15946 matches found
Newsmaker Interview: Tom Kellermann on Hacking the Midterm Elections
Midterm elections are being held across the country Tuesday which means millions will be paying close attention to wins and losses. But, for cybersecurity experts, such as Tom Kellermann, the focus will be on voting irregularities. Tom Kellermann Kellermann is chief cybersecurity officer for Carb...
Passwords: Here to Stay, Despite Smart Alternatives?
The lowly password is much-maligned as being the weakest link in any company’s security defenses. That’s for good reason: It’s a fact that password reuse, a lack of strong passwords, a failure to change them on a regular basis and other human errors plague the efficacy of this de facto standard f...
Cisco Security Appliance Zero-Day Found Actively Exploited in the Wild
Attackers are actively exploiting a zero-day vulnerability in certain Cisco security products, to cause a denial-of-service DoS condition. The as-yet-unpatched flaw CVE-2018-15454 has an 8.6 CVSS score and is rated high-severity. It exists in the Session Initiation Protocol SIP inspection engine ...
Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft
Two Microsoft vulnerabilities are under active attack, according the software giant’s August Patch Tuesday Security Updates. Patches for the flaws are available for the bugs, bringing this month’s total number of vulnerabilities to 120. One of the flaws being exploited in the wild is CVE-2020-146...
British Airways Data Breach Takes Off Again with 185K More Victims
British Airways said that the data breach it first reported in September is larger than previously thought. It has added an additional 185,000 victims to the official tally. The airline said that hackers may have stolen personal data connected to an additional 77,000 payment cards, including name...
PoC Exploit Circulating for Critical Windows Print Spooler Bug
UPDATE A proof-of-concept for a critical Windows security vulnerability that allows remote code execution RCE was dropped on GitHub on Tuesday – and while it was taken back down within a few hours, the code was copied and is still out there circulating on the platform. The bug CVE-2021-1675 exist...
Online Radio Stations at Risk from Icecast Flaw
A vulnerability in Icecast, an open-source streaming media server used by online radio stations to broadcast their content, could be used to knock a station off-air. It also could potentially allow remote code-execution. Icecast is maintained by the Xiph.org Foundation, and it supports tens of...
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall. Included in the slew are 14 critical flaws and 75 important-severity flaws. Microsoft also included five previously disclosed vulnerabilities, which are being actively...
DemonBot Fans DDoS Flames with Hadoop Enslavement
A Linux-based DDoS botnet dubbed DemonBot has been found enslaving Hadoop frameworks, using a vulnerability in Hadoop’s resource management tool to infect cloud servers with the botnet malware. Hadoop is a popular open-source framework, usually deployed in cloud environments, that organizations c...
Critical Adobe Acrobat and Reader Bugs Allow RCE
Adobe has plugged 11 critical security holes in Acrobat and Reader, which if exploited could allow attackers to remotely execute code or sidestep security features in the app. As part of its regularly scheduled security updates, Tuesday, Adobe fixed critical- and important-severity flaws tied to ...
New Initiative Simply Secure Aims to Make Security Tools Easier to Use
The dramatic revelations of large-scale government surveillance and deep penetration of the Internet by intelligence services and other adversaries have increased the interest of the general public in tools such as encryption software, anonymity services and others that previously were mainly of...
VMware Issues Updated Fix For Critical ESXi Flaw
VMware issued an updated fix for a critical-severity remote code execution flaw in its ESXi hypervisor products. Wednesday’s VMware advisory said updated patch versions were available after it was discovered the previous patch, released Oct. 20, did not completely address the vulnerability. That’...
Apple Pays $100K Bounty for Critical 'Sign in With Apple' Flaw
A researcher recently found a critical Apple vulnerability that, if exploited, could enable remote attackers to abuse the “Sign in with Apple” feature to take over victims’ third-party application accounts. The security researcher, Bhavuk Jain, reported the flaw to Apple via its bug bounty progra...
Critical RCE Bug Impacts Streaming Server Libraries: VLC, MPLayer Not Impacted
A critical remote code-execution bug has been found in the popular Live Networks LIVE555’s streaming media RTSPServer. The vulnerability could allow an attacker to send a specially crafted packet to vulnerable systems and trigger a stack-based buffer overflow, according to researchers at Cisco...
WordPress Flaw Opens Millions of WooCommerce Shops to Takeover
Up to 4 million online merchants who use the popular WooCommerce WordPress plugin are vulnerable to a file deletion vulnerability that could allow a rogue “shop manager” to escalate privileges and eventually execute remote code on impacted websites. Researchers at RIPS Technologies trace the bug ...
Facebook Blames Malicious Extensions in Breach of 81K Private Messages
Hackers have published what they claim are private messages from at least 81,000 Facebook accounts – and they say the trove contains a fraction of the details they have from a larger cadre of 120 million accounts. In an English-language Dark Web advertisement now taken down, the perpetrators...
Microsoft Exchange 0-Day Attackers Spy on U.S. Targets
Microsoft has spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server. Adversaries have been able to access email accounts, steal a raft of data and drop malware on target machines for long-term remote access, according to the computin...
