This New Fileless Malware Hides Shellcode in Windows Event Logs

A new malicious campaign has been spotted taking advantage of Windows event logs to stash chunks of shellcode for the first time in the wild. "It allows the 'fileless' last stage trojan to be hidden from plain sight in the file system," Kaspersky researcher Denis Legezo said in a technical write-...

Critical RCE Bug Reported in dotCMS Content Management Software

A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and "used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses." The critical flaw, tracked as...

Webinar: How The Right XDR Can Be a Game-Changer for Lean Security Teams

Extended detection and response XDR is expected to be the future of cybersecurity, merging security technologies with the evolving approach to the way we do cybersecurity. And while many organizations are scrambling to integrate XDR into their cybersecurity strategies – even more are still trying...

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API

An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with "simple" backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021. Cybersecurity company Mandiant attributed the attack to an...

VMware Patches Important Bug Affecting ESXi, Workstation and Fusion Products

VMWare has shipped updates to Workstation, Fusion, and ESXi products to address an "important" security vulnerability that could be weaponized by a threat actor to take control of affected systems. The issue relates to a heap-overflow vulnerability — tracked as CVE-2021-22045 CVSS score: 7.7 —...

VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client

VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Track...

Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts

Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. That's according to a new report published by Google's...

Two Eastern Europeans Sentenced for Providing Bulletproof Hosting to Cyber Criminals

Two Eastern European nationals have been sentenced in the U.S. for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Pavel Stassi, 30, of Estonia, and...

You Can Now Sign-in to Your Microsoft Accounts Without a Password

Microsoft on Wednesday announced a new passwordless mechanism that allows users to access their accounts without a password by using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email. The change is expected to be rolled out in the coming weeks...

The Increased Liability of Local In-home Propagation

Today I discuss an attack vector conducive to cross-organizational spread, in-home local propagation. Though often overlooked, this vector is especially relevant today, as many corporate employees remain working from home. In this post, I contrast in-home local propagation with traditional vector...

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access

Forget watercooler conspiracies or boardroom battles. There's a new war in the office. As companies nudge their staff to return to communal workspaces, many workers don't actually want to – more than 50 percent of employees would rather quit, according to research by EY. While HR teams worry over...

Researchers Find New Evidence Linking Diavol Ransomware to TrickBot Gang

Cybersecurity researchers have disclosed details about an early development version of a nascent ransomware strain called Diavol that has been linked to threat actors behind the infamous TrickBot syndicate. The latest findings from IBM X-Force show that the ransomware sample shares similarities t...

Facebook Suspends Accounts Used by Iranian Hackers to Target US Military Personnel

Facebook on Thursday disclosed it dismantled a "sophisticated" online cyber espionage campaign conducted by Iranian hackers targeting about 200 military personnel and companies in the defense and aerospace sectors in the U.S., U.K., and Europe using fake online personas on its platform. The socia...

New SaaS Security Report Dives into the Concerns and Plans of CISOs in 2021

For years, security professionals have recognized the need to enhance SaaS security. However, the exponential adoption of Software-as-a-Service SaaS applications over 2020 turned slow-burning embers into a raging fire. Organizations manage anywhere from thirty-five to more than a hundred...

New Google Scorecards Tool Scans Open-Source Software for More Security Risks

Google has launched an updated version of Scorecards, its automated security tool that produces a "risk score" for open source initiatives, with improved checks and capabilities to make the data generated by the utility accessible for analysis. "With so much software today relying on open-source...

Microsoft Discloses Critical Bugs Allowing Takeover of NETGEAR Routers

Cybersecurity researchers have detailed critical security vulnerabilities affecting NETGEAR DGN2200v1 series routers, which they say could be reliably abused as a jumping-off point to compromise a network's security and gain unfettered access. The three HTTPd authentication security weaknesses CV...

New API Lets App Developers Authenticate Users via SIM Cards

Online account creation poses a challenge for engineers and system architects: if you put up too many barriers, you risk turning away genuine users. Make it too easy, and you risk fraud or fake accounts. The Problem with Identity Verification The traditional model of online identity –...

Big Cybersecurity Tips For Remote Workers Who Use Their Own Tech

As the total number of people working from home has grown dramatically in the last year or two, so has the number of individuals who use all of their own technology for their jobs. If you're a remote worker who relies on your own PC to get your work done, then you may be at a heightened risk for...

