15946 matches found
Three Critical Fixes in July Microsoft Patch Tuesday
Microsoft issued nine bulletins fixing 16 vulnerabilities in the July 2012 edition of Patch Tuesday. Three of the bulletins received Microsoft’s most severe ‘critical’ rating, while the remaining six were deemed merely ‘important.’ First and foremost among the critical patches is MS12-043, a fix...
Microsoft Plans To Fix 16 Vulnerabilities With July Patch Release
Microsoft has announced it will issue nine bulletins for its July Patch Tuesday release next week. Included in the update are three critical patches for security holes that, if left unaddressed, could result in remote code execution on vulnerable systems. In all, the Redmond, Washington company...
Microsoft Plans Record-Breaking Patch Tuesday
This month’s batch of security patches from Microsoft will be a record-breaking one: 16 bulletins addressing a whopping 49 security vulnerabilities. According to the company’s advance notice, four of the 16 bulletins will be rated “critical,” Microsoft’s highest severity rating. Microsoft rates a...
Free COFEE Helps Law Enforcement Forensics
Microsoft has announced plans to give away free versions of its COFEE Computer Online Forensic Evidence Extractor utility to help law enforcement agencies in cyber-crime investigations. COFEE uses digital forensic technologies to help investigators gather evidence of live computer activity at the...
New Flaw in Microsoft Office Web Components Under Attack
From SearchSecurity Robert Westervelt Microsoft issued an advisory Monday, warning of a new vulnerability in Office Web Components being actively targeted by attackers. The Office Web Components allow users to view spreadsheets, charts and databases on the Web. Microsoft said the vulnerability is...
Deep Dive: Protecting Against Container Threats in the Cloud
Containers are self-contained pods representing complete, portable application environments. They contain everything an application needs to run, including binaries, libraries, configuration files and dependencies Docker and Amazon Elastic, for instance, are two of the more well-known offerings...
China Suspected of News Corp Cyberespionage Attack
The Chinese hackers responsible for an attack on media giant News Corp last month likely were seeking intelligence to serve China’s interests in a cyberespionage incident that shows the persistent vulnerability of corporate networks to email-based attacks, security professionals said. Reports on...
MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed
The accounts of at least 6,000 Coinbase customers were robbed of funds after attackers bypassed the cryptocurrency exchange’s multi-factor authentication MFA. According to a notification letter PDF – seen and posted by BleepingComputer, which first reported the story – that Coinbase sent to...
Critical Cisco SD-WAN, HyperFlex Bugs Menace Networks
Cisco has addressed two critical security vulnerabilities in the SD-WAN vManage Software, one of which could allow an unauthenticated attacker to carry out remote code execution RCE on corporate networks or steal information. The networking giant also disclosed a denial-of-service issue in vManag...
Air-Gap Attack Turns Memory Modules into Wi-Fi Radios
Super-secure air-gapped computers are vulnerable to a new type of attack that can turn a PC’s memory module into a modified Wi-Fi radio, which can then transmit sensitive data at 100 bits-per-second wirelessly to nearly six feet away. Noted air-gap researcher Mordechai Guri created the...
Microsoft Azure Flaws Open Admin Servers to Takeover
Researchers have disclosed two flaws in Microsoft’s Azure web hosting application service, App Services, which if exploited could enable an attacker to take over administrative servers. Azure App Services is an HTTP-based service for hosting web applications, and is available in both Microsoft...
Emerging MakeFrame Skimmer from Magecart Sets Sights on SMBs
Researchers have observed a new skimmer from the prolific Magecart Group that has been actively harvesting payment-card data from 19 different victim websites, mainly belonging to small- and medium-sized businesses SMBs, for several months. RiskIQ researchers first discovered the skimmer, dubbed...
Microsoft Patches 26 Critical Bugs in Big March Update
Microsoft tackled 115 bug fixes as part of its March Patch Tuesday update – 26 rated critical and 88 rated medium severity. The bugs patched span its product catalog, from Azure DevOps to Windows 10. This month’s haul is notable in its quantity and that there are only a few stand-out bugs causing...
Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone
Big businesses are constantly under attack, and that affects everyone from customers and business partners to parties with national security interests. When successful, the initial compromise is only a means to an end — the real goal is to mount follow-on attacks like spearphishing, extortion...
WordPress Plugin Has Unpatched Privilege Escalation Flaw, Warn Researchers
A WordPress plugin, Slick Popup, has a serious privilege escalation flaw – and it has yet to be patched. WordPress plugin Slick Popup, which has 7,000 active installs and provides a tool for displaying the Contact Form 7 as a popup on WordPress websites. However, researchers with Wordfence said...
Cisco Patches High-Severity Flaws in IP Phones
Cisco Systems is urging customers to update several models of their IP phones after issuing patches for five high-severity flaws found in its popular business-focused IP phones. Impacted are Cisco’s IP Phone 8800 series, which are business desk phones that have HD video included and its IP Phone...
'Cloudborne' IaaS Attack Allows Persistent Backdoors in the Cloud
An attack scenario affecting various cloud providers could allow an attacker to implant persistent backdoors for data theft into bare-metal cloud servers, which would be able to remain intact as the cloud infrastructure moves from customer to customer. This opens the door to a wide array of attac...
