15946 matches found
Adobe Discloses Critical Code-Execution Bugs in July Update
Adobe has released its scheduled July 2020 security updates, covering flaws in five different product areas: Creative Cloud Desktop; Media Encoder; Download Manager; Genuine Service; and ColdFusion. Four of the bugs are rated critical in severity, with the others ranked as important. Most of the...
Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module
Intel has stomped out high-severity flaws in its Next Unit Computing NUC mini PC firmware, and in its Modular Server MFS2600KISPP Compute Module. Overall, Intel addressed nine vulnerabilities across six products in its April security update – two of those being high-severity, and the rest being...
SFO Websites Hacked: Airport Discloses Data Breach
The San Francisco International Airport SFO disclosed this week two of its websites had been hacked and lead to the disclosure of some users’ login credentials at both sites. The attacks occurred in March and compromised were SFOConnect.com and SFOConstruction.com, both relatively low-traffic...
Revamped HawkEye Keylogger Swoops in on Coronavirus Fears
There’s a new variant of the HawkEye keylogging malware making the rounds, featuring expanded info-stealing capabilities. Its operators are looking to capture the zeitgeist around the novel coronavirus. It’s being distributed using spam that purports to be an “alert” from the Director-General of...
FBI Plans to Inform States of Election Breaches
The FBI has changed its policy around election cybersecurity and said it will now notify state officials in the event that local election systems are hacked. The move—revealed in a media briefing Thursday and then published online later that day—extends the number of election officials who are...
Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft
A major Microsoft crypto-spoofing bug impacting Windows 10 made waves this Patch Tuesday, particularly as the flaw was found and reported by the U.S. National Security Agency NSA. Microsoft’s January Patch Tuesday security bulletin disclosed the “important”-severity vulnerability, which could all...
Apple's Bug Bounty Opens for Business, $1M Payout Included
Apple has officially opened its historically private bug-bounty program to the public, while boosting its top payout to $1 million. Bounty hunters seeking that $1 million will need to provide a working exploit for a zero-click remote chain with full kernel execution and persistence on Apple’s...
Hackers Dump 2.2M Gaming, Cryptocurrency Passwords Online
The passwords and other personal data of more than 2.2 million users of two websites were revealed online as the result of data breaches that happened earlier this year, a notable security researcher warned. Personal information belonging to the users of cryptocurrency wallet service GateHub and...
Malicious App on Google Play Tallies 100 Million Downloads
Call it the case of a good app gone bad! For some time, a handy PDF creator and optical character recognition OCR app available via Google Play offered users utility and convenience. The app, downloaded more than 100 million times, is called CamScanner and allows Android phone owners to snap a...
Building a Mobile Defense: 5 Key Questions to Ask
How often do we hear Willie Sutton’s famous but probably apocryphal quote about robbing banks because “that’s where the money is?” This gets invoked in the context of information security in general and mobile devices in particular, and there’s a reason: Given the estimates from institutions like...
Post GandCrab, Cybercriminals Scouring the Dark Web for the Next Top Ransomware
Ransomware continues to be a top threat, with Friday’s ransomware attack on 23 Texas local government and agencies and two in June on dual Florida cities – Lake City and Riviera Beach, resulting in a decision to pay off the hackers — acting as perfect examples of just how lucrative this type of...
Agent Smith Malware Infects 25M Android Phones to Push Rogue Ads
Researchers are warning of a new breed of Android malware, dubbed “Agent Smith,” that they claim has infected 25 million handsets in order to replace legitimate apps with doppelgangers that display rogue ads. The malware is tied to a China-based firm, according to Check Point researchers, and is...
Mozilla Tackles Two Critical Flaws with Firefox 67 Release
Mozilla patched several critical vulnerabilities with the release of its Firefox 67 browser on Tuesday. The worst of the bugs patched are two memory safety flaws that could allow attackers to exploit the vulnerabilities to take control of an affected system, according to a security bulletin issue...
Weather Channel Knocked Off-Air in Dangerous Precedent
On Thursday, The Weather Channel – a trusted cable network source of meteorological data across the U.S. – was knocked off the air by what it said was a “malicious software attack” on its network. The Weather Channel hack – not to be confused with the Weather Channel’s own hacks – affected its li...
NetTraveler Attackers Using PRISM Program as Bait
Never let it be said that attackers don’t keep up with the news. The crew behind the NetTraveler cyberespionage attacks is now using the news about the NSA’s PRISM surveillance program as bait in a new spear-phishing campaign. Security researcher Brandon Dixon of 9bplus came across a malicious...
Microsoft's SDL Expands Beyond Redmond
It’s been more than 10 years now since Microsoft began the initiative that would eventually become Trustworthy Computing, and while the effects it’s had inside the company have been well documented, the utility and adoption of the Security Development Lifecycle by outside organizations and...
3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale
On its own, the database of 3.8 billion phone numbers leaked from social-media platform Clubhouse didn’t have much value on the underground market. In fact, they were eventually dumped in a hacker forum for free. But an enterprising threat actor has reportedly combined those phone numbers with 53...
LockBit Gang to Publish 103GB of Bangkok Airways Customer Data
The LockBit ransomware gang has apparently struck again, having purportedly stolen 103GB worth of files from Bangkok Airways and promising to release them tomorrow, on Tuesday. A Dark Web intelligence firm calling itself DarkTracer apparently a separate intel firm than the better-known DarkTrace...
