15946 matches found
Apple Manufacturer Foxconn Confirms Cyberattack
Foxconn Technology Group confirmed Tuesday that a November cyberattack knocked some of its U.S. operations offline. The incident is reportedly a ransomware attack carried out by a cybergang attempting to extort $34 million from the global manufacturing powerhouse. “We can confirm that an...
U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked
A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information. The company, Westech International, has a range of contracts with the...
Troves of Zoom Credentials Shared on Hacker Forums
Hackers have a new favorite topic of conversation on underground forums: How to obtain – and leverage – valuable credentials for Zoom, Skype, Webex and other web conferencing platforms increasingly used by remote workers. That’s what Etay Maor, chief security officer at IntSights, has discovered...
Mozilla Firefox 73 Browser Update Fixes High-Severity RCE Bugs
Mozilla has launched the latest version of its Firefox browser, which knocks out high-severity security flaws that leave systems open to attack by a remote adversary. The patched version of Mozilla’s browser, launched on Tuesday, is Firefox 73 and Firefox ESR 68.5. The Firefox ESR browser is its...
Gamers Beware: Zero-Day in Steam Client Affects All Windows Users
UPDATE A researcher has dropped a zero-day vulnerability that affects the Steam game client for Windows, after Valve said it wouldn’t fix it. Valve then published a patch, that the same researcher said can be bypassed. The bug is a privilege-escalation vulnerability that can allow an attacker to...
Post-Ransomware Attack, Florida City Pays $600K
A Florida city, hit by a ransomware attack that crippled its computer systems for three weeks, voted this week to pay the attackers the requested ransom of $600,000. Riviera Beach, a city in Florida populated by 35,000, was hit by the ransomware attack May 29 after a city employee clicked on a...
Is 'Sign in with Apple' Marketing Spin or Privacy Magic? Experts Weigh In
Apple’s “Sign in with Apple” feature promises to protect user privacy – and while many are looking at that claim as more of a marketing move than anything else, authentication experts say it has the potential to have an enormous impact on the data privacy ecosystem. The giant from Cupertino took...
Mirai Variant Goes After Enterprise Systems
Researchers have discovered a new variant of the infamous Mirai IoT botnet, which has been sniffing out and targeting vulnerabilities in enterprise wireless presentation and display systems since January. Palo Alto Network’s Unit 42 researchers said that the newest variant of Mirai is notably...
RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope
SAN FRANCISCO – An insidious reconnaissance campaign discovered in 2018, dubbed Operation Sharpshooter, is much more widespread than previously thought, researchers said. Operation Sharpshooter was first disclosed in December 2018, using a never-before-seen implant framework to infiltrate global...
Microsoft November Patch Tuesday Fixes 20 Critical Vulnerabilities
Microsoft tackled 53 vulnerabilities with today’s Patch Tuesday bulletin. Remote code execution bugs dominated this month’s patches, representing 25 fixes. In total, 20 of Microsoft’s security fixes were rated critical. Notable are four vulnerabilities with public exploits identified by Microsoft...
Microsoft Patches .NET Zero Day Vulnerability in September Update
An actively exploited zero-day vulnerability tied to Microsoft’s .NET framework is one of 25 critical and 54 important vulnerabilities fixed by Microsoft in its September Patch Tuesday security bulletin. According to Microsoft, the .NET framework vulnerability CVE-2017-8759 allows attackers to...
ZeroAccess Returns, Resumes Click-Fraud Activity
Long thought dead, the peer-to-peer P2P ZeroAccess botnet has resurfaced, and as of just a few weeks ago, has returned to propagating click-fraud scams. Researchers with Dell’s SecureWorks revealed Wednesday that they witnessed the botnet restart itself from March 21 to July 2, 2014 and that...
