15946 matches found
Conti Ransomware Gang Has Full Log4Shell Attack Chain
The Conti ransomware gang, which last week became the first professional crimeware outfit to adopt and weaponize the Log4Shell vulnerability, has now built up a holistic attack chain. The sophisticated Russia-based Conti group – which Palo Alto Networks has called “one of the most ruthless” of...
Smishing: Put Text-Based Phishing on the CISO Radar
Anyone who uses a smartphone has likely been the target of at least one smishing attack. Smishing is much like email phishing scams, but instead sends deceptive or malicious links through text messages. Like phishing, smishing tries to trick users into giving up valuable information, such as...
TurkeyBombing Puts New Twist on Zoom Abuse
Millions of family and friends, forced to spend Thanksgiving socially distant, are being targeted by cybercriminals as they turn to video platforms like Zoom to virtually be together. In this ongoing attack, cybersecurity experts warn, victims are targeted with a Zoom-related and...
Critical Remote Code-Execution Bugs Threaten Global Power Plants
Siemens industrial equipment commonly found in fossil-fuel and large-scale renewable power plants are riddled with multiple security vulnerabilities, the most severe of which are critical bugs allowing remote code-execution. The affected product is SPPA-T3000, a distributed control system used fo...
Cisco Patches 13 High-Severity Router and Switch Bugs
Cisco Systems released patches for 29 bugs Wednesday that addressed flaws in a wide range of its products including routers and switches running the IOS XE networking software. Thirteen of the vulnerabilities revealed are rated high severity. The bulk of the high-severity vulnerabilities are tied...
Telegram CEO Fingers China State Actors for DDoS Attack
The chief executive of secure messaging app Telegram is pointing the finger squarely at China as the culprit responsible for the distributed denial of service DDoS attack that it suffered on Wednesday. The company announced the attack on Twitter, warning that users may be experiencing connection...
440 Million Android Users Plagued By Extremely Obnoxious Pop-Ups
Over 440 million Android phones have been exposed to an obnoxious advertising plugin hidden within hundreds of popular applications available via Google Play, which ultimately can render phones almost unusable. Lookout Research discovered the plugin being bundled with 238 unique applications that...
MuddyWater APT Hones an Arsenal of Custom Tools
An array of customized attack tools are helping the MuddyWater advanced persistent threat APT group to successfully exfiltrate data from its governmental and telco targets in the Middle East; an analysis of this toolset reveals a moderately sophisticated threat actor at work – with the potential ...
Facebook Boots 74 Cybercrime Groups From Platform
Facebook has booted more than 70 cybercrime groups off its platform that were peddling illicit services – from email spamming tools to stolen credentials and payment information sales – in plain sight. Researchers said a simple search on Facebook for keywords like “spam,” “CVV” or more returned...
Modern Defenders Share, Visualize and Succeed
TENERIFE, Spain – Network defenders who rely solely on lists of assets to protect are running a fool’s errand. Instead, it’s crucial to think in graphs to not only visualize threats, but also to understand network edges, and dependencies between assets and accounts in order to be able to capture...
Windows Error Reporting Used to Find Advanced Exploits
Windows Error Reporting, also known as Dr. Watson reports, are Windows crash reports sent by default unencrypted to Microsoft, which uses them to fix bugs. The reports are rich with system data that Microsoft also uses to enhance user interaction with its products. Since, however, they are sent i...
Microsoft App Store Sizzling with New ‘Electron Bot’ Malware
A backdoor malware that can take over social-media accounts – including Facebook, Google and Soundcloud – has infiltrated Microsoft’s official store by cloning popular games such as Temple Run or Subway Surfer. The backdoor, dubbed Electron Bot, gives attackers complete control over compromised...
Twitch Leak Included Emails, Password: Researcher
Twitch users, if you haven’t changed your password yet, go. Now. Do it. 101321 08:45 UPDATE: Your email and password may already have been leaked – unhashed and unencrypted, though it’s not known if the one Twitch set of Twitch credentials are from an internally or externally facing database...
Adobe Kills 16 Critical Flaws in Acrobat and Reader, Digital Negative SDK
Adobe has fixed 16 critical flaws across its Acrobat and Reader applications and its Adobe Digital Negative DNG Software Development Kit. If exploited, the flaws could lead to remote code execution. Overall, Adobe fixed vulnerabilities tied to 36 CVEs in its regularly-scheduled Tuesday security...
Apple Security Updates Tackle iOS Device Tracking, RCE Flaws
Apple’s latest security fixes, released Tuesday, tackle a wide range of bugs, including several patches for high-risk flaws that could allow for remote code execution RCE. Of particular interest to privacy-minded iPhone 11 users is an iOS 13.3.1 update that allows users to turn off U1...
Microsoft Patches ‘Major’ Crypto Spoofing Bug
A major crypto-spoofing bug impacting Windows 10 users has been fixed as part of Microsoft’s January Patch Tuesday security bulletin. The vulnerability could allow an attacker to spoof a code-signing certificate, vital to validating executable programs in Windows, and make it appear as if an...