Windows ‘Deletebug’ Zero-Day Allows Privilege Escalation, Destruction
A proof-of-concept exploit for a Windows zero-day that works on fully patched Windows 10 machines has been released by a security researcher. It allows an attacker to delete any kind of file on a victim machine, including system data. The flaw no CVE has been assigned since it was just exposed on...
City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate
The city of West Haven, Conn. made the hard choice to pay cyberattackers a $2,000 ransom after being hit with malware that ground their operations to a halt. West Haven said that its City Hall offices were the victim of a ransomware attack, which the U.S. Department of Homeland Security determine...
StrongPity APT Changes Tactics to Stay Stealthy
The APT group behind the sophisticated malware known as StrongPity a.k.a. Promethium has changed its tactics, after various research groups analyzed the malware and exposed its methods of deployment. The efforts have allowed the group to return to hidden status, even after being labeled a known...
Chrome Browser Bug Under Active Attack
Google is warning that a bug in its Chrome web browser is actively under attack, and it is urging users to upgrade to the latest 91.0.4472.101 version to mitigate the issue. In all, Google rolled out fixes for 14 bugs impacting its Windows, Mac and Linux browsers as part of its June update to the...
'Ripple20' Bugs Impact Hundreds of Millions of Connected Devices
A series of 19 different vulnerabilities, four of them critical, are affecting hundreds of millions of internet of things IoT and industrial-control devices. The issue is based in the supply chain and code reuse, with the bugs affecting a TCP/IP software library developed by Treck that many...
Cryptojacking Attack Targets Make-A-Wish Foundation Website
Hackers have been stealing CPU-cycles from visitors to the Make-A-Wish Foundation’s international website in order to mine for Monero cryptocurrency. Researchers said they found the CoinIMP mining script embedded in the non-profit’s website, and that it was taking advantage of the Drupalgeddon 2...
AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit
Advanced malware, dubbed AcidBox, has been identified by researchers who say a mysterious cybergang used it twice against Russian organizations as far back as 2017. In a report released Wednesday, Palo Alto Networks’ Unit 42 sheds new light onto attacks against the popular open-source...
Critical Zoho Zero-Day Flaw Disclosed
UPDATE A zero-day vulnerability has been disclosed in the IT help desk ManageEngine software made by Zoho Corp. The serious vulnerability enables an unauthenticated, remote attacker to launch attacks on affected systems. Zoho has now released a security update addressing the vulnerability. As of...
Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers
VMware has issued a critical security update to address issues in its ESXi, Fusion and Workstation products, including VMware Cloud Foundation versions. Exploitation could give attackers access to workloads inside organizations’ virtual environments. The bugs have a range of 5.3 to 8.4 out of 10 ...
Wormable BlueKeep Bug Still Threatens Legions of Windows Systems
For the past two months, security researchers have been sounding the alarm about BlueKeep, a critical remote code-execution vulnerability in Microsoft Windows that researchers said could lead to a “mega-worm” global infection. As of July 2, approximately 805,665 systems remain online that are...
GDPR’s First 150 Days Impact on the U.S.
Apple CEO Tim Cook publicly entered the data privacy fray earlier this month, praising the European Union’s General Data Protection Regulation GDPR. At the International Conference of Data Protection and Privacy Commissioners Conference ICDPPC, Cook advocated for GDPR rules to have a far-reaching...
HSBC Data Breach Hits Online Banking Customers
International banking giant HSBC has reported that it was breached in October, as a result of a credential-stuffing attack. In a notice PDF filed with the state of California, the bank said that it became aware of some online accounts being accessed by unauthorized users between October 4 and 14...
ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers
As National Fraud Day approaches Nov. 11, it remains clear that more consumer education is required when it comes to thwarting scammers and identity thieves. Despite almost half of U.S. consumers 49 percent believing their security habits make them vulnerable to information fraud or identity thef...
Zerologon Patches Roll Out Beyond Microsoft
UPDATE The “perfect” Windows vulnerability known as the Zerologon bug is getting a patch assist from two non-Microsoft sources, as they strive to fill in the gaps that the official fix doesn’t address. They roll out as Microsoft announced that it is tracking active exploitation in the wild. “We...
sLoad Banking Trojan Downloader Displays Sophisticated Recon and Targeting
A new PowerShell downloader dubbed sLoad is making the rounds, sporting impressive reconnaissance tactics and a penchant for geofencing, which indicate increasing sophistication when it comes to targeting efforts. First spotted in May 2018, sLoad typically delivers the Ramnit banking trojan but h...
One Million Devices Open to Wormable Microsoft BlueKeep Flaw
One million devices are still vulnerable to BlueKeep, a critical Microsoft bug with “wormable” capabilities, almost two weeks after a patch was released. The flaw CVE-2019-0708 was fixed during Microsoft’s May Patch Tuesday Security Bulletin earlier this month. System administrators were urged to...