Alex Lanstein on the Rustock Botnet Takedown
Dennis Fisher talks with Alex Lanstein of FireEye about this week’s takedown of the Rustock botnet, the important legal precedent it helped set with Microsoft’s lawsuit and the mechanics behind the operation and dismantling of large-scale botnets. Podcast audio courtesy of sykboy65 Subscribe to t...
Microsoft Fills Windows, Office Holes with March Patch Release
Microsoft Corp. issued their monthly security bulletins on Tuesday, with fixes for four known vulnerabilities in the company’s Windows operating system, Office suite and Remote Desktop Connection products. The March patch release included three bulletins: MS11-015, 016 and 017. Only one, MS11-015...
Serious new flaw found in IIS 6.0
A new remotely-exploitable vulnerability has been found in the Microsoft IIS 6.0 Web server. The flaw is quite similar to one that was discovered eight years ago in earlier versions of IIS, and exploitation of the weakness could enable an attacker to upload content to the vulnerable server. The...
What the Log4Shell Bug Means for SMBs: Experts Weigh In
News of the Log4Shell vulnerability is everywhere, with security experts variously calling the Apache log4j logging library bug a recipe for an “internet meltdown,” as well as the “worst cybersecurity bug of the year.” Names like “Apple,” “Twitter” and “Cloudflare” are being bandied about as bein...
Apple Patches 3 More Zero-Days Under Active Attack
Apple has patched three actively exploited zero-day security vulnerabilities in updates to iOS and macOS, one of which can allow an attacker to execute arbitrary code with kernel privileges. Apple released two updates on Thursday: iOS 12.5.5, which patches three zero-days that affect older versio...
Auditors: Feds’ Cybersecurity Gets the Dunce Cap
Out of eight U.S. federal agencies identified two years ago with critical cybersecurity failures, seven still don’t meet basic standards, a new audit report found. The Federal government’s overall posture was given just a C-. Audited agencies included the Departments of State, Homeland Security,...
Microsoft Translation Bugs Open Edge Browser to Trivial UXSS Attacks
Microsoft patched two bugs in its Chromium-based Edge browser last week, one of which could be used by an attacker to bypass security and to remotely inject and execute arbitrary code on any website just by sending a message. That security-bypassing bug, CVE-2021-34506, is rated CVSS 5.4, or...
WeSteal: A Cryptocurrency-Stealing Tool That Does Just That
Some cybercriminals try, at least, to cover their dirty work with a threadbare “this will throw off the lawsuits” blanket of legitimacy. For example, phone-tracking tools that silently install and operate and which are supposedly meant for parents to legally watch out for their kids in actuality,...
Feds: K-12 Cyberattacks Dramatically on the Rise
The feds have warned that cyberattacks on the K-12 education sector are ramping up alarmingly. In an alert from the FBI and the Cybersecurity and Infrastructure Security Agency CISA, officials said that data from the Multi-State Information Sharing and Analysis Center MS-ISAC shows that in August...
Twitter Confirms it was Hacked in an Unprecedented Cryptocurrency Scam
Twitter locked down thousands of verified accounts belonging to elite Twitter users and high-profile companies Wednesday afternoon in an effort to prevent hackers from perpetrating a massive cryptocurrency scam. The accounts fell victim to a compromise of the company’s internal systems by a group...
The TLS 1.2 Deadline is Looming, Do You Have Your Act Together?
In the pantheon of security configuration duties for organizations running internet assets, maintaining the latest TLS encryption protocols to keep the cryptographic apparatus at full strength is one of the most fundamental. TLS provides cover for the most sensitive personal and financial...
Adobe Fixes 'Important' Flaws in ColdFusion, After Effects and Digital Editions
Adobe released security patches for vulnerabilities in its ColdFusion, After Effects and Digital Editions applications. If exploited, the flaws could enable attackers to view sensitive data, gain escalated privileges, and launch denial-of-service attacks. Each of the bugs were rated...
