Researchers have uncovered a sophisticated phishing scam targeting participants of the World Agricultural Cycling Competition (WACC). The campaign cleverly mimics the official WACC website to deceive users into downloading malicious software. The phishing site at the center of the scam, hosted at "wacc[. show more ...
Between the Black Hat and DEF CON conferences and Patch Tuesday, it’s been a very busy week for security vulnerabilities. Cyble researchers investigated 40 vulnerabilities in their Aug. 7-13 report for subscribers, and focused on 10 flaws in particular, in products from SAP, Ivanti, AMD, Microsoft, Cisco and show more ...
As the United States gears up for what is anticipated to be a highly active US general election 2024 season, the Cybersecurity and Infrastructure Security Agency (CISA) has intensified its efforts to collaborate with election officials across the country. Nowhere has this collaboration been more pronounced than in show more ...
The investigation into the University of Winnipeg data breach has now concluded, and the University has updated its notification to reflect the expanded scope of the breach. According to the latest update, the data exposed in University of Winnipeg cyberattack spans a significant period and affects various student show more ...
Healthcare data breaches have surged over the years, with the number of reported incidents nearly doubling from 329 in 2016 to 739 in 2023. This sharp rise shows the critical need for strong healthcare data protection strategies, as breaches in 2023 alone compromised over 136 million individual records—more than show more ...
A cyberattack has recently rocked Greater Manchester, compromising the security of several local councils and leaving thousands of residents vulnerable to a phishing scam. The Greater Manchester cyberattack, which initially targeted a single borough before spreading, has had a major impact on the housing websites show more ...
In a joint effort to address the growing concerns surrounding election-day cybersecurity, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a new public service announcement. Their message, titled "Just So You Know: Ransomware Disruptions During show more ...
Two U.S. lawmakers have called on the Biden administration to investigate TP-Link Technology Co. Ltd., a major Chinese manufacturer of WiFi routers. Representatives John Moolenaar and Raja Krishnamoorthi, leaders of the House Select Committee on China, have expressed serious apprehensions about potential national show more ...
As cyber threats become increasingly sophisticated, the need for effective cyber hygiene has never been more critical. CEOs are at the forefront of defending their organizations against digital threats, and leveraging specialized tools such as take down services is essential in this fight. Take down services are show more ...
The Central Bank of Iran (CBI) and several other banks in the country fell victim to a significant cyberattack on August 14, 2024. This incident has sent shockwaves through the already tense geopolitical climate in the Middle East. While the full extent of the damage and the culprit behind the attack remain unclear, show more ...
In a significant move to fortify the security posture of its cloud platform, Microsoft is implementing mandatory Multi-Factor Authentication (MFA) for all Azure sign-ins. This multi-layered approach, rolling out in phases starting October 2024, aims to significantly reduce the risk of unauthorized access and bolster show more ...
AutoCanada Inc., a leading North American multi-location automobile dealership group, reported that it had identified a significant cybersecurity incident affecting its internal IT systems. This AutoCanada data breach adds to the mounting cybersecurity challenges faced by the automotive industry, which has seen a show more ...
A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. This post examines what we know about a breach that has exposed show more ...
Teams designed AI systems to secure open source infrastructure software to be used in industries like financial services, utilities, and healthcare. Each finalist was awarded a $2 million prize.
After loading a vulnerable driver, the utility uses a public exploit to gain privilege escalation and the ability to disable endpoint protection software.
When it comes to this year's candidates and political campaigns fending off major cyberattacks, a lot has changed since the 2016 election cycle.
_Christophe_Coat_Alamy.jpg)
Institutionalizing and sustaining fundamental cybersecurity practices requires a commitment to ongoing vigilance, active management, and a comprehensive understanding of evolving threats.
Though it is possible for cyber disruptions to occur, CISA and the FBI say that ransomware will not impact casting or counting ballots.
The last known cyberattack waged against Iranian infrastructure took place last December with the blame placed on Israel and the US.
Users of Oracle's ERP for Web storefronts might not be aware of a misconfiguration which could put customer data at risk of exposure.
The Open-Source Software Prevalence Initiative, announced at DEF CON, will examine how open source software is used in critical infrastructure.
A new threat actor has emerged targeting diplomats from Azerbaijan and Israel, aiming to steal sensitive data. Identified as Actor240524, they use spear-phishing emails to target diplomats and have the ability to steal secrets and modify files.
A spear-phishing campaign targeting Russian government dissidents and Western organizations, attributed to the Russian FSB and threat actor COLDRIVER, uses personalized social engineering tactics to gain access to online accounts.
A major cyberattack struck the Central Bank of Iran and other Iranian banks, causing disruptions. The incident, reported by Iranian news outlets and Iran International, resulted in the crippling of the banks' computer systems.
A cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts.
According to Gcore, the number of DDoS attacks in the first half of 2024 increased by 46% compared to the same period in 2023, reaching a total of 830,000 attacks. The peak attack power also rose to 1.7 terabits per second.
The GitHub vulnerability named 'ArtiPACKED' exposes repositories to potential takeovers. This attack vector in GitHub Actions artifacts could allow malicious actors to compromise services by leaking tokens due to misconfigurations and security flaws.
Iranian hackers linked to the government of Iran have increased their phishing attacks on high-profile individuals in the U.S. and Israel, including those affiliated with U.S. presidential campaigns, according to Google.
Cybercriminals are infiltrating organizations' cloud storage containers, stealing sensitive data, and sometimes being paid off by the victims to keep the data private. According to Palo Alto Networks, the attackers likely used automation techniques.
