15946 matches found
Overlay Malware Targets Windows Users with a DLL Hijack Twist
Brazilians are being warned of a new overlay malware targeting Windows users in order to siphon victims’ financial data and drain their bank accounts. Researchers say what the malware, dubbed Vizom, lacks in sophistication it makes up for in its creative abuse of the Windows ecosystem. Trusteer, ...
Microsoft is the Most-Imitated Brand for Phishing Emails
Microsoft is top of the heap when it comes to hacker impersonations – with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year. That’s according to Check Point, which found that the computing giant leapt from fifth pla...
Intel Adds Memory Encryption, Firmware Security to Ice Lake Chips
Intel’s third-generation Xeon Scalable server processors, code-named Ice Lake, will be rolled out with new security upgrades that the chip giant claims will better protect devices from firmware attacks. The upcoming chips are based on Ice Lake, Intel’s 10nm CPU microarchitecture, which was first...
APT Attack Injects Malware into Windows Error Reporting
A campaign that injects malware into the Windows Error Reporting WER service to evade detection is potentially the work of a Vietnamese APT group, researchers said. The attack, discovered on Sept. 17 by researchers at Malwarebytes Threat Intelligence Team, lures its victims with a phishing campai...
APT41 Operatives Indicted as Sophisticated Hacking Activity Continues
UPDATE Five alleged members of the APT41 threat group have been indicted by a federal grand jury, in two separate actions that were unsealed this week. Meanwhile, the Department of Treasury also imposed sanctions on individuals and organizations associated with Iran-linked APT39. APT41 a.k.a...
Report Looks at COVID-19’s Massive Impact on Cybersecurity
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the COVID-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to COVID-19. Of course, malicious downloads would be COVID-19 related...
Twitter Could Face $250M FTC Fine Over Improper Data Use
Twitter may be facing a Federal Trade Commission FTC fine of up to $250 million, after the social media giant last year revealed the improper use of users’ email addresses and phone numbers. In October 2019, Twitter acknowledged that user phone numbers and email addresses gathered for security...
FakeSpy Android Malware Spread Via ‘Postal-Service’ Apps
Android mobile device users are being targeted in a new SMS phishing campaign that’s spreading the FakeSpy infostealer. The malware, which is disguised as legitimate global postal-service apps, steals SMS messages, financial data and more from the victims’ devices. The campaign was first discover...
'Cardplanet' Operator Sentenced to 9 Years for Selling Stolen Credit Cards
A cybercriminal responsible for running a “carding” website on the Dark Web is going to federal prison for nine years for selling stolen consumer payment information. Aleksei Burkov, a Russian national, was the operator of a website called “Cardplanet” that sold hundreds of thousands of debit- an...
Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions
An infamous business email compromise BEC gang has submitted hundreds of fraudulent claims with state-level U.S. unemployment websites and coronavirus relief funds. Researchers who tracked the fraudulent activity said cybercriminals may have made millions so far from the fraudulent activity. Behi...
Necurs Botnet in Crosshairs of Global Takedown Offensive
A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world’s most prolific and globally dispersed spam and malware infrastructure. The move came after Microsoft and partners across 3...
CamuBot Banking Trojan Returns In Targeted Attacks
The CamuBot malware, known for targeting Brazilian bank customers, has returned in a slew of recent offensives. The latest wave of attacks are highly personalized and, unlike previous campaigns, target victims’ mobile banking apps as an extra step to evade detection when making fraudulent...
Austin Man Indicted for Stealing Unreleased Music from Artists
A 27-year-old man who allegedly impersonated a music producer in an effort to nab unreleased music from various artists has been indicted. If convicted, he faces 27 years in prison on charges of conspiring with others to commit wire fraud, computer intrusion and committing aggravated identity...
A Dozen Flaws in Popular Mac Clean-Up Software Allow Local Root Access
A passel of privilege-escalation vulnerabilities in MacPaw’s CleanMyMac X software would allow a local attacker to gain root access to an Apple machine in various ways. CleanMyMac X is a cleanup application for MacOS that optimizes the drives and frees up space by scanning for unused, redundant o...
Critical Bug Patched in Schneider Electric Vehicle Charging Station
Schneider Electric is warning about a critical vulnerability in its EVLink Parking devices – a line of electric vehicle charging stations. The energy management and automation giant said the vulnerability is tied to a hard-coded credential bug that exists within the device that could enable...
ThreatList: Google Play Nine Times Safer Than Third-Party App Stores
Bearing out the conventional wisdom that avoiding third-party app stores is a security best practice, new data from Google shows that Android devices that only download apps from Google Play are nine times less likely to end up with malware. According to Google’s inaugural Android Ecosystem...
Cisco Issues New Warning for 6-Month-Old Critical Bug in IOS XE
UPDATE Cisco Systems has issued a second warning for a critical static credential bug in its IOS XE software, which allows an unauthenticated attacker to gain access to targeted systems. The security bulletin comes more than six months after the company initially reported the bug and provided a...
Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors
Researchers have found a cross-site scripting XSS flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites. The vulnerability CVE-2018-8006 was disclosed today and impacts ActiveMQ versions earlier than...
Only ATM Heists Set to Accelerate After $13M Break-In
Mere days after the Feds warned banks about an impending ATM cash heist, hackers managed to siphon $13 million from the Pune, India-based Cosmos Bank – using cloned versions of the bank’s debit cards over the course of two days. It’s unlikely to be the last ATM theft that makes news, given how...
Critical Authentication Flaws in Cisco Policy Suite Patched
Cisco has patched four critical security vulnerabilities surrounding a lack of authentication requirements in its Policy Suite for mobile carriers. These would allow remote attackers to potentially exfiltrate information, compromise wireless subscriber account information, meddle with databases o...
Six Vulnerabilities Found in Dell EMC’s Disaster Recovery System, One Critical
A pen-tester has found six vulnerabilities in Dell EMC RecoverPoint devices, including a critical remote code execution flaw that could allow total system compromise. EMC RecoverPoint is a disaster recovery tool that can be used to back up local and remote information storage, across data centers...
Remote Code Execution Bug Patched in Adobe Acrobat Reader DC
Researchers at Cisco Talos are detailing a remote code execution vulnerability found in Adobe Acrobat Reader DC that can be triggered when a malicious file is opened or a victim accesses a rigged webpage. According to Talos, the vulnerability CVE-2018-4901 was disclosed on Dec. 7 and Adobe issued...
Skype, Slack and Other Popular Windows Apps Vulnerable to Critical Framework Bug
UPDATE Hundreds of software applications built using the developer framework called Electron may be vulnerable to a remote code execution flaw, according to developers of the framework. Impacted are dozens of popular Windows applications such as Microsoft’s Skype for Windows and Slack. Earlier th...
Google Awards Record $112,500 Bounty for Android Exploit Chain
Prolific bug hunter Guang Gong has earned the highest-ever payout for a vulnerability in the history of Google’s Android Security Rewards program, which began in 2015. He earned a combined $112,500 for the disclosure of an Android exploit chain impacting Google’s Pixel handset that could allow an...
Security Lacking in Previous AppleAVEDriver iOS Kernel Extension
An obscure Apple kernel extension patched in July in iOS 10.3.3 was originally built without security measures in place, according to the researcher who privately disclosed the flaws. Today at the Hack in the Box security conference in Singapore, Zimperium zLabs’ Adam Donenfeld was scheduled to...
Flash Player Marches Toward End, Patches Two Code Execution Bugs in Latest Update
Adobe today pushed out its first Flash Player update since announcing two weeks ago that it would stop distributing and updating the software in 2020. Flash has been at the center of many targeted attacks and exploit kit activity, and despite numerous improvements to the product including...
Ubuntu Fixes Linux Systemd Bug
Developers with Canonical pushed out a handful of patches for the Linux-based operating system Ubuntu this week, including one that resolves a bug that could have let an attacker cause a denial of service or execute arbitrary code with a TCP payload. Chris Coulson, a software and electronics...
Google Patches Six Critical Mediaserver Bugs in Android
Google pushed out its monthly Android patches Monday, addressing 17 critical vulnerabilities, six of which are tied to its problematic Mediaserver component. An additional four critical vulnerabilities related to Qualcomm components in Android handsets including Google’s own Nexus 6P, Pixel XL an...
Cisco Warns of Critical Flaw in Teleconferencing Gear
Cisco Systems is warning customers of a critical vulnerability affecting three of its TelePresence MCU platform models. The flaw could give attackers the ability to remotely execute code on impacted systems or create conditions favorable to a denial-of-service DoS attack. According to an advisory...
Apple Patches AirPort Remote Code Execution Flaw
Apple is keeping typically tight-lipped about a remote code execution vulnerability it patched in its AirPort router firmware. Last night, Apple released an advisory warning users of the AirPort Express, AirPort Extreme and AirPort Time Capsule base stations that a new firmware was...
5 Vulnerabilities Fixed In Chrome Browser, Google Pays $20K to Bug Hunters
Google is urging Windows, Mac and Linux users to update their Chrome browser to fix five security holes – two which rate as high severity. Google warned users of the vulnerabilities Wednesday as it released a new version, 50.0.2661.102, of the browser. The Chrome security holes were found by four...
Adobe Patches 95 Vulnerabilities in Acrobat, Reader, Warns of Flash Zero Day
Adobe rolled out security updates for three of its products on Tuesday, including 95 fixes it pushed for Acrobat, Reader, and ColdFusion. Users will have to wait until later this week, however, to patch a critical vulnerability that exists in Flash Player. It may only be a matter of time until th...
Broken IBM Java Patch Disclosure
Update For the second time in two weeks, researchers have discovered a three-year-old broken patch for a vulnerability in IBM’s Java SDK implementation. The flaw allows for an attacker to execute code outside the Java sandbox, and still affects current versions of IBM SDK, 7 and 8, released in...
