Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack

Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library "polyfill.js" to redirect users to malicious and scam sites. "Protecting our users is our top priority. We detected a security...

Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

UPDATE — The severity score of CVE-2021-45046, originally classified as a DoS bug, has since been revised from 3.7 to 9.0, to reflect the fact that an attacker could abuse the vulnerability to send a specially crafted string that leads to "information leak and remote code execution in some...

Wake up! Identify API Vulnerabilities Proactively, From Production Back to Code

After more than 20 years in the making, now it's official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing. APIs have crucial roles to play in virtually every industry today, and their importance...

Ransomware Attacks Targeting Unpatched EOL SonicWall SMA 100 VPN Appliances

Networking equipment maker SonicWall is alerting customers of an "imminent" ransomware campaign targeting its Secure Mobile Access SMA 100 series and Secure Remote Access SRA products running unpatched and end-of-life 8.x firmware. The warning comes more than a month after reports emerged that...

Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits

Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors. IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevente...

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Google on Friday shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited in the wild. Tracked as CVE-2022-1096, the zero-day flaw relates to a type confusion vulnerability in the V8 JavaScript engine. An...

New 'unc0ver' Tool Can Jailbreak All iPhone Models Running iOS 11.0 - 14.3

A popular jailbreaking tool called "unc0ver" has been updated to support iOS 14.3 and earlier releases, thereby making it possible to unlock almost every single iPhone model using a vulnerability that Apple in January disclosed was actively exploited in the wild. The latest release, dubbed unc0ve...

Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years

Beware Windows users... a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular...

First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges

Nearly a year after the disclosure of the Dirty COW vulnerability that affected the Linux kernel, cybercriminals have started exploiting the vulnerability against Android users, researchers have warned. Publicly disclosed last year in October, Dirty COW was present in a section of the Linux...

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability's long tail for remediation. Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater aka...

KRACK Demo: Critical Key Reinstallation Attack Against Widely-Used WPA2 Wi-Fi Protocol

Do you think your wireless network is secure because you're using WPA2 encryption? If yes, think again! Security researchers have discovered several key management vulnerabilities in the core of Wi-Fi Protected Access II WPA2 protocol that could allow an attacker to hack into your Wi-Fi network a...

Hacking Instagram Accounts using OAuth vulnerability

'Nir Goldshlager' known as Facebook hacker and founder of Break Security , who reported many critical bugs in Facebook OAuth mechanism in past few months, today disclose a critical vulnerability in Instagram Oauth that allow an attacker to hack any account. Succesful hack allows attacker to acces...

New Zero-Trust API Offers Mobile Carrier Authentication to Developers

Zero Trust is increasingly being adopted as the best strategy to maintain application security and prevent data breaches. To help achieve progress on Zero Trust, there is now a new, easy way to implement continuous user verification by connecting directly to the authentication systems used by...

Update Microsoft Windows Systems to Patch 99 New Security Flaws

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. According to the advisories, 12 of the total issues patched by the tech giant this...

Hackers Could Turn Pre-Installed Antivirus App on Xiaomi Phones Into Malware

What could be worse than this, if the software that's meant to protect your devices leave backdoors open for hackers or turn into malware? Researchers today revealed that a security app that comes pre-installed on more than 150 million devices manufactured by Xiaomi, China's biggest and world's 4...

DomainFactory Hacked—Hosting Provider Asks All Users to Change Passwords

Besides Timehop, another data breach was discovered last week that affects users of one of the largest web hosting companies in Germany, DomainFactory, owned by GoDaddy. The breach initially happened back in last January this year and just emerged last Tuesday when an unknown attacker himself...

Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability

Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a...

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, whic...

The Incident Response Plan - Preparing for a Rainy Day

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent...

Apple Forces Facebook VPN App Out of iOS Store for Stealing Users' Data

Facebook yesterday removed its mobile VPN app called Onavo Protect from the iOS App Store after Apple declared the app violated the iPhone maker's App Store guidelines on data collection. For those who are unaware, Onavo Protect is a Facebook-owned Virtual Private Network VPN app that was primari...

Yet Another Linux Kernel Privilege-Escalation Bug Discovered

Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab Active-Defense Lab researchers, the Linux kernel vulnerability...

Critical RCE Bug Found in Homebrew Package Manager for macOS and Linux

A recently identified security vulnerability in the official Homebrew Cask repository could have been exploited by an attacker to execute arbitrary code on users' machines that have Homebrew installed. The issue, which was reported to the maintainers on April 18 by a Japanese security researcher...

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

Internet Explorer is dead, but not the mess it left behind. Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer IE browser that attackers are actively exploiting in the wild — and there is no patch ye...

New Apache Web Server Bug Threatens Security of Shared Web Hosts

Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in...

Cisco Issues Security Patch Updates for 32 Flaws in its Products

Cisco today released thirty security patch advisory to address a total of 32 security vulnerabilities in its products, three of which are rated critical, including the recently disclosed Apache Struts remote code execution vulnerability that is being exploited in the wild. Out of the rest 29...

Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score

Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild. Tracked as CVE-2023-5129, the issue has been given the maximum severity score of 10.0 on the CVSS rating...