D-Link, Dasan Routers Under Attack In Yet Another Assault
Unpatched D-Link and Dasan GPON router vulnerabilities are being targeted by hackers attempting to build a botnet army, according to research published Friday by eSentire Threat Intelligence. Researchers observed on Thursday a massive uptick in exploit attempts from over 3,000 different source IP...
Neptune Exploit Kit Dropping Cryptocurrency Miners Through Malvertisements
Despite a marked decrease in activity, exploit kits haven’t completely disappeared just yet. The Neptune, or Terror Exploit Kit, is alive and well; during the last month, researchers have observed the kit as part of a campaign to abuse a legitimate popup ad service to drop cryptocurrency miners...
Microsoft Releases EMET 5.0 Exploit Mitigation Tool
The latest version of Microsoft’s freely available stopgap against zero-day exploits was released today with two new exploit mitigations and a batch of new configuration options. The update to Microsoft’s Enhanced Mitigation Experience Tool kit, or EMET, comes six months after a technical preview...
Microsoft Pushes Out Two New Security Tools
In parallel with its release of 17 bulletins on Patch Tuesday this month, Microsoft also unveiled two new tools that are meant to help make a couple of common exploitation scenarios more difficult for attackers. The company released a tool called Office File Validation for some older versions of...
UK Cops Collar 7 Suspected Lapsus$ Gang Members
City of London Police have arrested seven people suspected of being connected to the Lapsus$ gang. The bust came within hours of Bloomberg having published a report about a teenage boy living at his mother’s house near Oxford, England who’s suspected of being the Lapsus$ mastermind. The police...
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
Enterprises are putting greater stock in cybersecurity, but outdated “security by obscurity” is still prevailing as companies wrestle with security awareness and shy away from bug-bounty programs. That’s according to new survey data from HackerOne, which found that a full 65 percent of...
SAP Kicks Log4Shell Vulnerability Out of 20 Apps
SAP has identified 32 apps that are affected by CVE-2021-44228 – the critical vulnerability in the Apache Log4j Java-based logging library that’s been under active attack since last week. As of yesterday, Patch Tuesday, the German software maker reported that it’s already patched 20 of those apps...
Black Hat: Scaling Automated Disinformation for Misery and Profit
LAS VEGAS – Researchers recently demonstrated the weaponization of deep neural networks that can be used to shape public opinion, enrage people on Twitter and possibly spark QAnon 2.0. The research, presented last week at Black Hat by Drew Lohn, senior fellow at the Center for Security and...
Critical CODESYS Bug Allows Remote Code Execution
A critical flaw in a web server for the CODESYS automation software for engineering control systems could allow a remote, unauthenticated attacker to crash a server or execute code. The bug is rated 10 out of 10 on the CVSS v.2 vulnerability severity scale and requires little skill to exploit, th...
2020 Cybersecurity Trends to Watch
The wheels of 2020’s biggest cybersecurity threats have already been set motion. Mobile, the cloud and artificial intelligence, to name a few, are trends that will continue to be exploited by criminals. Couple that with the rapid growth of software development and a cybersecurity skills shortage...
Maze Ransomware Behind Pensacola Attack, Data Breach Looms
The Maze ransomware is likely the culprit behind the recently reported cyberattack on Pensacola, Fla. that occurred earlier this week, which downed systems citywide. In an email sent to county commissioners, IT administrators said that the Florida Department of Law Enforcement said that the...
Ransomware Attack Downs Hosting Service SmarterASP.NET
SmarterASP.NET, a popular web hosting provider with more than 440,480 customers, has been hit with a ransomware attack that took down its customers’ websites that were hosted by the company. The company on Monday said it is in the process of recovering impacted data. SmarterASP.NET offers shared...
AMD Radeon Graphics Cards Open VMware Workstations to Attack
A remote code-execution bug exists in some configurations of the AMD Radeon graphics card that could allow an attacker to take control of a targeted system. The hack entails luring users of vulnerable systems to visit a specially crafted website that can deliver “a malformed pixel shader” to eith...
DEF CON 2019: Researchers Demo Hacking Google Home for RCE
LAS VEGAS – The Tencent Blade Team of researchers demonstrated several ways they have developed to hack and run remote code on Google Home smart speakers. The hacks center around what is known as a Magellan vulnerability, which can be used to exploit the massively popular SQLite database engine...
Serious Phar Flaw Allows Arbitrary Code Execution on Drupal
Multiple content management systems – including Drupal, Joomla and Typo3 – are open to a vulnerability that can lead to arbitrary code execution on some systems. The flaw CVE-2019-11831 exists in the phar stream wrapper component used in PHP-driven projects. A Phar archive is used to distribute a...
Microsoft to End Email Security Notifications
Update: Microsoft today has reversed course on its decision to suspend security email notifications, and will resume doing so on Thursday. The original decision, made in response to Canada’s antispam law set to go into effect tomorrow, was announced on Friday. This afternoon, however, a Microsoft...