Latest Flash Zero Day Being Used to Push Ransomware
Exploits for a zero-day vulnerability in Adobe Flash Player are being aggressively distributed in two exploit kits. The zero day, meanwhile, was patched by Adobe in an emergency update released Thursday night. Attackers are using the previously unpatched flaw in the maligned Flash Player to infec...
Caution Urged over Patched Windows USB Driver Flaw
USB-related vulnerabilities make people nervous; you need look no further than Stuxnet and BadUSB to see the dangers associated with infected portable storage devices and peripherals. Yesterday, Microsoft patched a flaw in the Windows USB Mass Storage Class Driver that could put some people on...
Magnitude of glibc Vulnerability Coming to Light
Not since Stagefright have we had a vulnerability with the scale and reach of the glibc flaw disclosed on Tuesday. “It’s pretty bad; you don’t get bugs of this magnitude too often,” said Dan Kaminsky, researcher, cofounder and chief scientist at White Ops. “The code path is widely exposed and...
Cisco MiniUPnP Stack Smashing Protection Attack
The Internet of Things security challenge is twofold: finding bugs, and more urgent—fixing them. Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP that was patched in September of last year. The...
Google Plans to End Chrome for 32-bit Linux, Releases Chrome 47
Google announced this week it will end Chrome support for older, 32-bit Linux distributions early next year and will maintain the browser on more popular distributions of the software. Specifically Google plans to stop pushing updates and security fixes to those running Chrome on 32-bit Linux,...
August 2015 Apple QuickTime Security Patches
Apple on Thursday pushed out a new version of QuickTime for Windows that patched nine vulnerabilities, including a handful reported Aug. 13 by Cisco Talos and Fortinet researchers. All five flaws, if exploited, could lead to a crash of the media player or code execution in some cases, Apple said ...
Details Surface on Patched Sandbox Violation Vulnerability in iOS
Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app. The issue, which was present in versions of iOS prior to 8.4.1, stems from a vulnerability with...
May 2015 Adobe Flash, Reader, Acrobat Security Updates
Adobe today released sizable updates for Flash Player, Reader and Acrobat, patching 18 and 34 vulnerabilities respectively in the software. None of the vulnerabilities in any of the three products, Adobe said, are being publicly exploited. The Flash Update for Windows, Mac OS X, and Linux patches...
OpenSSL Patches High Severity DOS Vulnerability
Hold the logo and the dedicated website; the anticipated high-severity OpenSSL vulnerability is serious, but it’s no Heartbleed or POODLE. As it turns out, the bug is a denial-of-service condition that affects only version 1.0.2 of the ubiquitous crypto library. A dozen other vulnerabilities nine...
Adobe Patches One Zero Day in Flash, Still Investigating Separate Vulnerability
UPDATE–Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The...
Citadel Variant Targets Password Managers
The Citadel Trojan has once again branched out beyond its roots as banking malware and is now targeting the master passwords guarding major password management products. Researchers from IBM Trusteer today said they’ve notified makers of the nexus Personal Security Client, Password Safe and KeePa...
Leahy Introduces Bill to End Bulk Call Record Collection
Sen. Patrick Leahy has introduced an updated, tougher version of the USA FREEDOM Act that would end the bulk collection of data under Section 215 of FISA and also would require the appointment of a panel of special legal advocates who would represent the interests of individual privacy and civil...
July 2014 Microsoft Patch Tuesday Security Bulletins Updates
Tomorrow’s regularly scheduled patch update from Microsoft includes – go figure – another cumulative rollup for Internet Explorer and a critical fix for a Windows remote code execution bug. More of the same for sure, but there’s another bug being patched that may merit moving up a rung on your li...
Former NSA Officials Detail Failures of Agency Programs in Letter to Obama
In the weeks and months leading up to 9/11, the National Security Agency had been working on a new information-gathering and analysis system known as THINTHREAD, a system that was built in-house and was meant to replace the uncountable number of stand-alone collection systems and attendant...
Metasploit Exploit Module for IE Zero-Day Vulnerability
It’s been 14 days since Microsoft issued an advisory and temporary mitigation for a zero-day vulnerability in Internet Explorer, one being actively exploited in the wild and called by some experts as severe a browser bug as you can have. Yet users have since had little more to shield them from...
Researchers Find Stuxnet Older Than Previously Believed
Researchers on Tuesday said they have proof the Stuxnet worm used to cripple Iran’s nuclear program has been in the wild two years longer than first believed. There’s also now evidence the military-grade malware’s origins date back to 2005, and possibly earlier. According to an 18-page report,...
Adobe Recommends Protected View as Temporary Zero Day Mitigation
Adobe released an advisory yesterday suggesting a manual mitigation for zero-day vulnerabilities in its Reader and Acrobat products that are being actively exploited in the wild. The exploit is the first sandbox escape in Adobe Reader X and above. FireEye, which reported the vulnerability to Adob...