15946 matches found
Mozilla Bug Bounty Program Doubles Payouts, Adds Firefox Monitor
Mozilla is bumping up its bug bounty payouts and has added new websites and services – including the recently deployed Firefox Monitor– to its bug bounty program in hopes of attracting more researchers to sniff out vulnerabilities. The browser-maker is doubling bug bounty payouts for most of its...
Critical Exim Flaw Opens Millions of Servers to Takeover
UPDATE Researchers are urging users to upgrade their Exim servers immediately after millions of servers were found to be vulnerable to a critical flaw that could allow a remote, unauthenticated attacker to take full control of them. Exim, which is free software used on Unix-like operating systems...
Adult Sites Lack Privacy, Open the Door for Harassment and Tracking
An analysis of 22,500 porn sites found that third-party tracking of users is rampant, privacy policies are difficult to understand and a majority fail to implement basic HTTPS encryption. In all, it’s a recipe for enabling sexual violence and shaming, according to an academic paper released this...
New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants
Intel’s new ninth-generation CPUs come packed with hardware-based protections against two variants of the infamous Meltdown and Spectre speculative execution attacks. The ninth-generation desktop Core processors are dubbed Coffee Lake, and became available for preorder on Tuesday. they’re built t...
Dridex Banking Trojan Spreading Via Macros in XML Files
Not long ago, criminals pushing the Dridex banking Trojan were using Microsoft Excel documents spiked with a malicious macro as a phishing lure to entice victims to load the malware onto their machines. Even though macros are disabled by default inside most organizations, the persistent hackers a...
Microsoft Online Services Bug Bounty Program Launches
Microsoft had always rejected the possibility of a full-scale bug bounty, relying instead on solid relationships it spent the better part of a decade fostering with researchers worldwide who submit vulnerabilities to the Microsoft Security Research Center MSRC. Yet in the past couple of years, th...
Attackers Target Intuit Users by Threatening to Cancel Tax Accounts
Just in time for tax season, Intuit is warning customers of a phishing campaign that threatens to close user accounts if they don’t click on a malicious link. The attacks on the accounting-software specialist that many people use for filing U.S. income tax forms comes as phishers overall are...
Feds Told to Better Manage Facial Recognition, Amid Privacy Concerns
Though the federal government widely uses facial recognition for various uses from criminal investigations to collecting traveler data, this use is largely unmonitored and unmanaged — a scenario that must change to protect people’s privacy and avoid inaccurate identification of perpetrators, a...
Verizon: Pandemic Ushers in ⅓ More Cyber Misery
Thanks for just showing up, said the team that cranked out the Verizon 2021 Data Breach Investigations Report DBIR. It’s quite the accomplishment that we all made it through the “often frightening and always unpredictable dystopian wasteland that was 2020,” the carrier noted, with cybersecurity...
Google Warns of Critical Android Remote Code Execution Bug
Google has fixed two critical bugs affecting its Android handsets. The more serious flaws exists in the Android System component and allow remote attackers to execute arbitrary code. The two critical vulnerabilities are part of Google’s January Android security bulletin, released Monday. The...
Vastaamo Breach: Hackers Blackmailing Psychotherapy Patients
Cybercriminals have hacked the systems of psychotherapy giant Vastaamo – and are now reaching out to therapy patients, threatening to dump their patient files if they do not pay a ransom. Finland-based Vastaamo, which has more than 40,000 psychotherapy patients, said on its website that its...
Ransomware Group Makes Splashy $20K Donation to Charities
The Darkside ransomware group has distinguished itself from its cybercriminal counterparts not by technical innovation, but by slapping a shiny corporate veneer on its attacks. The latest evolution in Darkside’s ransomware-as-a-corporation gimmick is a hefty $20,000 donation that the group made...
MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer
A hacking forum this week published details of more than 10.6 million guests who stayed at MGM Resorts, the result of a breach due to unauthorized access to a cloud server that occurred at the famous Las Vegas hotel and casino last summer. The incident—revealed in a published report on ZDNet...
EFF Talks the Corporate Surveillance of Consumers
You can’t protect your privacy if you don’t know how it’s being violated. That’s the essence of a report by the Electronic Frontier Foundation that shines a bright disinfecting light on how corporations are collecting data on consumers. Think Facebook-like data collection on steroids and you begi...
Magecart Groups Attack Simultaneous Sites in Card-Theft Frenzy
In an interesting development on the financial cybercrime scene, different Magecart groups have been spotting stepping over each other and attacking the same sites. Magecart is an umbrella term encompassing several different threat groups who all use the same modus operandi: They compromise...
Fake iOS Jailbreak Site Lures in Apple Users
Bad actors are taking advantage of a recently-disclosed iOS bug with a fake website claiming to give iPhone users the ability to jailbreak their phones. In reality, researchers warn, the site ultimately enables attackers to conduct click fraud. A jailbreak, a method to escape Apple’s limitations ...
Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign
Bad actors are actively targeting a vulnerability in the Windows version of Apple iTunes to deliver BitPaymer/iEncrypt ransomware. It’s a new attack pattern that is difficult to detect, security researchers revealed Thursday. Researchers from Morphisec Labs in August identified the abuse of the...
