Most smartphones have an average of around 80 installed apps, of which at least 30% are never used since most are forgotten about. But such ballast is harmful: theres less free space on the device; potential bugs and compatibility issues multiply; and even unused apps at times distract you with pointless alerts. To show more ...
A more proactive approach to fighting cyberattacks for US companies and agencies is shaping up under the CISA's proposal to emphasize real-time attack detection and response.
The agency, known as JAXA, has shut down parts of its network as it conducts an investigation to discover the scope and impact of the breach.
Saudi companies are seeking extra help in droves, because of a lack of tools and personnel.
Enterprise security goes beyond tech leadership, and beyond the CISO's office. Achieving cybersecurity and resilience is a team effort, and requires building a culture of security awareness.
Apparently all it takes to get a chatbot to start spilling its secrets is prompting it to repeat certain words like "poem" forever.
UAE security leaders warn that people, tech, and process gaps are exposing their organizations to cybercrime.
An ESA cybersecurity expert explains how space-based data and services benefit from public investment in space programs.
Hundreds of consumer and enterprise-grade x86 and ARM devices from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover.
Sanctions on Kimsuky/APT43 focuses the world on disrupting DPRK regime's sprawling cybercrime operations, expert says.
Vigil focuses on identifying prompt injections, jailbreaks, and other potential vulnerabilities. Its creator, Adam M. Swanda, developed the tool to improve security practices around LLM applications.
The campaign involves the use of Windows Shortcut files embedded with malicious JavaScript to deliver the components of the trojan, and there are indications that a Chinese-speaking threat actor is behind the attacks based on the samples.
The vulnerability arises from the failure to safely sanitize user-supplied extensible stylesheet language transformations (XSLT), enabling attackers to upload malicious XSLT and gain remote access to Splunk Enterprise instances.
The two actively exploited security flaws, CVE-2023-42916 and CVE-2023-42917, were found in the WebKit web browser engine and could leak sensitive information or allow arbitrary code execution.
North Texas Municipal Water District (NTMWD) has experienced a cyberattack on its business computer network, but its core water, wastewater, and solid waste services remain unaffected.
Vitalii Chychasov, a Ukrainian citizen, has been sentenced to eight years in prison for running a marketplace that sold personal information of millions of Americans, impacting about 24 million people in total.
Integration of RETVec in Gmail has significantly improved spam detection rates, reduced false positives, and decreased computational costs, making it ideal for large-scale applications and on-device models.
The new SEC rules on cybersecurity risk management and incident disclosure will require publicly traded companies to reevaluate their security strategies and provide investors with a greater understanding of the cyber threats they face.
LogoFAIL is a set of security vulnerabilities that affect the image-parsing components in the UEFI code used by various vendors. These vulnerabilities can be exploited to hijack the booting process and deliver bootkits.
WhatsApp has introduced a new Secret Code feature that allows users to set a custom password to hide and protect their locked chats. The Chat Lock feature automatically conceals locked chat details from notifications.
The attack, initiated through a spearphishing email, exposed failures in the council's cybersecurity measures, including the lack of a security information and event management system, hindering the investigation and remediation process.
Black Basta has collected over $100 million in ransom payments from over 90 victims since April 2022. High-profile victims targeted by Black Basta include the American Dental Association, Sobeys, Knauf, Yellow Pages Canada, and Rheinmetall.
The integration of BlueVoyant and Conquest Cyber will provide customers with more self-service capabilities and autonomous operations through the use of AI, machine learning, and virtual data lakes.
A new set of tools, including a backdoor, a credential-stealing module, and a customized version of Mimikatz, has been used in targeted attacks against organizations in the Middle East, Africa, and the U.S.
Meta has disrupted influence operations from China and Russia, highlighting the challenges posed by generative artificial intelligence and the use of perception hacking to sow doubt in democratic processes.
The impact of the cyberattack on MGM Resorts was largely felt in September and has been mostly resolved by October, with the company reporting that business is back to normal.
XDSpy has a history of targeting Russia's government, military, financial institutions, as well as energy, research, and mining companies, demonstrating a focus on strategic organizations in Eastern Europe.
Researchers from Google DeepMind, Cornell University, and other institutions have discovered that the popular AI chatbot ChatGPT is susceptible to leaking data when prompted to repeat certain words.
Kimsuky is known for its aggressive social engineering tactics and targets governments, nuclear organizations, and foreign relations entities to gather intelligence for North Korea's interests.
This archive contains all of the 49 exploits added to Packet Storm in November, 2023.
Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Kopage Website Builder version 4.4.15 suffers from a persistent cross site scripting vulnerability.
Ubuntu Security Notice 6502-4 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered show more ...
Ubuntu Security Notice 6496-2 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered show more ...
Ubuntu Security Notice 6495-2 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Manfred Rudigier discovered that the Intel PCI-Express Gigabit Ethernet driver show more ...
Ubuntu Security Notice 6494-2 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not show more ...
Red Hat Security Advisory 2023-7617-02 - Red Hat Build of Apache Camel for Quarkus 3.2.0 is now available.
Red Hat Security Advisory 2023-7616-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7341-01 - An update is now available for Red Hat Quay 3.
WBCE CMS version 1.6.1 suffers from a remote shell upload vulnerability.
Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 (CVSS score: 9.8) - A command injection vulnerability that could allow an
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue that could be exploited to
The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks reached 800 Gbps, but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through Gcore’s defenses, perpetrators made two attempts with two different strategies.
Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform. The feature has been described as an "additional way to protect those chats and make them harder to find if someone has access to your phone or you share a phone with someone else." Secret Code builds on another feature
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to have facilitated sanctions evasion. The agents, the Treasury said, helped in "revenue generation and missile-related technology procurement that support the DPRK's
Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023. "Spreading primarily through messaging services, it combines app-based malware with social engineering to defraud banking customers," Oslo-based mobile app
The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot malware and botnet. While the operation was successful in disrupting this long-running threat, concerns have arisen as it appears that Qakbot may still pose a danger in a reduced form. This article discusses the aftermath of the takedown, provides mitigation
A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan called SugarGh0st RAT. The activity, which commenced no later than August 2023, leverages two different infection sequences to deliver the malware, which is a customized variant of Gh0st RAT
Several cases of children creating indecent images of other children using AI software add to the worries about harmful uses of AI technology
