Microsoft has confirmed CrowdStrike’s analysis of the root cause of the July 19 global Windows outage – and outlined plans to work with anti-malware vendors to help prevent similar events in the future. In a July 27 blog post by David Weston, Microsoft’s VP for Enterprise and OS Security, the software giant show more ...
Cyble Research & Intelligence Labs (CRIL) researchers have analyzed more than 100 security vulnerabilities in the last two weeks, with flaws in IT products from SolarWinds, Cisco, Ivanti, Microsoft, Exim and GitLab warranting particularly close attention by security teams. To help security staff focus their show more ...
In a startling revelation, cybersecurity experts have uncovered a sophisticated malware distribution network known as the Stargazers Ghost Network. Operated by the threat actor dubbed "Stargazer Goblin," this elaborate scheme involves over 3,000 fake GitHub accounts used to disseminate a variety of show more ...
South Korea has recently disclosed a data breach involving its Korea Defense Intelligence Command (KDIC), a critical arm of the nation’s military intelligence apparatus. The South Korea data breach reveals that a substantial amount of sensitive information, including personal data about KDIC agents stationed abroad, show more ...
According to the Reserve Bank of India (RBI), the average cost of a data breach in India reached $2.18 million last year. The RBI cybersecurity report, released by the central bank today, shared statistics on cybercrime in India, along with details on the most vulnerable industries. The report also highlighted show more ...
In a key step to improve maritime safety in the Asia-Pacific region, top diplomats from Japan, the United States, Australia, and India met in Tokyo earlier this week. This meeting, part of the ongoing Quad talks, focused on boosting maritime security and strengthening cybersecurity across the region. The gathering show more ...
The Malaysian Digital Ministry is increasing efforts to secure the country's digital landscape as it attracts major investments from foreign investors. Digital Minister Gobind Singh Deo has announced plans to establish a separate data committee, which could evolve into a data commission by March 2025. The show more ...
Draper, Utah-based HealthEquity, a prominent financial technology and business services company, has confirmed a significant data breach affecting millions of individuals. The breach, discovered in March and confirmed in June 2024, involved unauthorized access to sensitive personal information (PII) of 4.3 million show more ...
A coordinated attack on fiber optic cables disrupted multiple telecommunication services in France overnight. Major providers, including SFR, Free, and Alphalink, reported network outages and degraded performance, impacting both fixed-line and mobile users. The fiber optic cable sabotage incident, described as show more ...
Atlanta, GA – July 26, 2024 – Cyble, a leading cyber threat intelligence 2024 provider, has been named the Leader in The Frost Radar™ Cyber Threat Intelligence 2024 by Frost & Sullivan, marking a significant milestone in the global cybersecurity landscape. This recognition highlights Cyble’s exceptional show more ...
The telecommunications industry stands at the crossroads of innovation and vulnerability. As one of the backbone industries of digital economies, telcos handle vast amounts of sensitive data, making them prime targets for cybercriminals. According to SecurityScorecard’s research, 85 per cent of the top telecom show more ...
Casper Network has halted all operations due to a cyberattack on its blockchain platform. The Casper Network security breach was detected by the IT team, who swiftly collaborated with network validators to freeze the system and prevent any further exploitation. This measure aims to safeguard user assets and maintain show more ...
Weve recently improved the accuracy of detecting spear phishing and business email compromise (BEC) attacks by adding a tiny but important check to our email security products. Now, if our mail-protection engine flags an email as suspicious for whatever reason, we match the domain in the From header against that in show more ...
One threat actor claims to have already gathered email addresses and associated hashes from more than 110 remote IT management databases.
Despite getting help, NIST is not keeping up with new vulnerability reports for the National Vulnerabilities Database, according to an analysis from Fortress Information Security.
_mundissima_alamy.jpg)
Microsoft says that its initial estimate of 8.5 million PCs affected was only a subset of the affected number of machines in the crash.
_Anton_Gvozdikov_Alamy.jpg)
This year's conference will be a treasure trove of insights for cybersecurity professionals.
A large text-message phishing attack campaign attributed to the China-based Smishing Triad employs malicious iMessages.
An attack flow that combines API flaws within "log in with" implementations and Web injection bugs could affect millions of websites.
Security presence has been heightened in Paris to ensure that the Games are safe, and Israeli athletes have been provided with even more protection.
The operation started in France on July 18, 2024, and is anticipated to extend to other countries like Malta, Portugal, Croatia, Slovakia, and Austria. Victims in France will be individually notified by the ANSSI about the clean-up process.
Existing investors Greylock Partners, Cyberstarts, Insight Partners, and Index Ventures are collectively described as “leading” the round. Dazz, which launched in 2021, has now raised around $110 million in total.
The flaw in the Jetson Linux component of the JetPack SDK impacts devices such as the Jetson AGX Xavier Series, Jetson Xavier NX, Jetson TX1, Jetson TX2 Series, and Jetson Nano.
OSC&R report reveals that 95% organizations face high software supply chain risks. Despite advancements in application security programs, more work is needed to manage risks effectively.
Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted.
The Gh0st RAT Trojan is being distributed to Chinese Windows users through a fake Chrome website. The malware has been around since 2008 and has evolved over the years, often used by cyberespionage groups in China.