New Study Warns of Security Threats Linked to Recycled Phone Numbers

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online...

Simplify, then Add Lightness – Consolidating the Technology to Better Defend Ourselves

One of the biggest consequences of the rapidly evolving cybersecurity threat landscape is that defenses must constantly build bigger systems to defend themselves. This leads to both more complex systems and often less communication between them. More importantly, it can lead companies to invest i...

MITRE Madness: A Guide to Weathering the Upcoming Vendor Positioning Storm

April is usually a whirlwind month for the cybersecurity industry as it coincides with the release of the highly regarded and influential MITRE ATT&CK test results. The ATT&CK test measures cybersecurity platforms' abilities to detect and react to emulated, multistep attacks that can be used as a...

Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks

As many as five vulnerabilities have been uncovered in Ovarro's TBox remote terminal units RTUs that, if left unpatched, could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service. "Successful exploitation of these vulnerabilities...

Over a Dozen Chrome Extensions Caught Hijacking Google Search Results for Millions

New details have emerged about a vast network of rogue extensions for Chrome and Edge browsers that were found to hijack clicks to links in search results pages to arbitrary URLs, including phishing sites and ads. Collectively called "CacheFlow" by Avast, the 28 extensions in question — including...

LIVE Webinar: Major Lessons to be Learned from Top Cyber Attacks in 2020

We likely all agree that 2020 was a year we won't soon forget - for many reasons. One area particularly impacted last year was and continues to be cybersecurity. While Internet access allowed many businesses to continue functioning during the COVID-19 stay at home requirements, the unprecedented...

Importance of Application Security and Customer Data Protection to a Startup

When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent probably even more! to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do...

How to Defend Against Malware, Phishing, and Scams During COVID-19 Crisis

As if the exponential rise in phishing scams and malware attacks in the last five years wasn't enough, the COVID-19 crisis has worsened it further. The current scenario has given a viable opportunity to cybercriminals to find a way to target individuals, small and large enterprises, government...

Facebook Tracks APT32 OceanLotus Hackers to IT Company in Vietnam

Cybersecurity researchers from Facebook today formally linked the activities of a Vietnamese threat actor to an IT company in the country after the group was caught abusing its platform to hack into people's accounts and distribute malware. Tracked as APT32 or Bismuth, OceanLotus, and Cobalt Kitt...

New Framework Released to Protect Machine Learning Systems From Adversarial Attacks

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning ML systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to...

A Self-Service Password Reset Project Can Be A Quick Win For IT

Since the beginning of this year, organizations' IT staff have faced numerous challenges and an increased workload as a result of the global pandemic and shift to a mainly remote workforce. Supporting end-users that are now working from home has introduced new challenges in troubleshooting since ...

U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security MOIS for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors...

Researchers Exploited A Bug in Emotet to Stop the Spread of Malware

Emotet, a notorious email-based malware behind several botnet-driven spam campaigns and ransomware attacks, contained a flaw that allowed cybersecurity researchers to activate a kill-switch and prevent the malware from infecting systems for six months. "Most of the vulnerabilities and exploits th...

WebAuthn Passwordless Authentication Now Available for Atlassian Products

Atlassian solutions are widely used in the software development industry. Many teams practicing agile software development rely on these applications to manage their projects. Issue-tracking application Jira, Git repository BitBucket, continuous integration and deployment server Bamboo, and team...

Ring Makes 2-Factor Authentication Mandatory Following Recent Hacks

Smart doorbells and cameras bring a great sense of security to your home, especially when you're away, but even a thought that someone could be spying on you through the same surveillance system would shiver up your spine. Following several recent reports of hackers gaining access to people's...

Zoom Bug Could Have Let Uninvited People Join Private Meetings

If you use Zoom to host your remote online meetings, you need to read this piece carefully. The massively popular video conferencing software has patched a security loophole that could have allowed anyone to remotely eavesdrop on unprotected active meetings, potentially exposing private audio,...

Unprotected Database Exposes Personal Info of 80 Million American Households

A team of security researchers has claims to have found a publicly-accessible database that exposes information on more than 80 million U.S. households—nearly 65 percent of the total number of American households. Discovered by VPNMentor's research team lead by hacktivists Noam Rotem and Ran Loca...

Docker Hub Suffers a Data Breach, Asks Users to Reset Password

Docker Hub, one of the largest cloud-based library of Docker container images, has suffered a data breach after an unknown attacker gained access to the company's single Hub database. Docker Hub is an online repository service where users and partners can create, test, store and distribute Docker...

