15946 matches found
Google Calendar Attacks Target Unwitting Mobile Users
UPDATE A sophisticated cyberattack is targeting Gmail users through fraudulent, unsolicited Google Calendar notifications. The campaign takes advantage of a common default feature for people using Gmail on their smartphone: Calendar invites automatically pop up on phones, prompting users to accep...
Critical Adobe Flash, ColdFusion Vulnerabilities Patched
Adobe has issued fixes for critical flaws in Adobe Flash and ColdFusion that could lead to arbitrary code execution if exploited. Overall, Adobe patched 11 vulnerabilities across Adobe Flash, Adobe ColdFusion and Adobe Campaign – including five critical flaws – during its regularly-scheduled...
Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched
Microsoft is unlikely to patch a zero-day vulnerability in an older version of its Internet Information Services IIS webserver that’s been publicly attacked since last July and August. Two researchers from the South China University of Technology in Guangzhou posted a proof-of-concept exploit for...
Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers
Looking to cyber-hassle Russia, Ukrainian sympathizers? Be careful — malware is making the rounds, disguised as a pro-Ukraine cyber-tool that will turn around and bite you instead, researchers are warning. In a Wednesday threat advisory, Cisco Talos described a campaign it’s observed in which a...
Gaming Giant Capcom Hit By Ragnar Locker Ransomware: Report
Video game giant Capcom has reportedly been hit by a ransomware attack that affected access to certain systems – including email and file servers – and encrypted 1 terabyte TB of sensitive data. The Japanese video game developer and publisher has developed a number of multi-million selling game...
RCE Exploit Released for IBM Data Risk Manager
UPDATED Four serious security vulnerabilities in the IBM Data Risk Manager IDRM have been identified that can lead to unauthenticated remote code execution RCE as root in vulnerable versions, according to analysis – and a proof-of-concept exploit is available. IBM weighed in on the problem this...
Dell Patches SupportAssist Flaw That Allows Arbitrary Code Execution
Dell has patched a high-severity flaw in its SupportAssist software that could allow an attacker to execute arbitrary code with administrator privileges on affected computers. The flaw, an uncontrolled search path vulnerability that is being tracked as CVE-2020-5316, could allow a locally...
DHS Warning: Small Aircraft are Ripe for Hacking
The Department of Homeland Security issued an alert Tuesday warning that small aircraft are vulnerable to hackers that can gain physical access to a plane. It warned that a hacker can easily manipulate aircraft telemetry data, which can result in loss of control of the airplane. The bulletin was...
Consumers Urged to Junk Insecure IoT Devices
More than 2 million connected security cameras, baby monitors and other IoT devices have serious vulnerabilities that have been publicly disclosed for more than two months – yet they are still without a patch or even any vendor response. Security researcher Paul Marrapese, who disclosed the flaws...
‘PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics
Researchers have discovered nine vulnerabilities – collectively dubbed PwnedPiper – in the pneumatic tube systems PTS used in more than 80 percent of major hospitals in North America. The bugs, in Swisslog Healthcare’s Translogic PTS, include hard-coded passwords, unencrypted connections and...
90% of Enterprise iPhone Users Open to iMessage Spy Attack
Over 90 percent of Apple iPhone users — consumer and enterprise — are still vulnerable to bugs in iOS that can be remotely exploited without any user interaction via the iMessage client. These could reveal pictures, videos, notes, PDFs and so on stored on the phone. Though Apple has fully patched...
Max-Severity Bug in Infusion Pump Gateway Puts Lives at Risk
Researchers have disclosed two separate vulnerabilities within the Becton Dickinson Alaris Gateway Workstation for medical infusion pumps in hospitals, one carrying a critical rating of 10 out of 10 on the CVSS v.3 severity scale. Alaris Gateway Workstations power, monitor and control infusion...
News Wrap: Amazon Echo Privacy, Facebook FTC Fines and Biometrics Regulation
Data privacy has been an outstanding theme this past week, and the Threatpost team discussed the biggest privacy related news. In the news wrap podcast for April 26, the team discussed the backstories behind several reports from the week, including: Facebook potentially facing Federal Trade...
‘Appalling’ Riot Games Job Fraud Takes Aim at Wallets
Riot Games, the developer behind League of Legends, has filed a California lawsuit against scammers, whose identities aren’t yet known, for ripping off job seekers with the promise of a gig with the company. Usually early in their careers and eager for a chance with a gaming company like Riot, jo...
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
Critical security vulnerabilities in SonicWall’s Secure Mobile Access SMA 100-series VPN appliances could allow an unauthenticated, remote user to execute code as root. The SMA 100 line was created to provide end-to-end secure remote access to corporate resources, be they hosted on-prem, cloud or...
Tutor LMS for WordPress Open to Info-Stealing
Security vulnerabilities in Tutor LMS, a WordPress plugin installed on more than 20,000 sites, open the door to information theft and privilege escalation, according to researchers. Tutor LMS is a learning-management system for educators that allows them to digitally reach their students. It...
TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior
A new privacy feature in Apple iOS 14 sheds light on TikTok’s practice of reading iPhone users’ cut-and-paste data, even though the company said in March it would stop. Apple added a new banner alert to iOS 14 that lets users know if a mobile app is pasting from the clipboard and thus able to rea...
'5G is Coming,' But Can the Security Industry Keep Up?
THE HAGUE, Netherlands – With the advent of 5G, the tech community is bracing itself for new applications like self-driving cars and other IoT applications. But what does that mean for the security landscape? At the GSMA Mobile 360 Conference taking place this week in the Netherlands, experts she...
Breached Credentials Used to Access Github Repositories
Github is forcing a password reset on some of its users after it detected a number of successful intrusions into its repositories using credentials compromised in other breaches. “This appears to be the result of an attacker using lists of email addresses and passwords from other online services...
On the Hunt for Conficker
There are several ongoing investigations attempting to find the authors of the Conficker botnet, one of the fastest spreading worms in history, but those responsible for the worm have proven elusive. Read the full article. TechTarget...
MacOS Bug Could Let Creeps Snoop On You
Microsoft on Monday released details about a bug in macOS that Apple fixed last month – named “powerdir” – that could let attackers hijack apps, install their own nasty apps, use the microphone to eavesdrop or grab screenshots of whatever’s displayed on your screen. The vulnerability allows...
Crypto Hack Earned Crooks $600 Million
Attackers reportedly stole $600 million from the cryptocurrency platform Poly Network, in what experts say is one of the largest crypto heists to date. Poly Network, a decentralized finance DeFi platform based in China, publicly acknowledged that an attacker “exploited a vulnerability” that allow...
WordPress Patches 3-Year-Old High-Severity RCE Bug
WordPress released a 5.5.2 update to its ubiquitous web publishing software platform. The update patches a high-severity bug, which could allow a remote unauthenticated attacker to take over a targeted website via a narrowly tailored denial-of-service attack. In all, the WordPress Security and...
Citrix Accelerates Patch Rollout For Critical RCE Flaw
Citrix has quickened its rollout of patches for a critical vulnerability CVE-2019-19781 in the Citrix Application Delivery Controller ADC and Citrix Gateway products, on the heels of recent proof-of-concept exploits and skyrocketing exploitation attempts. Several versions of the products still...
Australia Proposes Facial Recognition to Watch Porn
The Australian government has proposed using facial recognition to verify the age of people wanting to access pornography online. Unlike in the U.S., Australian law actually doesn’t prohibit minors from visiting adult sites, so the facial-recognition measure would be part of changing this policy...
AMCA Healthcare Hack Widens Again, Reaching 20.1M Victims
The hack of the American Medical Collection Agency AMCA, a third-party bill collection vendor, continues to expand, now impacting 20.1 million patients across three laboratory services providers. In the wake of revelations that the personal data of 12 million patients from Quest Diagnostics had...
Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware
A Windows living-off-the-land binary LOLBin known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. LOLBins are legitimate, native utilities used daily in various computing environments, that cybercriminals use to evade...
Data from 500M LinkedIn Users Posted for Sale Online
Personal data from more than 500 million LinkedIn users has been posted for sale online in yet another incident of threat actors scraping data from public profiles and slinging it online for potential cybercriminal misuse. Hackers posted an archive containing data they said includes LinkedIn IDs,...
Windows Exploit Released For Microsoft ‘Zerologon’ Flaw
Proof-of-concept PoC exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies’ Active Directory domain controllers DCs. The vulnerability, dubbed “Zerologon,” is a...
Black Hat USA, DEF CON 28 Go Virtual
Cybersecurity conferences Black Hat USA and DEF CON 28 will not be held in person this year due to the coronavirus pandemic. The conferences will both instead be transformed into completely virtualized events. Both back-to-back annual conferences were set to take place in Las Vegas this year; Bla...
ThreatList: Human Error is Behind One Quarter of Data Breaches
One quarter of all data breaches last year were caused by human error. The average cost of all breach in the same time period was $3.92 million, a 1.5 percent increase from the year before. Click to enlarge. That’s according to the 14th annual Cost of a Data Breach report from the Ponemon Institu...
Video: HackerOne CEO on the Evolving Bug Bounty Landscape
The bug bounty landscape continues to change along with the concept and rules around vulnerability disclosure. Meanwhile, companies such as GitHub, Microsoft and others continue to keep pace, launching or expanding bounty programs. Even the European Commission is getting in on the action. On...
Hotmail Limits Passwords to 16 Characters
Passwords, unfortunately, still are the main authentication mechanism on most Web sites, including all of the popular webmail services, such as Hotmail, Gmail and Yahoo Mail. Many sites encourage users to pick complex and long passwords, so it’s surprising to see that Microsoft now has limited...
Win10 Admin Rights Tossed Off by Yet Another Plug-In
It’s not just Razer’s mice and keyboards that gobble up Windows 10’s tip-top, admin-level SYSTEM privileges: A SteelSeries bug also tosses off Windows 10 admin rights if you just plug in a device. … Or, then again, you can save yourself some cash by simply tricking an Android phone into thinking ...