Companies are reevaluating their cybersecurity defenses in response to the rise of AI-generated deepfake attacks and identity fraud. According to GetApp, 73% of US organizations have already developed deepfake response plans.
The malware is designed to target only 64 specific machines, attempting to exfiltrate Google Cloud Platform credentials for potential follow-on attacks such as data theft and malware implantation.
Most CISOs are feeling unprepared for new compliance regulations, such as the SEC’s cybersecurity disclosure rules in the USA and the Digital Operational Resilience Act (DORA) in the EU, presenting a significant challenge.
GenAI-related domains are being registered daily with suspicious activity, including those linked to malware like ransomware and phishing. The trend in GenAI-related domain registrations mirrors industry milestones.
The White House and CISA have named key cybersecurity officials as part of their national resilience strategy rollout. Harry Wingo will become the deputy national cyber director, while Bridget Bean is set to be the new executive director at CISA.
Meta has taken down 63,000 Instagram accounts in Nigeria involved in sextortion scams, including a network of 2,500 accounts linked to 20 individuals targeting adult men in the US.
According to an analysis by TRM Labs, Russian-speaking threat actors were responsible for over 69% of all ransomware-related cryptocurrency earnings in the past year, amounting to more than $500 million.
Despite bans, organizations are widespread in using AI code tools, causing security concerns, as reported by Checkmarx. While 15% prohibit AI tools for code generation, a staggering 99% still use them.
U.S. senators have raised concerns about how car companies handle consumer data, revealing that major automakers share and sell drivers' information without proper consent.
WhatsApp currently blocks certain file types considered risky, but Python and PHP scripts are not included in the blocklist. Security researcher Saumyajeet Das identified this vulnerability while testing file attachments in WhatsApp conversations.
The National Vulnerability Database (NVD), maintained by the National Institute of Standards and Technology (NIST), currently has a backlog of over 16,000 vulnerabilities, with an average daily influx of more than 100 new security flaws.
The vulnerability (CVE-2023-45249) was patched nine months ago but is still being exploited in attacks. Admins are advised to update their systems immediately to prevent unauthorized remote code execution.
An authenticated command injection vulnerability exists in MyPRO versions 8.28.0 and below from mySCADA. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of NT AUTHORITYSYSTEM.
Ubuntu Security Notice 6926-1 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was show more ...
Ubuntu Security Notice 6925-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Blog Site version 1.0 suffers from a remote SQL injection vulnerability.
Debian Linux Security Advisory 5734-2 - The security update announced as DSA 5734-1 caused a regression on configurations using the Samba DLZ module. Updated packages are now available to correct this issue.
QuickJob version 6.1 suffers from an ignored default credential vulnerability.
Prison Management System version version 1.0 suffers from an ignored default credential vulnerability.
Ubuntu Security Notice 6924-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Ubuntu Security Notice 6921-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor show more ...
Ubuntu Security Notice 6923-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor show more ...
Telegram for Android suffers from a use-after-free vulnerability in Connection::onReceivedData.
PowerVR has an issue where wrapping addition in _DevmemXReservationPageAddress() causes an MMU operation at the wrong address.
PowerVR has integer overflows in DevmemXIntMapPages() and DevmemXIntUnmapPages(), exploitable as dangling GPU page table entries.
PowerVR PMR allows physical memory to be freed before GPU TLB invalidation.
Ubuntu Security Notice 6922-1 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Chenyuan Yang discovered that the Unsorted Block Images flash show more ...
Ubuntu Security Notice 6920-1 - It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could use this issue to potentially escalate their privileges via local access. It was discovered that EDK II had an insufficient memory show more ...
Ubuntu Security Notice 6916-1 - It was discovered that Lua did not properly generate code when "_ENV" is constant. An attacker could possibly use this issue to cause a denial of service or execute arbitrary unstrusted lua code. It was discovered that Lua did not properly handle C stack overflows during error handling. An attacker could possibly use this issue to cause a denial of service.
Pharmacy Management System version 1.0 suffers from an ignored default credential vulnerability.
Online Payment Hub System version 1.0 suffers from an ignored default credential vulnerability.
Ubuntu Security Notice 6918-1 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Ubuntu Security Notice 6919-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. It was discovered that the ATA over show more ...
Ubuntu Security Notice 6917-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software show more ...
Innue Business Live Chat version 2.5 suffers from an ignored default credential vulnerability.
Red Hat Security Advisory 2024-4902-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include double free and null pointer vulnerabilities.
Red Hat Security Advisory 2024-4896-03 - An update for python3.11 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a traversal vulnerability.
The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website ("chrome-web[.]com") serving malicious installer packages masquerading as Google's Chrome browser, indicating that users searching for the software on the
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000 accounts on the cloud-based code hosting platform, spans thousands of repositories that are used to
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various legitimate companies. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive
Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and
Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords. The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) - &
Hackers have released internal documents stolen from one of America's largest IT services providers, which counts various US government agencies, including the Department of Defense, amongst its customers. Read more in my article on the Hot for Security blog.
Ever attuned to the latest trends, cybercriminals distribute malicious tools that pose as ChatGPT, Midjourney and other generative AI assistants