Android Ransomware Spreads Via 'Sex Simulation Game' Links on Reddit, SMS
Researchers are warning of a new Android ransomware being spread via links in online forums and SMS messages. The malicious links purport to connect back to a sex simulation game, but in reality lead to ransomware that encrypts victims’ files. The Android ransomware, dubbed Android/Filecoder.C, h...
Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted
Two firmware vulnerabilities impacting Lenovo, Acer and five additional server brands allow adversaries to brick servers, run arbitrary code on targeted systems and maintain a persistent foothold – surviving even an operating system reinstallation. The bugs are tied to Gigabyte motherboards used ...
RSAC 2019: An Antidote for Tech Gone Wrong
SAN FRANCISCO – Tech innovation can move faster than its own good might dictate, often leaving the public interest as an afterthought. Take, for example, hot-button topics such as artificial intelligence, network neutrality and social network user privacy – and consider the ensuing debates. The...
Ultra-Sneaky Phishing Scam Swipes Facebook Credentials
A new phishing attack bent on stealing Facebook credentials has been spotted – and it’s turning researchers’ heads due to how well it hides its malicious intent. Researchers with password management company Myki on Thursday said that attack reproduces a social login prompt in a “very realistic...
Kronos Banking Trojan Surfaces After Years of Silence
The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying code and are actively targeting victims in Germany, Japan and Poland. The latest variant has incorporated a new command-and-control feature designed to work with the Tor...
Apple Patches Actively Exploited Zero-Day in iOS, MacOS
Apple patched a zero-day flaw on Monday, found in both its iOS and macOS platforms that’s being actively exploited in the wild and can allow attackers to take over an affected system. The memory-corruption flaw, tracked as CVE-2021-30807, is found in the IOMobileFrameBuffer extension which exists...
Leaked Details of 142 Million MGM Hotel Guests Found for Sale on Dark Web
Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the Dark Web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. An advertisement on a hacker forum has put 142,479,937 details...
Variant of Paradise Ransomware Targets Office IQY Files
A new variant of the Paradise ransomware attacks rarely-targeted Microsoft Office Excel IQY files, providing a new and relatively inobtrusive way to infiltrate and hijack an organization’s network, researchers have found. Lastline Labs’ James Haughom discovered the variant in December in a spam...
Emotet Now Hacks Nearby Wi-Fi Networks to Spread Like a Worm
A newly uncovered Emotet malware sample has the ability to spread to insecure Wi-Fi networks that are located nearby to an infected device. If the malware can spread to these nearby Wi-Fi networks, it then attempts to infect devices connected to them — a tactic that can rapidly escalate Emotet’s...
High-Severity Windows UAC Flaw Enables Privilege Escalation
Researchers disclosed details of a high-severity Microsoft Windows vulnerability that could give attackers elevated privileges – ultimately allowing them to install programs, and view, change or delete data. The bug stems from User Account Control UAC, a security feature of Windows within Secure...
DEF CON 2019: 35 Bugs in Office Printers Offer Hackers an Open Door
LAS VEGAS — At least 35 significant vulnerabilities in six commonly used enterprise printers have been uncovered, manufactured by HP, Ricoh, Xerox, Lexmark, Kyocera and Brother. The bugs will be presented by NCC Group at a DEF CON session entitled “Why You Should Fear Your Mundane Office Equipmen...
Bug in NVIDIA’s Tegra Chipset Opens Door to Malicious Code Execution
A flaw impacting millions of mobile and internet of things IoT devices running NVIDIA’s Tegra processor opens the door for a variety of attacks, including device hijacking or siphoning of data. The warning comes from researcher Triszka Balázs, who discovered the flaw and asserts that the bug...
Turla APT Returns with New Malware, Anti-Censorship Angle
The Turla APT has revamped its arsenal in 2019, creating new weapons and tools for targeting government entities. It’s now using booby-trapped anti-internet censorship software as an initial infection vector, suggesting Turla is going after dissident or other civil-society targets. The...
Hackers Abuse Google Cloud Platform to Attack D-Link Routers
Hackers have been abusing Google’s cloud computing service to redirect and intercept web and mail traffic on an array of vulnerable consumer routers. A researcher said that he has seen the Google Cloud Platform being abused to carry out three separate waves of DNS hijacking attacks over the past...
Microsoft Ships Anti-Exploit Tool for IT Admins
LAS VEGAS — Microsoft today released a new tool to help IT administrators backport anti-exploit mitigations like ASLR Address Space Layout Randomization and DEP Data Execution Prevention to older versions of Windows. The tool, called Enhanced Mitigation Experience Toolkit EMET works by applying...
Patch Tuesday: Microsoft Kills Pwn2Own Browser Bug
The Microsoft Patch Tuesday train rolled into town today, dropping off a massive 10 security bulletins with fixes for at least 34 documented vulnerabilities. Three of the bulletins are rated “critical” because of the risk of remote code execution attacks. Affected products include the Windows...