Researchers Uncover Targeted Attack Campaign Using Android Malware
Android attacks have become all the rage in the last year or two, and targeted attacks against political activists in Tibet, Iran and other countries also have been bubbling up to the surface more and more often lately. Now those two trends have converged with the discovery of a targeted attack...
Microsoft Revokes Trust in 28 of Its Own Certificates
UPDATED–In the wake of the Flame malware attack, which involved the use of a fraudulent Microsoft digital certificate, the software giant has reviewed its certificates and found nearly 30 that aren’t as secure as the company would like and has revoked them. Microsoft also released its new updater...
CISA Urges Patch of Exploited Windows 11 Bug by Aug. 2
A Windows 11 vulnerability, part of Microsoft’s Patch Tuesday roundup of fixes, is being exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency CISA to advise patching of the elevation of privileges flaw by August 2. The recommendation is directed at federal...
Cyberattackers Cook Up Employee Personal Data Heist for Meyer
Meyer Corp., maker of Farberware and the largest cookware and bakeware distributor in the U.S., has begun notifying 2,747 employees that a cyberattack that occurred on Oct. 25 compromised their personal data. Meyer filed a notice with the state of Maine disclosing the breach, which it discovered ...
Next-Gen Maldocs & How to Solve the Human Vulnerability
Any cybersecurity attack — whether it be a breach, an incident or any form of compromise — starts with hackers getting in through the door. Threat actors and adversaries rely on gaining code execution on a target system which they can then leverage to do more damage—a phase commonly referred to a...
Pair of Google Chrome Zero-Day Bugs Actively Exploited
Google has addressed two zero-day security bugs that are being actively exploited in the wild. As part of the internet giant’s latest stable channel release version 93.0.4577.82 for Windows, Mac and Linux, it fixed 11 total vulnerabilities, all of them rated high-severity. The two zero days are...
Critical Jira Flaw in Atlassian Could Lead to RCE
Atlassian has dropped a patch for a critical vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products, which can lead to arbitrary code execution. Atlassian is a platform that’s used by 180,000 customers to engineer software and manage projects, and...
Lewd Phishing Lures Aimed at Business Explode
Attackers have amped up their use of X-rated phishing lures in business email compromise BEC attacks. A new report found a stunning 974-percent spike in social-engineering scams involving suggestive materials, usually aimed at male-sounding names within a company. The Threat Intelligence team wit...
Ziggy Ransomware Gang Offers Refunds to Victims
The Ziggy ransomware gang announced in early February they were getting out of the cybercrime business. Now they say they’re ready to refund their victims’ money. Anyone who paid a ransom to Ziggy just needs to shoot them an email with proof of payment calculated in Bitcoin and the computer ID...
Google Patches Critical Wi-Fi and Audio Bugs in Android Handsets
Google patched ten critical bugs as part of its December Android Security Bulletin. The worst of the bugs was tied to the Android media framework component and gives attacker remote control of vulnerable handsets. Google did not reveal the technical specifics of the critical flaw, tracked as...
HEH P2P Botnet Sports Dangerous Wiper Function
A freshly discovered botnet dubbed HEH by researchers is casting a wide net, looking to infect any and all devices that use Telnet on ports 23/2323. It’s particularly destructive: It contains code that wipes all data from infected systems. Perhaps ironically, its operators also have a penchant fo...
EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities
A rare new ransomware strain targeting macOS users has been discovered, called EvilQuest. Researchers say the ransomware is being distributed via various versions of pirated software. EvilQuest, first discovered by security researcher Dinesh Devadoss, goes beyond the normal encryption capabilitie...
Google Yanks 106 ‘Malicious’ Chrome Extensions
Google removed 106 Chrome browser extensions Thursday from its Chrome Web Store in response to a report that they were being used to siphon sensitive user data. In the research, also published Thursday, Awake Security alleged millions of Chrome users have been targeted by threat actors. The...
RSAC 2020: Editors' Preview of Hottest Sessions, Speakers and Themes
The RSA 2020 conference kicks off next week in San Francisco, this year with a theme looking at the “human element” of cybersecurity. As they prepare to cover the show, Threatpost editors Lindsey O’Donnell-Welch, Tom Spring and Tara Seals break down the biggest news, stories and trends that they...
Malicious Ad Blockers for Chrome Caught in Ad Fraud Scheme
Google has removed two malicious ad blockers from its Chrome Web Store after a researcher discovered they were carrying out ad fraud and deceived Chrome users by using names of legitimate and popular blockers. Researcher Andrey Meshkov from rival ad blocker maker AdGuard discovered that the...
200K Sign Petition Against Equifax Data Breach Settlement
Consumers are furious over what they view as an unfair settlement between the U.S. government and Equifax over the latter’s now-infamous 2017 data leak–so much so that more than 200,000 of them so far have signed a petition against the deal. “Don’t let Equifax escape liability” is the title of th...
Insider Threats Are Rising – But They Shouldn’t Be
There’s never been a shortage of risk that organizations face from insiders gone bad — those incidents where insiders steal information from their employers, clients, partners and government agencies. Many times, malicious insiders seek monetary gain. They’ll steal information such as account...