Foxit PDF Reader Vulnerable to 8 High-Severity Flaws
Patches are available for eight high-severity flaws impacting the popular PDF software Foxit Reader. The bugs, which exist on Windows versions of the software, enable a remote attacker to execute arbitrary code on vulnerable systems. This week, Foxit Software, the company behind Foxit Reader,...
Thousands of PCs Affected by Nodersok/Divergent Malware
New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said. The fileless threat—called Nodersok by Microsoft and Divergent by Cisco Talos—has many of its own...
Police Use of Facial Recognition is Just Fine, Say Most Americans
Despite the appetite for dystopian surveillance dramas on TV and in film, most Americans actually do trust law enforcement to not abuse facial recognition technology, according to a new survey. According to the Pew Research Center, a full 56 percent said that they trust police and officials to us...
DEF CON 2019: Delta ICS Flaw Allows Total Industrial Takeover
A serious vulnerability in a commonly used Delta industrial control system has been found that could allow malicious actors on the same network complete control of the operating system. The Delta enteliBUS Manager centralizes control for various pieces of hardware often found in corporate or...
Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution
Cisco is warning of critical remote code-execution RCE vulnerabilities in the Cisco Prime Infrastructure PI and Evolved Programmable Network EPN Manager, which is used by telcos, mobile carriers, cable companies and ISPs to manage their hardware infrastructure. The vendor also issued estimated...
Microsoft Patches Three Vulnerabilities Under Attack
Microsoft today patched a zero-day Word vulnerability that has been publicly attacked along with deploying fixes for Internet Explorer, Microsoft Edge and Windows 10. In all, nine Microsoft products received updates totaling 45 unique CVEs. Three of the vulnerabilities among Tuesday’s updates,...
Microsoft Patches Critical Bug in Windows TCP/IP Stack
Microsoft has patched a serious vulnerability in the Windows TCP/IP stack that, under some conditions, could enable an attacker to run code on remote machines. The flaw lies in the way that the stack handles large amounts of specially formatted packets sent to a vulnerable machine. Microsoft...
Critical ManageEngine Desktop Server Bug Opens Orgs to Malware
A critical security vulnerability in the Zoho ManageEngine Desktop Central and Desktop Central MSP platforms could allow authentication bypass, the company has warned. The bug CVE-2021-44757 could allow a remote user to “perform unauthorized actions in the server,” according to the company’s Mond...
Cybercrooks Rake in $304M in Romance Scams
Romance scams remain the most successful fraud strategy for cybercrooks, and represents a growing sector, according to the Federal Trade Commission. Last year, romance schemes accounted for a record $304 million raked into illicit coffers, according to new data – up about 50 percent from 2019...
Wind River ‘Security Incident’ Affects SSNs, Passport Numbers
Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the...
Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline
UPDATE The virulent malware known as Emotet – one of the most prolific malware strains globally – has been dealt a blow thanks to a takedown by an international law-enforcement consortium. Meanwhile, the NetWalker ransomware has also been subjected to partial disruption, according to the U.S...
Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms
Google Project Zero researcher Natalie Silvanovich outlined what she believes is a common theme when it comes to serious vulnerabilities impacting leading chat platforms. The research, published Tuesday, identifies a common denominator within chat platforms, called “calling state machine”, which...
Dexphot Malware Hijacks 80K+ Devices to Mine Cryptocurrency
Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Researchers first discovered Dexphot in October 2018 and saw its activity peak during July. They said that the malware has a complex attack chain and...
Chrome Bug, Not Avid Software, Causes Damage to MacOS File Systems
Researchers have tracked a problem that caused corruption to the file systems of macOS users to a bug in a Google Chrome update after users originally feared it was a problem with Avid Media Composer. People using the Avid software for video editing on macOS platforms posted warnings Tuesday on...
HTTP Bugs Open Websites to DoS Attacks
Eight bugs in the implementation of HTTP/2, the most recent version of the HTTP protocol, can be exploited to launch denial of service attacks. The flaws were found in vendor server configurations ranging from Amazon, Google, Microsoft and Apache. Bugs are similar in nature and can be exploited b...
Data Breach Exposes 100K U.S. Traveler Photos, License Plates
UPDATE The U.S. Customs and Border Protection said that a recent data breach exposed photos of the faces and license plates for more than 100,000 travelers driving in and out of the country. The department said Monday that the breach stemmed from an attack on a federal subcontractor. Customs and...
IoT Scale Flaws Enable Denial of Service, Privacy Issues
Here is an internet of things flaw that can tip the scales to a hacker’s advantage. Researchers have discovered a bevy of flaws in a consumer smart scale that could allow hackers to launch a variety of attacks, from man-in-the-middle to denial of service attacks. Checkmarx researchers reported th...