Kiteworks (formerly Accellion) secured $456 million in private equity funding. The investment from Insight Partners and Sixth Street Growth will support Kiteworks' acquisitions, including four smaller enterprise startups since 2022.
In 2024, loaders were involved in nearly 40% of critical security incidents, with popular ones being SocGholish, GootLoader, and Raspberry Robin, aiming to deliver malware like ransomware, according to Reliaquest.
Researchers have linked Brain Cipher to at least three other groups operating under different names. Despite its global reach, the group's tactics are not particularly sophisticated.
M&A activity can increase ransomware insurance losses, with the severity of claims rising over 400% from 2022 to 2023, according to research by cyber risk company Resilience.
Many organizations struggle with AI literacy, cautious adoption, and risks of immature implementation, leading to disruptions in security, including data threats and AI misuse.
A Russian citizen, known by various online names like “TeRorPP,” has been sentenced to 40 months in a U.S. prison for selling financial data and login credentials on the criminal marketplace Slilpp.
CISA Director Jen Easterly highlighted the importance of not glamorizing threat actors, urging defenders to focus on detecting and responding to malicious tactics rather than being fixated on the threat groups themselves.
Meta has warned of troll networks originating from Russia and Iran ahead of the US elections. According to a report by Meta, Russia remains the top source of disrupted troll networks on Facebook and Instagram, followed closely by Iran.
DigiCert has announced the acquisition of Vercara to offer customers a unified DNS and certificate management experience. Vercara provides cloud-based services like managed DNS and DDoS security to protect networks and applications.
The state attorneys general of New York, New Jersey, and Connecticut reached an agreement with Enzo Biochem, which revealed the incident to the federal government in May 2023.
AI professionals have concerns about their jobs being replaced by AI tools, with 56% of security professionals worried about AI-powered threats, as reported by Pluralsight.
Ransomware groups have earned over $450 million in H1 2024 by extorting victims through cryptocurrency payments, according to a report by Chainalysis. It has risen from the previous year, with a record ransom payment of $75 million reported.
European hosting companies were found to be supporting the Kremlin-linked disinformation campaign, prompting Doppelgänger operators to quickly back up their systems and data.
Ubuntu Security Notice 6964-1 - Noriko Totsuka discovered that ORC incorrectly handled certain crafted file. An attacker could possibly use this issue to execute arbitrary code.
WordPress Shield Security plugin versions 20.0.5 and below cross site scripting exploit that adds an administrative user.
Ubuntu Security Notice 6963-1 - It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks.
Build Your Own Botnet (BYOB) version 2.0.0 exploit that works by spoofing an agent callback to overwrite the sqlite database and bypass authentication and exploiting an authenticated command injection in the payload builder page.
Red Hat Security Advisory 2024-5482-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is show more ...
Red Hat Security Advisory 2024-5481-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a show more ...
Ubuntu Security Notice 6962-1 - It was discovered that LibreOffice incorrectly allowed users to enable macros when a cryptographic signature failed to validate. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary macros.
Insurance version 1.2 suffers from an ignored default credential vulnerability.
Red Hat Security Advisory 2024-5479-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a show more ...
Red Hat Security Advisory 2024-5453-03 - This is an updated version of the Fence Agents Remediation Operator. This Operator is delivered by Red Hat Workload Availability, and version 0.4.1 is now available for RHEL 8. Issues addressed include a code execution vulnerability.
Human Resource Management System 2024 version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Ubuntu Security Notice 6909-3 - USN-6909-1 fixed vulnerabilities in Bind. This update provides the corresponding updates for Ubuntu 16.04 LTS. Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
Hotel Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2024-5363-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-5334-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2024-5322-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, out of bounds read, and use-after-free vulnerabilities.
Hotel Booking System version 1.0 suffers from a remote shell upload vulnerability.
Home Owners Collection Management System version 1.0 suffers from an ignored default credential vulnerability.
Red Hat Security Advisory 2024-5279-03 - An update for python3.11-setuptools is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2024-5231-03 - An update for bind and bind-dyndb-ldap is now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-5160-03 - Red Hat OpenShift Container Platform release 4.15.27 is now available with updates to packages and images that fix several bugs and add enhancements.
Giftora version 1.0 suffers from a cross site scripting vulnerability.
Bhojon Restaurant Management System version 3.0 suffers from an insecure direct object reference vulnerability.
Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures. "Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser
A large percentage of Google's own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called "Showcase.apk" that comes with excessive system privileges, including the ability to remotely execute code and install arbitrary
Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking cybercriminals and collectively codenamed Tusk, is said to encompass several sub-campaigns, leveraging the reputation of the platforms to trick users into downloading the
Chinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage," Fortinet FortiGuard Labs researchers Eduardo Altares and Joie Salvio said. "Another noteworthy characteristic of this malware is its
SaaS applications have become indispensable for organizations aiming to enhance productivity and streamline operations. However, the convenience and efficiency these applications offer come with inherent security risks, often leaving hidden gaps that can be exploited. Conducting thorough due diligence on SaaS apps is essential to identify and mitigate these risks, ensuring the protection of your
A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign, including the following: Exposing environment variables, using long-lived credentials, and absence
A 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a now-defunct dark web marketplace called Slilpp. Georgy Kavzharadze, 27, of Moscow, Russia, pleaded guilty to one count of conspiracy to commit bank fraud and wire fraud earlier this February. In addition to
Business email compromise (BEC) has once again proven to be a costly issue, with a company losing $60 million in a wire transfer fraud scheme
