U.S. Government Blacklists Cytrox and Intellexa Spyware Vendors for Cyber Espionage
The U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to an economic blocklist for weaponizing cyber exploits to gain unauthorized access to devices and "threatening the privacy and security of individuals and organizations worldwide." This includes the....
6.9AI Score
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...
9.8CVSS
7.2AI Score
0.941EPSS
Emilien Gaspar discovered that collectd, a statistics collection and monitoring daemon, incorrectly processed incoming network packets. This resulted in a heap overflow, allowing a remote attacker to either cause a DoS via application crash, or potentially execute arbitrary code. Additionally,...
4.1AI Score
Gergana Karadzhova-Dangela is used to being with users during some of their toughest moments. Today, she spends much of her time responding to active cybersecurity incidents with Cisco Talos Incident Response, helping customers work through active attacks, many of which put personal data or...
6.9AI Score
How kids pay the price for ransomware attacks on education
Modern ransomware attacks are as much about stealing data and threatening to leak it as they are about encrypting data. Which means that when a school or hospital is attacked, it's often students' and patients' data that's leaked if the ransom demand isn't met. We have to wonder how greedy any...
7.1AI Score
Mitsubishi Electric MELSEC-F Series (Update A)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC-F Series Vulnerability: Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
6.8AI Score
0.001EPSS
Artemis - A Modular Web Reconnaissance Tool And Vulnerability Scanner
A modular web reconnaissance tool and vulnerability scanner based on Karton (https://github.com/CERT-Polska/karton). The Artemis project has been initiated by the KN Cyber science club of Warsaw University of Technology and is currently being maintained by CERT Polska. Artemis is experimental...
7.3AI Score
7.1AI Score
bielefeld-university-press.de Cross Site Scripting vulnerability OBB-3229948
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
5.9AI Score
Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability
Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has...
9.8CVSS
6.8AI Score
0.057EPSS
New technique can defeat voice authentication "after only six tries"
Voice authentication is back in the news with another tale of how easy it might be to compromise. University of Waterloo scientists have discovered a technique which they claim can bypass voice authentication with "up to a 99% success rate after only six tries". In fact this method is apparently...
7.1AI Score
JVN#64316789: Multiple vulnerabilities in SoftEther VPN and PacketiX VPN
SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities listed below in VPN Client function, and Dynamic DNS Client function included in the VPN server. Heap-based buffer overflow (CWE-122) -...
8.1AI Score
0.001EPSS
EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PiiGAB, Processinformation i Göteborg Aktiebolag Equipment: M-Bus SoftwarePack 900S Vulnerabilities: Code Injection, Improper Restriction of Excessive Authentication Attempts, Unprotected Transport...
8.1AI Score
0.001EPSS
Ransomware attackers email bemused students as leverage for a payout
The University of Manchester has fallen victim to a ransomware gang, who are currently applying an interesting twist to their attack. Blackmail and pressure are two ways to extract funds from potential victims. We see this in sextortion cases, as well as in social engineering. Here, the fraudsters....
6.8AI Score
New video provides a behind-the-scenes look at Talos ransomware hunters
Welcome to this week's edition of the Threat Source newsletter. AI-generated art is causing drama across the internet over the past few months, from Marvel TV show opening credits scenes to predatory YouTubers who claim YOU can make millions by having AI tools create children's books for you....
8.8CVSS
6.3AI Score
0.001EPSS
Cybersecurity hotlines at colleges could go a long way toward filling the skills gap
Welcome to this week's edition of the Threat Source newsletter. I recently stumbled upon news that the University of Texas at Austin is launching a new cybersecurity clinic run by faculty and students studying security and IT at the university. This clinic offers pro-bono cybersecurity services --....
9.8CVSS
9.2AI Score
0.8EPSS
Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers
In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret keys from a device by analyzing video footage of its power LED. "Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness...
6.3AI Score
Closing the cybersecurity talent gap is not something we can achieve alone; it requires a collective effort from the entire industry and focus on enabling cybersecurity awareness and education for all. This realization hit home for us during our recent participation in the National Initiative for.....
6.9AI Score
Closing the cybersecurity talent gap is not something we can achieve alone; it requires a collective effort from the entire industry and focus on enabling cybersecurity awareness and education for all. This realization hit home for us during our recent participation in the National Initiative for.....
6.9AI Score
The New York Times has a long article on the investigative techniques used to identify the person who stabbed and killed four University of Idaho students. Pay attention to the techniques: The case has shown the degree to which law enforcement investigators have come to rely on the digital...
6.8AI Score
EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ovarro Equipment: TBox RTUs Vulnerabilities: Missing Authorization, Use of Broken or Risky Cryptographic Algorithm, Inclusion of Functionality from Untrusted Control Sphere, Insufficient Entropy,...
7.2AI Score
0.001EPSS
Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation
As the business environment becomes increasingly connected, organizations' attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan.....
7AI Score
Security and Human Behavior (SHB) 2023
I'm just back from the sixteenth Workshop on Security and Human Behavior, hosted by Alessandro Acquisti at Carnegie Mellon University in Pittsburgh. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro...
6.9AI Score
ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks
The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previously undocumented wiretapping features as well as a backdoor developed using Golang that exploits the Ably real-time messaging service. "The threat actor sent their commands through.....