Wekby APT 18 Exploiting Hacking Team Flash Zero Day
The Wekby APT group, implicated in a number of targeted attacks against health care organizations such as Community Health Systems and major pharmaceutical companies, is reportedly making use of the Adobe Flash Player zero-day found in the Hacking Team data dump. According to Virginia-based...
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign that resulted in 9,931 accounts at over 130 organizations being compromised. The campaigns are tied to focused abuse of identity and access management firm Okta, which gained the threat actors the 0ktapus...
Intel Squashes High-Severity Graphics Driver Flaws
Intel has issued fixes for five high-severity vulnerabilities in its graphics drivers. Attackers can exploit these flaws to launch an array of malicious attacks – such as escalating their privileges, stealing sensitive data or launching denial-of-service attacks. The graphics driver is software...
Google Play Apps Remain Vulnerable to High-Severity Flaw
UPDATE Researchers are warning that several popular Google Play applications – including mobile browser app Edge – have yet to push out an important update addressing a high-severity vulnerability in the Google Play Core Library. The vulnerability exists in Google Play Core Library, which is...
Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials
A new phishing campaign can bypass multi-factor authentication MFA on Office 365 to access victims’ data stored on the cloud and use it to extort a Bitcoin ransom or even find new victims to target, security researchers have found. Researchers at Cofense Phishing Defense Center discovered the...
Critical Adobe Flaw Fixed in Out-of-Band Security Update
Adobe has released an out-of-band patch for a critical vulnerability in its Creative Cloud Desktop Application for Windows. The flaw can be exploited by an attacker to delete specific arbitrary files on the victim’s system. Creative Cloud acts as a central console for desktop users to quickly...
New JhoneRAT Malware Targets Middle East
Researchers are warning of a new remote access trojan RAT, dubbed JhoneRAT, which is being distributed as part of an active campaign, ongoing since November 2019, that targets victims in the Middle East. Once downloaded, the RAT gathers information on the victims’ computers and is also able to...
iPhone Zero-Days Anchored Watering-Hole Attacks
A total of 14 iPhone vulnerabilities – including two that were zero-days when discovered — have been targeted by five exploit chains in a watering hole attack that has lasted years. The watering holes deliver a spyware implant that can steal private data like iMessages, photos and GPS location in...
Gen Z Interns and Social Media: A Perfect Security Storm
Researchers are warning of a new security Achilles’ heel for enterprises, and it may not be what they expect. That threat is interns. According to researchers, interns are unwittingly posting confidential and valuable company insights via social media that pose a security risk to the companies th...
Intel Fixes Critical, High-Severity Flaws Across Several Products
Intel has issued an updated advisory for more than 30 fixes addressing vulnerabilities across various products – including a critical flaw in Intel’s converged security and management engine CSME that could enable privilege-escalation. The bug CVE-2019-0153 exists in a subsystem of Intel CSME,...
Osiris Banking Trojan Displays Modern Malware Innovation
After staying dormant for few years, the Kronos banking trojan resurfaced in July in a form dubbed Osiris. A wider analysis of how the banking trojan is evolving shows innovative development on the part of its authors, with an eye to broader malware trends. Osiris first appeared in July in three...
Thousands of MikroTik Routers Hijacked for Eavesdropping
A full 7,500+ MikroTik routers are forwarding their owners’ traffic to eavesdropping cybercriminals – while 239,000 more have had their Socks4 proxy enabled, maliciously and surreptitiously. This means the bad actors can gain access to any of the files or data being passed by the router to and fr...
CGI Script Vulnerability 'Httpoxy' Allows Man-in-the-Middle Attack
An old scripting vulnerability that impacts a large number of Linux distributions and programing languages allows for man-in-the-middle attacks that could compromise web servers. The vulnerability, which affects many PHP and CGI web-apps, was revealed Monday in tandem with the release of a bevy...
Microsoft Silverlight Zero Day Vulnerability Patched
Microsoft Silverlight vulnerabilities certainly don’t have the same hacker cred as bugs in Adobe Flash, for example, but nonetheless, that does not diminish their value, nor does that mean they should be ignored. Microsoft patched a critical flaw in the application framework on Tuesday, and...
Five OAuth Bugs Lead to Github Hack
A Russian security researcher was able to take five low severity OAuth bugs in the coding site Github and string them together to create what he calls a “simple but high severity exploit” that gave him unfettered access to users’ private repositories. Bangkok-based researcher Egor Homakov –...
Another Destructive Wiper Targets Organizations in Ukraine
Researchers have discovered yet another destructive data-wiping malware targeting organizations in Ukraine, the third to be found in as many weeks attacking systems in the country that’s currently defending itself against a Russian physical invasion. A team from cybersecurity firm ESET on Monday...
Novel Attack Turns Amazon Devices Against Themselves
UPDATE Researchers from the University of London and the University of Catania have discovered how to weaponize Amazon Echo devices to hack themselves. The – dubbed “Alexa vs. Alexa” – leverages what the researchers called “a command self-issue vulnerability”: using pre-recorded messages which,...