How Assumptions May Be Making Us All Less Secure
In the space of a given year, untold thousands of vulnerabilities are found in operating systems, applications and plug-ins. In many cases, the affected vendors fix the flaws, either with a patch, a workaround or some other mitigation. But there’s also a huge population of security bugs that...
Multi-Ransomwared Victims Have It Coming–Podcast
You hate to blame the victim, but the fact of the matter is that businesses are just asking to get whacked with ransomware multiple times. A recent study of IT leaders from cloud-native network detection and response firm ExtraHop shows that businesses aren’t even aware of the “attack me,” “easy...
Russia Leaks Data From a Thousand Cuts–Podcast
Information about nuclear plants and air force capabilities. Conti ransomware gang crooks conjecturing that the National Security Agency NSA was maybe behind the mysterious, months-long TrickBot lull. Doxxed data about 120K Russian soldiers. Those are just some of the sensitive, valuable data...
Microsoft Teams: Very Bad Tabs Could Have Led to BEC
Attackers could have stepped through a yawning security hole in the Microsoft Teams chat service that would have let them masquerade as a targeted company’s employee, by reading and sending email on their behalf. On Monday, Tenable’s Evan Grant explained in a post that he found the bug in Microso...
Hades Ransomware Gang Exhibits Connection to Hafnium
The Hades ransomware gang has several unique characteristics that set it apart from the rest of the pack, according to researchers – including potentially having more than extortion on the to-do list. The group appears to use multiple nation-state tools and techniques. The researchers said that i...
Fake Forcepoint Chrome Extension Hacks Windows Users
Cybercriminals have been using a novel approach to exfiltrate data that involves directly injecting malicious Google Chrome extensions onto victims’ Windows machines via the abuse of Google’s cloud synching function. The goal of the recently-identified campaign is to manipulate data in internal w...
APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies
China-backed APT Cicada joins the list of threat actors leveraging the Microsoft Zerologon bug to stage attacks against their targets. In this case, victims are large and well-known Japanese organizations and their subsidiaries, including locations in the United States. Researchers observed a...
U.S. Agencies Must Adopt Vulnerability-Disclosure Policies by March 2021
The U.S. government’s cybersecurity agency is now requiring federal agencies to implement vulnerability-disclosure policies VDPs, which would give ethical hackers clear guidelines for submitting bugs found in government systems, by next March. Currently, most federal agencies lack a formal...
Two Zoom Zero-Day Flaws Uncovered
UPDATE Two zero-day flaws have been uncovered in Zoom’s macOS client version, according to researchers. The web conferencing platform vulnerabilities could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera. As of Thursday, the two...
Adobe Patches Critical Bugs in Illustrator, Media Encoder
Adobe Systems is warning Illustrator 2019 users that two critical memory-corruption vulnerabilities could allow for an attacker to remotely connect to a Windows machine, execute code and gain control of the targeted system. The create-suite behemoth also warned Tuesday, as part of its regular...
Cerberus Enters the Android Malware Rental Scene
A never-before-seen Android banking trojan, dubbed Cerberus, is being rented out on underground forums by a threat group that likes to engage with the defense community publicly via Twitter. According to a Tuesday posting from ThreatFabric, Cerberus isn’t based on the leaked Anubis source code th...
Cisco Finally Patches Router Bugs As New Unpatched Flaws Surface
After a botched first attempt at patching two high-severity bugs affecting its RV320 and RV325 routers, Cisco Systems is out with fresh new fixes for both devices. However, Cisco isn’t out of the woods yet. On Thursday, it also reported two new medium-severity router bugs impacting the same route...
Operation b54 Knocks 1,000+ Citadel Botnets Offline
UPDATE – Calling it the company’s “most aggressive” botnet operation operation to date, Microsoft has joined with the FBI for a massive disruption of the Citadel botnet. More than 1,400 individual botnets associated with the Citadel malware affecting more than five million people in total were...
Alureon Rootkit Morphs Again, Adds Steganography
The Alureon rootkit has become not just a major headache for its victims, with its insidious infection routines and persistence once on a machine. But it also has proved to be a challenge for researchers engaged in trying to identify new versions and unwind its new tactics and techniques. The...
Microsoft issues Advisory on ASP.NET Hole
Microsoft has issued a security advisory for a recently disclosed vulnerability in the ASP.NET that could leave millions of Web pages vulnerable to attack. The company on Friday released Security Advisory 2416728 addressing the ASP.NET security hole, which was first disclosed by researchers at th...
Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups
The WordPress plug-in “UpdraftPlus” was patched on Wednesday to correct a vulnerability that left sensitive backups at risk, potentially exposing personal information and authentication data. UpdraftPlus is a tool for creating, restoring and migrating backups for WordPress files, databases,...
Critical Cisco Bug in VPN Routers Allows Remote Takeover
A critical security vulnerability in a subset of Cisco Systems’ small-business VPN routers could allow a remote, unauthenticated attacker to take over a device – and researchers said there are at least 8,800 vulnerable systems open to compromise. Cisco addressed the bugs CVE-2021-1609 as part of ...