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

In what's a case of hackers getting hacked, a prominent underground online criminal forum by the name of Maza has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year. The intrusion is said to have occurred on March 3, with informatio...

Foxit PDF Software Company Suffers Data Breach—Asks Users to Reset Password

If you have an online account with Foxit Software, you need to reset your account password immediately—as an unknown attacker has compromised your personal data and log-in credentials. Foxit Software, a company known for its popular lightweight Foxit PDF Reader and PhantomPDF applications being...

VeraCrypt Audit Reveals Critical Security Flaws — Update Now

After TrueCrypt mysteriously discontinued its service, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, as well as privacy conscious people. First of all, there is no such thing as a perfect, bug-free software. Even the most rigorously tested...

Russia to Fine Search Engines for Linking to Banned VPN services

In its years-long efforts to censor the Internet by blocking access to a large number of websites in the country, Russia has now approved a new bill introducing fines for search engines that provide links to banned sites, VPN services, and anonymization tools. VPNs, or Virtual Private Networks, a...

Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products

Cisco on Wednesday rolled out patches to address three security flaws affecting its products, including a high-severity weakness disclosed in NVIDIA Data Plane Development Kit MLNXDPDK late last month. Tracked as CVE-2022-28199 CVSS score: 8.6, the vulnerability stems from a lack of proper error...

Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability

Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138, arises when the app in question is enable...

Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw

It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild. Discovered by Clément Lecigne of Google's Threat Analysis Grou...

State-Sponsored SCADA Malware targeting European Energy Companies

Security researchers have discovered a new campaign targeting energy companies in Western Europe with a sophisticated malware that almost goes to great lengths in order to remain undetected while targeting energy companies. Researchers from SentinelOne Labs discovered the malware, which has alrea...

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below - CVE-2022-32893 - An out-of-bounds write issue in WebKit which could lead to th...

Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking

A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control ove...

Wi-Fi Gets Simplified Version Numbers and Next Version is Wi-Fi 6

Do you know what is the latest version of Wi-Fi? It's okay if you don't know. It is — Wi-Fi is 802.11ac. I am sure many of us can't answer this question immediately because the Wi-Fi technology doesn't have a traditional format of version numbers… at least until yesterday. The Wi-Fi Alliance—the...

1.7 Tbps DDoS Attack — ​Memcached UDP Reflections Set New Record

The bar has been raised. As more amplified attacks were expected following the record-breaking 1.35 Tbps Github DDoS attack, someone has just set a new record after only four days — 1.7 Tbps DDoS attack. Network security and monitoring company Arbor Networks claims that its ATLAS global traffic a...

Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System

Microsoft on Tuesday disclosed a set of two privilege escalation vulnerabilities in the Linux operating system that could potentially allow threat actors to carry out an array of nefarious activities. Collectively called "Nimbuspwn," the flaws "can be chained together to gain root privileges on...

Salesforce Release Updates — A Cautionary Tale for Security Teams

On the surface, Salesforce seems like a classic Software-as-a-Service SaaS platform. Someone might even argue that Salesforce invented the SaaS market. However, the more people work with the full offering of Salesforce, the more they realize that it goes beyond a traditional SaaS platform's...

Critical Flaws Affecting GE's Universal Relay Pose Threat to Electric Utilities

The U.S. Cybersecurity and Infrastructure Security Agency CISA has warned of critical security shortcomings in GE's Universal Relay UR family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain...

Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor

Linux users, beware! If you haven't recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim. Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command executio...

Adobe Issues ColdFusion Software Update for 6 Critical Vulnerabilities

Adobe has released September 2018 security patch updates for a total of 10 vulnerabilities in Flash Player and ColdFusion, six of which are rated as critical that affected ColdFusion and could allow attackers to remotely execute arbitrary code on a vulnerable server. What's the good news this mon...

Popular Flight Tracker Flightradar24 Suffers Data Breach

One of the world's most popular flight tracking services Flightradar24, which shows real-time aircraft flight information on a map, has suffered a massive data breach that may have compromised email addresses and hashed passwords for more than 230,000 customers. Without revealing any information...

Hackers Exploiting 'Bitmessage' Zero-Day to Steal Bitcoin Wallet Keys

Bitmessage developers have warned of a critical 'remotely executable' zero-day vulnerability in the PyBitmessage application that was being exploited in the wild. Bitmessage is a Peer-to-Peer P2P communications protocol used to send encrypted messages to users. Since it is decentralized and...

Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy

Fortinet has privately warned its customers of a security flaw affecting FortiGate firewalls and FortiProxy web proxies that could potentially allow an attacker to perform unauthorized actions on susceptible devices. Tracked as CVE-2022-40684 CVSS score: 9.6, the critical flaw relates to an...

SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities

The threat actor known as SideWinder has added a new custom tool to its arsenal of malware that's being used in phishing attacks against Pakistani public and private sector entities. "Phishing links in emails or posts that mimic legitimate notifications and services of government agencies and...

Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers

Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the...

New Android Malware Apps Use Motion Sensor to Evade Detection

Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security...

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...