Government VPN Servers Targeted in Zero-Day Attack
As the Chinese government turns to virtual private networks VPNs to provide access to official resources for those working remotely amid the COVID-19 pandemic, the DarkHotel APT has seized the opportunity to target those VPNs in a zero-day attack, researchers said. According to security analysts...
Firefox Bug Opens iPhone AirPods to Third-Party Snooping
Five high-severity bugs were fixed in the Firefox web browser with the release of version 74 by the Mozilla Foundation on Tuesday. In addition, Mozilla reported a quirky moderate-severity flaw that allows hackers to target iPhone users and collect data tied to connected AirPods, if in use. In...
CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies
The U.S. government’s cybersecurity agency has issued a draft directive mandating all agencies to develop vulnerability disclosure policies, which would give ethical hackers clear guidelines for submitting bugs found in government systems. Security experts hope that the directive will light a fir...
15 Years Later, Metasploit Still Manages to be a Menace
The popular penetration testing and hacking framework Metasploit may be getting long in the tooth, but it hasn’t lost its bite in the hands of bad actors. According to researchers, hackers are still using the tool and a highly effective technique called Shikata Ga Nai Japanese for “nothing can be...
CISO/CIO: Get an iPad and Apple Watch with an App Monitoring your Security 24/7
If you are a CISO or CIO, you need to know what is going on with your organizational security. Together with that, you cannot afford to be inundated with alerts, messages and other data whenever something happens. On the one hand, you need to be in the know, because cyberattacks can occur at any...
Strangest Phishing Lures of 2019: From Divorce Papers to Real Estate Decoys
Hackers aren’t just targeting infrastructure anymore – they’re actively playing on the emotions of people, whether it’s a consumer who desperately wants to lose weight to an employee who is nervous he will lose his job if he doesn’t do exactly what his boss says. That’s according to Proofpoint’s...
Lenovo High-Severity Bug Found in Pre-Installed Software
Another flaw has been found in Lenovo’s decommissioned Lenovo Solution Centre software, preinstalled on millions of older-model PCs made by the world’s leading computer maker. The vulnerability is a privilege escalation flaw that can be used to execute arbitrary code on a targeted system, giving ...
Mirai Botnet Sees Big 2019 Growth, Shifts Focus to Enterprises
The infamous Mirai internet of things botnet is spiking in growth while changing up its tactics, techniques and procedures so far in 2019, to target more and more enterprise-level hardware, It’s a state of affairs that presents a greater concern than ever before given the ongong migration to the...
Gatekeeper Bug in MacOS Mojave Allows Malware to Execute
Researcher Filippo Cavallarin disclosed a bug in the macOS security feature Gatekeeper that allows malicious code execution on systems running the most recent version of Mojave 10.14.0. MacOS Gatekeeper is an Apple security feature that enforces code signing and verifies downloads and apps before...
Goodbye Passwords: Hello Identity Management
Keeping track of user names and passwords sounds easy, but it is not. In a world where protected network resources are accessed by employees on mobile devices, outside contractors, web applications and internet of things IoT devices – passwords just don’t cut it anymore. The stakes are high:...
Zero-Days in Counter-Strike Client Used to Build Major Botnet
A proprietor of a Counter-Strike gaming server promotion service has used multiple zero-days in the Counter-Strike client to create a large botnet. The network is made up of fake game servers for the popular online multiplayer game. The attacker has had quite a bit of success. In a recent analysi...
Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts
Intel, Amazon, Microsoft and others are playing down concerns over the impact of the massive Spectre and Meltdown vulnerabilities affecting computers, servers and mobile devices worldwide. The two flaws, Spectre and Meltdown, are far reaching and impact a wide range of microprocessors used in the...
Impact of New Linux Kernel DCCP Vulnerability Limited
Linux providers are busy developing and pushing out patches for a vulnerability in an obscure networking protocol that could allow a local attacker to crash the kernel and elevate privileges. Google software engineer Andrey Konovalov privately disclosed the vulnerability on Monday. The...