Fiserv Forgets to Buy Domain It Used as System Default
Fiserv, a multi-billion-dollar cybersecurity tech provider for financial institutions, forgot to buy the domain used as a default in their systems’ email communications, according to a report. The blunder could have exposed its clients’ user information to anyone with a few bucks to buy the domai...
Microsoft Addresses 111 Bugs for May Patch Tuesday
Microsoft has released fixes for 111 security vulnerabilities in its May Patch Tuesday update, including 16 critical bugs and 96 that are rated important. Unlike other recent monthly updates from the computing giant this year, none of the flaws are publicly known or under active attack at the tim...
Apache Tomcat Exploit Poised to Pounce, Stealing Files
A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept PoC exploit making an appearance on GitHub. The now-patched bug affects Tomcat versions 7.0, 8.5 and 9.0. According to Flashpoint analysts Cheng Lu and Steven Ouellette, an exploit for...
Software, Supply-Chain Dangers Top List of 5G Cyber Risks
The proliferation of software within 5G networks is one of the top security challenges facing the next generation of mobile networks, according to a report out this week from the European Union. 5G networks are fundamentally different than prior wireless networks in that they are largely...
Google Nest Security Cam Bugs Allow Device Takeover
Multiple vulnerabilities in Google’s Nest Cam IQ connected indoor security camera would allow an attacker on the same network to take over the device, execute code on it and/or take it offline. Nest Labs’ Cam IQ Indoor integrates security-enhanced Linux in Android, Google Assistant and facial...
SEMrush Plugs Remote Code Execution Bug in Its SaaS Platform
UPDATE Search engine optimization and analytics firm SEMrush patched a remote code execution vulnerability that allowed an attacker to send a malicious image to its service and generate a reverse shell, a typical first stage in a cyberattack. Public disclosure of the vulnerability was Monday when...
VLC Player Gets Patched for Two High-Severity Bugs
Maintainers of the popular open-source VLC media player patched two high-severity bugs Friday. The flaws were an out-of-bound write vulnerability and a stack-buffer-overflow bug. Developers behind the software, VideoLAN, said the patches were two of 33 fixes being pushed out to the media player a...
Tips on How to Fight Back Against DNS Spoofing Attacks
The Domain Name System DNS, known as the phone book for the internet, was recently retuned to improve performance as well as include new security provisions to protect against Distributed Denial of Service DDoS attacks. DNS Flag Day drew a line in the sand for noncompliant authoritative DNS serve...
Temporary Patch Released For Adobe Reader Zero-Day
A temporary patch has been released to address a zero-day vulnerability in Adobe Reader that could enable bad actors to steal victims’ hashed password values, known as “NTLM hashes.” 0patch on Monday released a micropatch for the flaw, found in Adobe Reader DC. The vulnerability, which has no...
A guide to the IIS WebDAV vulnerability
Even for the most experienced security professionals, understanding complex attacks and vulnerabilities sometimes can be a serious challenge. A perfect example is the recent Microsoft IIS WebDAV vulnerability, which surfaced last week and has yet to be patched by Microsoft. It’s a complicated...
Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website
Intel is being sued under a Florida state wiretapping law for using software on its website to capture keystrokes and mouse movements of people that visit it. The case is one of many that private citizens have brought against companies to dispute their use of session-replay technology. A...
Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks
Facebook and YouTube profiles are at the heart of an ongoing phishing campaign spreading the Astaroth trojan, bent on the eventual exfiltration of sensitive information. The attack is sophisticated in that it uses normally trusted sources as cover for malicious activities – thus evading usually...
LoudMiner Cryptominer Uses Linux Image and Virtual Machines
An unusual cryptocurrency miner, dubbed LoudMiner, is spreading via pirated copies of Virtual Studio Technology. It uses virtualization software to mine Monero on a Tiny Core Linux virtual machine – a unique approach, according to researchers. Virtual Studio Technology VST is an audio plug-in...
Researcher Exploits Microsoft's Notepad to 'Pop a Shell'
A memory corruption bug in the Microsoft’s Windows Notepad application can be used to open remote shell access – typically a first step for attackers infiltrating a system. The bug was found by Tavis Ormandy, a bug hunter with Google’s Project Zero team. In a tweet he indicated that the bug was...
First 'Clipper' Malware Discovered on Google Play
A malicious app designed to steal cryptocurrency from victims by replacing a wallet address in the phone’s clipboard has been discovered harboring the first “clipper” malware discovered on Google Play, the official Android app store. Usually cryptocurrency-stealers are found on unsanctioned Andro...
Google Patches Critical .PNG Image Bug
Google has patched a critical vulnerability in its current and legacy versions of its Android operating system, which allow an attacker to send a specially crafted Portable Network Graphics .PNG image file to a targeted device and execute arbitrary code. In its February Android Security Bulletin,...