New Virus Decides If Your Computer Good for Mining or Ransomware

Security researchers have discovered an interesting piece of malware that infects systems with either a cryptocurrency miner or ransomware, depending upon their configurations to decide which of the two schemes could be more profitable. While ransomware is a type of malware that locks your comput...

TRON Cryptocurrency Founder Buys BitTorrent, µTorrent for $140 Million

BitTorrent, the company which owns the popular file-sharing client uTorrent, has quietly been sold for $140 million in cash to Justin Sun, the founder of blockchain-focused startup TRON. TRON is a decentralized entertainment and content-sharing platform that uses blockchain and distributed storag...

Feds Arrest 74 Email Fraudsters Involved in Nigerian BEC Scams

The United States Department of Justice announced Monday the arrest of 74 email fraudsters across three continents in a global crackdown on a large-scale business email compromise BEC scheme. The arrest was the result of a six-month-long operation dubbed "Operation Wire Wire" that involved the US...

Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI

Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information. Hutchins, the 24-year-old better known as MalwareTech, was arrested by the FBI last ye...

All New Privacy and Security Features Coming in macOS 10.14 Mojave

At Worldwide Developer Conference 2018 on Monday, Apple announced the next version of its macOS operating system, and it's called Mojave. Besides introducing new features and improvements of macOS 10.14 Mojave—like Dark Mode, Group FaceTime, Dynamic Desktop, and Finder—at WWDC, Apple also reveale...

AMD Acknowledges Newly Disclosed Flaws In Its Processors — Patches Coming Soon

AMD has finally acknowledged 13 critical vulnerabilities, and exploitable backdoors in its Ryzen and EPYC processors disclosed earlier this month by Israel-based CTS Labs and promised to roll out firmware patches for millions of affected devices 'in the coming weeks.' According to CTS-Labs...

Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly

Security researchers have discovered and disclosed details of two unpatched critical vulnerabilities in a popular internet forum software—vBulletin—one of which could allow a remote attacker to execute malicious code on the latest version of vBulletin application server. vBulletin is a widely use...

Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability

Microsoft has just released an emergency security patch to address a critical remote code execution RCE vulnerability in its Malware Protection Engine MPE that could allow an attacker to take full control of a victim's PC. Enabled by default, Microsoft Malware Protection Engine offers the core...

Ubuntu’s Crash Report Tool Allows Remote Code Execution

No software is immune to being Hacked! Not even Linux. A security researcher has discovered a critical vulnerability in Ubuntu Linux operating system that would allow an attacker to remotely compromise a target computer using a malicious file. The vulnerability affects all default Ubuntu Linux...

12-Year-Old SSH Bug Exposes More than 2 Million IoT Devices

Are your internet-connected devices spying on you? Perhaps. We already know that the Internet of Thing IoT devices are so badly insecure that hackers are adding them to their botnet network for launching Distributed Denial of Service DDoS attacks against target services. But, these connected...

Leaked Exploits are Legit and Belong to NSA: Cisco, Fortinet and Snowden Docs Confirm

Last week, a group calling itself "The Shadow Brokers" published what it said was a set of NSA "cyber weapons," including some working exploits for the Internet's most crucial network infrastructure, apparently stolen from the agency's Equation Group in 2013. Well, talking about the authenticity ...

Mac OS X Zero-Day Exploit Can Bypass Apple's Latest Protection Feature

A critical zero-day vulnerability has been discovered in all versions of Apple's OS X operating system that allows hackers to exploit the company’s newest protection feature and steal sensitive data from affected devices. With the release of OS X El Capitan, Apple introduced a security protection...

Apple testing Ultra-Fast Li-Fi Wireless Technology for Future iPhones

Apple to make future iPhones compatible with a cutting-edge technology that has the capability to transmit data at 100 times the speed of WiFi, suggests the code found within the iOS firmware. Apple may ship future iPhones with Li-Fi capabilities, a new technology that may end up replacing the...

Hacker Finds a Simple Way to Bypass Android 5.x Lock Screen [Steps & Video]

A Security researcher and hacker, named John Gordon, has found an easy way to bypass the security of locked smartphones running Android 5.0 and 5.1 Build LMY48M. Many of us use various security locks on our devices like Pattern lock, PIN lock and Password lock in order to protect the privacy of o...