Over the past decade, messaging apps such as WhatsApp and Telegram have become an integral part of life for almost every internet user. Billions of people use them to chat with loved ones, share funny pictures and videos with friends, communicate with coworkers, catch up on the news, and so on. Just try to imagine show more ...
The latest episode of the Transatlantic Cable podcast kicks off with Meta will now require political advertisers to mark when they use deepfakes. From there, the team discuss how META and Google are being sued for spying in Irish courts. To wrap up the team discuss two final stories – the first around the Royal show more ...
Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid out how they connected the extortion show more ...
Security budgets will benefit from new priorities, streamlined responses rather than wholesale cost-cutting in light of cyberattacks and increased regulatory requirements.
More than two-thirds of cybersecurity decision-makers say GenAI will open new avenues for attack for their businesses.
There's no time to waste: For organizations on the fence about patching the critical bug in ActiveMQ, the new proof-of-concept exploit should push them towards action.
Initial access brokers (IAB) are often difficult to track. This Tech Tip spells out some countermeasures enterprises need to defend against stolen credentials.
For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others.
The library said that it expects many of its services to be restored in the forthcoming weeks.
Building a resilient incident response team requires more than a simple combination of tools and on-call rotations.
People are not robots; their decisions are based on emotion as much as data. Often, this can lead them to make mistakes with serious security implications for the business.
More than half of organizations are nowhere near ditching passwords, even as cyberattackers continue to have a field day with workers' poor credential choices.
There's no time to waste: For organizations on the fence about patching the critical bug in ActiveMQ, the new proof-of-concept exploit should push them towards action.
At least four separate campaigns against CVE-2023-37580 in the popular Zimbra Collaboration Suite aimed to siphon up reams of sensitive mail data.
Vehicles are required to meet basic safety standards. Having similar requirements for software would give consumers greater control over their privacy and security.
Cybersecurity investment involves more than just buying security technologies — organizations are also looking at threat intelligence, risk assessment, cyber-insurance, and third-party risk management.
The security holes can allow server takeover, information theft, model poisoning, and more.
Cybercriminals are playing both sides with simple disaster scams, and it's working.
Academics in Germany figured out how to reverse time in AMD virtualization environments, then reap the spoils.
The security vulnerability in a component of a widely used JavaScript implementation of Bitcoin makes passwords guessable via brute-force attacks.
The ransomware attack targeted a file server and resulted in the theft of personal information belonging to employees, customers, volunteers, and donors, dating back to 1998.
The funding will be used to strengthen ALTR's market position in the cloud data access governance and security space, expand its reach across various data sources, and develop partner integrations and channel relations.
SAP Business One installation version 10.0 has an improper access control vulnerability that allows malicious users to read, write, and execute files in the SMB shared folder, posing a significant risk to confidentiality, integrity, and availability.
The funding round was led by Maor Investments and Ten Eleven Ventures. Vulcan Cyber aims to integrate third-party sensor data and build partnerships with technology vendors.
Researchers discovered vulnerabilities in Google Workspace that could lead to ransomware attacks, data theft, and password decryption. They exploit Google Credential Provider for Windows, allowing attackers to steal refresh tokens and bypass MFA.
CISA's roadmap outlines five key areas of focus, including responsible use of AI, secure adoption of AI-based software, protection against malicious use of AI, collaboration with partners, and workforce education on AI systems and techniques.
PJ&A's breach highlights the ongoing risk posed by third-party vendors in the healthcare industry, as they were responsible for 40% of major health data breaches reported to HHS OCR in 2023.
Rwanda and Qatar have formed a partnership to collaborate on cybersecurity strategies, with a focus on improving public key infrastructure and supporting AI research and development.
Enhanced coordination between the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and private sector partners has helped the US government in preventing and responding to the recent increase in ransomware attacks.
MeridianLink, a publicly traded software company, is facing pressure from the ransomware group after allegedly not responding to their ransom demands and failing to disclose the breach.
The Mexican online casino Strendus exposed sensitive user data, including home addresses and gambling amounts, due to poor cybersecurity practices and unauthorized access.
The St Helens Borough Council in northwest England has managed to restore most of its services after a ransomware attack, highlighting the increasing threat faced by local government authorities.