Pulse Secure VPNs Get Quick Fix for Critical RCE
Pulse Secure has issued a workaround for a critical remote-code execution RCE vulnerability in its Pulse Connect Secure PCS VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. Pulse Secure’s parent company, Ivanti, issued an out-of-band advisory...
Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs
The Mercedes-Benz E-Class went to market riddled with 19 vulnerabilities, which, among other things, could enable attackers to remotely unlock the car door and start its engine. Researchers say the flaws, detailed at Black Hat USA on Thursday, potentially impacted over 2 million Mercedes-Benz...
Ex-Gumshoe Nabs Cybercrooks with FBI Tactics
Crooks are crooks, right? Whatever motivates serial violent offenders doesn’t switch off when they stop mugging people and instead pick up a keyboard to transform into cyber actors who craft cyber threats. At least, that was the thinking behind the 2012 creation of the FBI’s Cyber Behavioral...
Pentagon Expands Bug-Bounty Program to Include Physical Systems
The Department of Defense is expanding its “Hack the Pentagon” bug-bounty program to include hardware assets, tapping the Synack, HackerOne and Bugcrowd platforms to attract more white hats to the effort. The news comes two weeks after the Government Accountability Office GAO released a report...
Program Looks to Tap Military Vets for Cyber-Jobs
Cisco Talos, NetApp and Maryland’s state government announced an initiative to help military veterans in that state transition into civilian positions in cybersecurity. The hope is that it will address twin goals: To help the hundreds of thousands of discharged veterans flowing into the workplace...
Magecart Cybergang Targets 0days in Third-Party Magento Extensions
Criminals behind the Magecart gang have shifted tactics, and are now targeting nearly two dozen unpatched vulnerabilities found in third-party plugins used in the Magento e-commerce platform. Previously, the Magecart cybergang had focused on the core of Magento, using attack strategies such as...
Utilities, Energy Sector Attacked Mainly Via IT, Not ICS
While industrial control systems ICS are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report o...
ThreatList: Fewer Big DDoS Attacks in Q3, Overall Rate Holds Steady
When it comes to distributed denial of service DDoS attacks, the third quarter of 2018 marked an apparent lull in the action, with fewer huge, multi-day attacks than in previous quarters. Researchers however warn against having a false sense of security: The total number of attacks in the quarter...
UK Slaps Facebook with $645K Fine Over Cambridge Analytica Scandal
The UK has fined Facebook $645,000 over Cambridge Analytica’s data harvesting practices, which exploited the data of 87 million users of the social network. That represents a gnat bite for the tech giant, which generated $5.1 billion in net profit in the second quarter of the year. However, the...
ThreatList: 3 Out of 4 Employees Pose a Security Risk to Businesses
While much is always made of external hackers, insider threats remain a problem at more organizations. A full 75 percent of professionals pose a moderate or severe risk to their company’s data, according to a recent survey. MediaPRO’s third-annual State of Privacy and Security Awareness Report...
The Danger and Opportunity in 5G Connectivity and IoT
There is a lot of buzz building over fifth-generation mobile networks 5G and how they will revolutionize the fast-growing numbers of internet-connected devices — but what about security? What makes 5G so closely tied to billions of Internet of Things IoT devices is its speed 5G is expected to be ...
Samsung, Crucial’s Flawed Storage Drive Encryption Leaves Data Exposed
Self-encrypting solid-state storage drives from Samsung and Crucial are open to tampering that would allow an attacker with physical access to harvest their data without knowing the user’s password, researchers have discovered. Researchers at Radboud University in the Netherlands found that it’s...
ThreatList: Ransomware, EKs and Trojans lead the Way in Q3 Malware Trends
When it comes to malware activity, businesses took a big hit in the third quarter, with detection trending upward by a whopping 55 percent, according to new research. Consumers saw an uptick too, but only a modest one: volume was up just 4 percent quarter-over-quarter for this segment. Overall,...
Auth Bypass Bug Exploited, Millions of Routers Affected
An authentication-bypass vulnerability affecting multiple routers and internet-of-things IoT devices is being actively exploited in the wild, according to researchers. The security flaw, tracked as CVE-2021-20090, was disclosed last week by researchers at Tenable. It affects devices from 20...
Top CVEs Trending with Cybercriminals
Criminal small talk in underground forums offer critical clues about which known Common Vulnerabilities and Exposures CVEs threat actors are most focused on. This, in turn, offers defenders clues on what to watch out for. An analysis of such chatter, by Cognyte, examined 15 cybercrime forums...
The Ultimate Security Budget Excel Template
Sound security budget planning and execution are essential for the CIO’s/CISO’s success. Now, for the first time, The Ultimate Security Budget Plan & Track Excel template download here provides security executives a clear and intuitive tool to keep track of planned vs. actual spend, ensuring that...
X.Org Flaw Allows Privilege Escalation in Linux Systems
A local privilege-escalation and file-overwrite vulnerability in X.Org X server opens the door to trivial compromise in Linux systems that use the open-source software. The X server is a core graphics and windowing technology that can be found in most Linux and BSD distributions that use a...