Researchers Warn of New Windows 7 Vulnerability
Researchers are warning about a new remotely exploitable vulnerability in 64-bit Windows 7 that can be used by an attacker to run arbitrary code on a vulnerable machine. The bug was first reported a couple of days ago by an independent researcher and confirmed by Secunia. In a message on Twitter,...
Microsoft Adds Tracking Protection to IE 9
Microsoft has pushed out a new release candidate of Internet Explorer 9 that includes two new privacy protections designed to enable consumers to prevent tracking by some Web sites. The new IE 9 release candidate has two separate, but related, technologies aimed at giving users more control over...
Sysrv-K Botnet Targets Windows, Linux
Unpatched vulnerabilities in the Spring Framework and WordPress plugins are being exploited by cybercriminals behind the Sysrv botnet to target Linux and Windows systems. The goal, according to researchers, is to infect systems with cryptomining malware. The botnet variant is being called Sysrv-K...
The Uncertain Future of IT Automation
The majority of today’s cybersecurity breaches stem from unpatched vulnerabilities and outdated systems, which means that many cyberattacks are preventable. Unfortunately, it can be challenging for IT teams to keep up with the pace of new patches every month, especially when employee devices are...
Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
Mozilla has released an emergency update for its Firefox browser that addresses two critical security vulnerabilities that cybercriminals have actively exploited in the wild as zero days. Both are use-after-free bugs, which are memory-corruption issues that occur when an application continues to...
‘Long Live Log4Shell’: CVE-2021-44228 Not Dead Yet
Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency CISA, stated in a public news interview that the now-infamous Log4j flaw is the “the most serious vulnerability that she has seen in her career.” It’s not a stretch to say the whole security industry would agree...
Microsoft Signed Malware That Spreads Through Gaming
Microsoft signed a driver being distributed within gaming environments that turned out to be a malicious network filter rootkit. G DATA malware analyst Karsten Hahn first noticed the rootkit, publicly posting the find on June 17 and simultaneously reaching out to Microsoft. Hahn noted that the co...
Millions of Connected Cameras Open to Eavesdropping
Millions of connected security and home cameras contain a critical software vulnerability that can allow remote attackers to tap into video feeds, according to a warning from the Cybersecurity and Infrastructure Security Agency CISA. The bug CVE-2021-32934, with a CVSS v3 base score of 9.1 has be...
Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop
Adobe has released security patches tackling four critical vulnerabilities in Adobe Bridge, along with other critical and important-rated updates for bugs in Adobe Digital Editions, Adobe Photoshop and RoboHelp. In all, Adobe fixed 10 security holes in its products during its scheduled April...
Energy Giant Shell Is Latest Victim of Accellion Attacks
Energy giant Royal Dutch Shell is the latest victim of a series of attacks on users of the Accellion legacy File Transfer Appliance FTA product, which already has affected numerous companies and been attributed to the FIN11 and the Clop ransomware gang. “Shell has been impacted by a data-security...
Mysterious Silver Sparrow Malware Found Nesting on 30K Macs
Hard on the heels of a macOS adware being recompiled to target Apple’s new in-house processor, researchers have discovered a brand-new family of malware targeting the platform. Curiously, in the samples seen so far by analysts at Red Canary, the malware dubbed Silver Sparrow has been executing on...
Aliens and UFOs: A Final Frontier for Social Engineers
Buried deep within the most recent round of COVID-19 stimulus legislation was a little provision with potentially explosive consequences: The Pentagon has six months to release a full report on what they know about the existence of what they term Unidentified Aerial Phenomena UAP — or UFOs to the...
A Cyber 'Vigilante' is Sabotaging Emotet's Return
The banking trojan Emotet has returned after a five-month hiatus. But, in an amusing twist, one cyber vigilante is thwarting the malware’s comeback. Researchers say a mysterious vigilante is fighting the threat actors behind the malware’s comeback by replacing malicious Emotet payloads with...