protect staff and information in order to safeguard competitive advantage and shape the future of emerging technologies.
The NSA has released a new tool called ELITEWOLF to help defend critical infrastructure against cyber threats. It is a repository of Intrusion Detection Signatures and Analytics that can detect potentially malicious activity in OT environments.
Amazon has added passkey support as a passwordless login option, offering better protection against malware and phishing attacks. Passkeys make it easier for users to log in without the need for password managers or memorizing passwords.
The country's Computer Security Incident Response Team (CSIRT) confirmed the attack and urged all government agencies to take preventive measures, such as protecting backup copies of systems and limiting administrative permissions.
SEKOIA identified a threat called ClearFake that uses compromised WordPress sites to distribute malicious fake browser updates. This threat is likely operated by the same group behind SocGholish. It is to be noted that SocGholish operators had successfully leveraged this technique in 2022, which indicates that the show more ...
The breach occurred through an old D-View 6 system that reached its end of life in 2015. The compromised data was used for registration purposes and does not contain user IDs or financial information.
A critical security flaw in Citrix NetScaler ADC and Gateway appliances (CVE-2023-4966) is being actively exploited, potentially allowing hijacking of authenticated sessions and bypassing multi-factor authentication.
Oracle has released 387 new security patches to address vulnerabilities in its own code and third-party components, with over 40 patches addressing critical severity flaws.
The fraud prevention provider's $33 million Series C funding round brings the total raised by the company to $77 million. The new investment round was led by Nexus Venture Partners, with additional funding from Uncorrelated Ventures.
IT administrators are putting enterprise networks at risk by using weak passwords, including default passwords, leaving them vulnerable to cyberattacks, as per a new report by Outpost24.
The number of registered data brokers in states with operative registries does not accurately reflect the size and reach of the industry, raising concerns about non-compliance.
Red Hat Security Advisory 2023-5841-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5840-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5838-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5837-01 - nghttp2 contains the Hypertext Transfer Protocol version 2 client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5835-01 - The rhc-worker-script packages provide Remote Host Configuration worker for executing an interpreted programming language script on hosts managed by Red Hat Insights. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5810-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to show more ...
Red Hat Security Advisory 2023-5809-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to show more ...
Red Hat Security Advisory 2023-5805-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to show more ...
Red Hat Security Advisory 2023-5803-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5802-01 - Migration Toolkit for Runtimes 1.2.1 ZIP artifacts. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5801-01 - Migration Toolkit for Runtimes 1.2.1 Images. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5796-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and show more ...
Red Hat Security Advisory 2023-5794-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5790-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5789-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5788-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5787-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5786-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5784-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This show more ...
Red Hat Security Advisory 2023-5783-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This show more ...
Red Hat Security Advisory 2023-5710-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5707-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5706-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5705-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5679-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.39. Issues addressed include a denial of service vulnerability.
Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015," the company said. "The data was used for registration purposes back then. So far, no
Government entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. "The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, protected by hardware encryption to ensure the secure storage and transfer of data between computer systems," Kaspersky
A medium-severity flaw has been discovered in Synology's DiskStation Manager (DSM) that could be exploited to decipher an administrator's password and remotely hijack the account. "Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account,"
Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 (CVSS score: 9.4), the vulnerability impacts the following supported versions - NetScaler ADC and NetScaler Gateway 14.1 before 14.1-8.50 NetScaler ADC and NetScaler Gateway 13.1 before
In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don't just target single weaknesses; they're on the hunt for combinations of exposures and attack methods that can lead them to their desired objective. Despite the presence of numerous security tools, organizations often have to deal with two
A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate cloud service provider credentials following a successful compromise. "The payloads for the Qubitstrike campaign are
The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job. "The threat actor tricks job seekers on social media into opening malicious apps for fake job interviews," Kaspersky
Plastic surgeries have been warned that they are being targeted by cybercriminals plotting to steal sensitive data - ncluding patients' medical records and photographs - that will be later used for extortion. Read more in my article on the Tripwire State of Security blog.
How robust backup practices can help drive resilience and improve cyber-hygiene in your company