The researchers have engineered a better exploit that allows the threat actors to remain memory resident and avoid dropping their tools to disk, highlighting the urgency of patching and removing ActiveMQ servers from the internet.
Russian-speaking affiliates of the ALPHV/BlackCat ransomware gang are using malvertising for popular software to distribute the Nitrogen malware and infect organizations with ransomware.
The Rhysida attackers exploit vulnerabilities like the lack of Multi-Factor Authentication (MFA) and the Zerologon vulnerability to gain initial access and maintain a presence within victims' networks.
Hackers claiming responsibility for the breach have announced it on the Breach Forums. They allege to have stolen over 20GB of Plume's Wi-Fi database, containing 15 million lines of information.
Critical infrastructure, including water supplies and electricity grids, are likely targets for cyberattacks, along with the theft of military secrets and intellectual property.
The breach was caused by a hacker exploiting a vulnerability in a third-party application. Customer information such as names, phone numbers, postal and email addresses may have been exposed, but financial and password information remains unaffected.
The motive behind these cloned sites is likely to generate traffic for gambling operators, as they can serve third-party ads that publishers may be reluctant to carry on their own sites.
One of the vulnerabilities, known as "Reptar," affects Intel CPUs and could lead to system instability or privilege escalation. The other vulnerability, CVE-2023-46835, could allow malicious code in a guest VM to compromise an AMD-based host.
These vulnerabilities, including critical and high-severity bugs, can enable attackers to compromise networks, deploy malware, and disrupt services, highlighting the need for improved security measures in OT and IoT devices.
Scammers are exploiting the trust placed in reputable accounts by creating fake accounts with similar names and spreading fabricated security breach claims to deceive users into clicking on malicious links and revealing their wallet information.
Ubuntu Security Notice 6484-1 - It was discovered that OpenVPN incorrectly handled the --fragment option in certain configurations. A remote attacker could possibly use this issue to cause OpenVPN to crash, resulting in a denial of service. It was discovered that OpenVPN incorrectly handled certain memory operations. show more ...
Debian Linux Security Advisory 5556-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Ubuntu Security Notice 6480-1 - Barry Dorrans discovered that .NET did not properly implement certain security features for Blazor server forms. An attacker could possibly use this issue to bypass validation, which could trigger unintended actions. Piotr Bazydlo discovered that .NET did not properly handle untrusted show more ...
Debian Linux Security Advisory 5555-1 - Two vulnerabilities were discovered in openvpn, a virtual private network application which could result in memory disclosure or denial of service.
Ubuntu Security Notice 6483-1 - Neeraj Pal discovered that HTML Tidy incorrectly handled parsing certain HTML data. If a user or automated system were tricked into parsing specially crafted HTML data, a remote attacker could cause HTML Tidy to consume resources, leading to a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 6482-1 - It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service.
Ubuntu Security Notice 6481-1 - It was discovered that FRR incorrectly handled certain malformed NLRI data. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. It was discovered that FRR incorrectly handled certain BGP UPDATE messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service.
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
Red Hat Security Advisory 2023-7294-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support.
Red Hat Security Advisory 2023-7288-01 - An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
Red Hat Security Advisory 2023-7279-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7277-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7276-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7267-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7265-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7264-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7263-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7262-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7261-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7260-01 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7259-01 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7258-01 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7257-01 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7256-01 - An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-7255-01 - An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successful cyberattacks show more ...
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light in 2021. "DarkCasino is an APT threat actor with strong technical and learning ability, who is good
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). "Observed as a ransomware-as-a-service (RaaS)
According to recent research on employee offboarding, 70% of IT professionals say they’ve experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn't deprovisioned, a surprise bill for resources that aren’t in use anymore, or a missed handoff of a critical resource or account. This is despite an average of five hours
A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. "Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with GCPW installed, gain access
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News. The flaw, tracked as CVE-2023-37580 (CVSS score:
Who's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
How much contact and personal information do you give away in your LinkedIn profile and who can see it? Here’s why less may be more.
How much contact and personal information do you give away in your LinkedIn profile and who can see it? Here’s why less may be more.