7AI Score
Exploit for Out-of-bounds Write in Linux Linux Kernel
Project Name CVE-2021-22555 attack script Description...
7.1AI Score
Strava heatmap loophole may reveal users' home addresses
Researchers at NC State University have outlined potential privacy issues with popular fitness app Strava which could lead to users' homes being pinpointed. The researchers' findings are detailed in a paper called Heat marks the spot: de-anonymising users' geographical data on the Strava heat...
6.8AI Score
What You Need To Know About MOVEit
The MOVEit Vulnerabilities and Latest Exploits. Impact On Governmental Agencies And Large Organizations Governmental agencies and large organizations around the world are being hit by ransomware attacks exploiting several vulnerabilities in MOVEit, a widely used file transfer solution. The...
9.8CVSS
11AI Score
0.941EPSS
In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to.....
7.1AI Score
Barracuda Urges Replacing — Not Patching — Its Email Security Gateways
It's not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda...
9.8CVSS
9.1AI Score
0.016EPSS
7.1AI Score
0.0004EPSS
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years. Gartner and Forrester have both highlighted the importance of ASM recently, multiple solution providers have emerged in the space, and investment and acquisition activity.....
7.2AI Score
CodeQL zero to hero part 2: getting started with CodeQL
CodeQL is a static analysis tool that can be used to automatically scan your applications for vulnerabilities and to assist with a manual code review. In this blog, we will look closer at CodeQL and how to write CodeQL queries. Below, we include voluntary challenges, but it is highly recommended...
7.9AI Score
Satacom delivers browser extension that steals cryptocurrency
Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom. The Satacom...
7.4AI Score
How Attack Surface Management Supports Continuous Threat Exposure Management
According to Forrester, External Attack Surface Management (EASM) emerged as a market category in 2021 and gained popularity in 2022. In a different report, Gartner concluded that vulnerability management vendors are expanding their offerings to include Attack Surface Management (ASM) for a suite.....
6.9AI Score
Is it Getting Harder to Pigeonhole Games into Specific Genres?
By Owais Sultan Back in 2015, a study from Syracuse University analysed how grouping video games into genres can be limited.… This is a post from HackRead.com Read the original post: Is it Getting Harder to Pigeonhole Games into Specific...
6.9AI Score
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center (ASEC), which detailed the...
6.9AI Score
Re-Victimization from Police-Auctioned Cell Phones
Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found. In response, the largest online marketplace for.....
6.7AI Score
About the security content of macOS Big Sur 11.7.7
About the security content of macOS Big Sur 11.7.7 This document describes the security content of macOS Big Sur 11.7.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
8.2AI Score
0.009EPSS
About the security content of iOS 15.7.6 and iPadOS 15.7.6
About the security content of iOS 15.7.6 and iPadOS 15.7.6 This document describes the security content of iOS 15.7.6 and iPadOS 15.7.6. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
9.2AI Score
0.009EPSS
Researcher Spotlight: Jacob Finn creates his own public-private partnership at Talos
After working in government for several years, this Talos threat hunter is diving into the dark web Growing up, Jacob Finn says he wanted to be a detective (or maybe a veterinarian, but there's still plenty of time for that). Today with Talos, he's a detective. And while he's still hunting for bad....
6.4AI Score
Feds Take Down 13 More DDoS-for-Hire Services
The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to "booter" services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022,...
7AI Score
CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on.....
9.8CVSS
8.1AI Score
0.001EPSS
Oracle Linux 4 / 5 : exim (ELSA-2010-0970)
From Red Hat Security Advisory 2010:0970 : Updated exim packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5, and Red Hat Enterprise Linux 4.7, 5.3, and 5.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical...
9.7AI Score
CentOS 4 : exim (CESA-2010:0970)
Updated exim packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5, and Red Hat Enterprise Linux 4.7, 5.3, and 5.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability...
9.6AI Score
RHEL 4 / 5 : exim (RHSA-2010:0970)
Updated exim packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5, and Red Hat Enterprise Linux 4.7, 5.3, and 5.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability...
9.6AI Score
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
7.8CVSS
6.9AI Score
0.0005EPSS
FreeBSD : chromium -- multiple vulnerabilities (674ed047-be0a-11eb-b927-3065ec8fd3ec)
Chrome Releases reports : This release contains 32 security fixes, including : [1208721] High CVE-2021-30521: Heap buffer overflow in Autofill. Reported by ZhanJia Song on 2021-05-13 [1176218] High CVE-2021-30522: Use after free in WebAudio. Reported by Piotr Bania of Cisco Talos on...
-0.1AI Score
Why you should practice rollbacks to prevent data loss in a ransomware attack
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security__ Senior Product Marketing Manager Brooke Lynn Weenig talks with Tanya Janca, Founder....
6.3AI Score
Why you should practice rollbacks to prevent data loss in a ransomware attack
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security__ Senior Product Marketing Manager Brooke Lynn Weenig talks with Tanya Janca, Founder....
6.3AI Score
Foxit PDF Reader AFSpecial_KeystrokeEx Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
7.8CVSS
7.7AI Score
0.004EPSS