NSA Warns Public Networks are Hacker Hotbeds
The U.S. National Security Agency is offering advice to security teams looking for wireless best practices to protect corporate networks and personal devices. The recommendations, while pedestrian in scope, do offer system administrators a solid cheat sheet to share with their work-from-home crow...
PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers
An innovative Linux-based cryptocurrency mining botnet has been uncovered, which exploits a disputed PostgreSQL remote code-execution RCE vulnerability to compromise database servers. The malware is unusual and completely novel in a host of ways, researchers said. According to researchers at Palo...
Tesla Hacked and Stolen Again Using Key Fob
Researchers have demonstrated for the third time how hacking into the key fob of a Tesla can allow someone to access and steal the car in minutes. The new attack again shows a security vulnerability in the keyless entry system of one of the most expensive electric vehicles EVs on the market...
Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach
The operators of the Maze ransomware have added a fresh trick to their bag of badness: Distributing ransomware payloads via virtual machines VM. It’s a “radical” approach, according to researchers, meant to help the ransomware get around endpoint defense. That’s according to researchers with Soph...
Cisco Warns of High-Severity SD-WAN Flaws
Cisco Systems has fixed three high-severity vulnerabilities in its software-defined networking for wide-area network SD-WAN solutions for business users. If exploited, the flaws could enable bad actors to execute commands with root privileges on affected systems. To exploit the vulnerabilities...
WordPress Plugin Bug in Popup Builder Threatens 100K Websites
Two vulnerabilities – including a high-severity flaw – have been patched in a popular WordPress plugin called Popup Builder. The more severe flaw could enable an unauthenticated attacker to infect malicious JavaScript into a popup – potentially opening up more than 100,000 websites to takeover...
Critical Bugs in Rockwell, Johnson Controls ICS Gear
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...
Have I Been Pwned No Longer For Sale
After announcing last year that he was looking to sell Have I Been Pwned HIPB, Troy Hunt said this week that the popular service has been pulled off the market and will instead continue to be run independently. HIBP offers a free service for consumers to check if their usernames and passwords hav...
Intel Patches High-Severity Flaw in Security Engine
Intel is warning of a high-severity flaw in the firmware of its converged security and management engine CSME, which if exploited could allow privilege escalation, denial of service and information disclosure. CSME powers Intel’s Active Management System hardware and firmware technology, used for...
Hackers Deface U.S. Gov Website With Pro-Iran Messages
UPDATE A U.S. government website was vandalized late Saturday by hackers who posted images of a bloodied President Donald Trump being punched in the face and pro-Iran messages. The defaced website was the Federal Depository Library Program FDLP website, which makes U.S. federal government...
Microsoft Outlook for Android Bug Opens Door to XSS
Users of the Microsoft Outlook for Android app should update their apps to avoid a range of attacks. The bug CVE-2019-1460 would allow an attacker to perform cross-site scripting XSS attacks on the affected systems and run scripts in the security context of the current user, according to...
Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked
Hackers over the weekend successfully compromised widely used software and hardware–including browsers Safari and Chrome, D-Link routers and the Office 365 suite–using zero-day vulnerabilities at the annual Tianfu Cup gathering. The hacking competition, held in Chengdu, China, is very similar to...
Rogue Trend Micro Employee Sold Customer Data for 68K Accounts
Trend Micro said that a rogue employee sold the data of 68,000 customers to a malicious third party, who then used that data to target customers with scam calls. The employee, who gained unauthorized access to a customer-support database, has since been terminated. Trend Micro said that the...
.WAVs Hide Malware in Their Depths in Innovative Campaign
UPDATE Audio .WAV files are the latest hiding place for obfuscated malicious code; a campaign has been spotted in which malicious content was secretly woven throughout the file’s audio data. The embedded code consists of two different payloads: A XMRig/Monero CPU cryptominer and Metasploit code...
iOS Exploit 'Checkm8' Could Allow Permanent iPhone Jailbreaks
A researcher is warning of an un-patchable bug affecting hundreds of millions of iPhones that gives attackers system-level access to handsets via an unblockable jailbreak hack. Right now, the scope of the attack is limited. The exploit is dubbed “checkm8” by a security researcher who goes by the...
Imperva Firewall Breach Exposes Customer API Keys, SSL Certificates
UPDATE Imperva, the security vendor, has made a security breach public that affects customers using the Cloud Web Application Firewall WAF product. Formerly known as Incapsula, the Cloud WAF analyzes requests coming into applications, and flags or blocks suspicious and malicious activity. Users’...
AT&T, T-Mobile, Sprint, Verizon Blasted For Data Privacy Policies
A U.S. senator has put telecommunication companies – AT&T, T-Mobile, Sprint and Verizon – on notice for their data-collection and retention policies. Last week, U.S. senator Ron Wyden D-Ore. sent an open letter to the CEOs of the four major telecom providers urging them to limit the data they...
Black Hat 2019: 5G Security Flaw Allows MiTM, Targeted Attacks
LAS VEGAS — 5G commercial networks are starting to roll out, promising exciting new use cases like automated cars, and smart sensor networks where the nodes have 10-year battery lives. To go along with these possibilities are new security requirements; notably, improvements in device...
Black Hat: LeapFrog Tablet Flaws Let Attackers Track, Message Kids
LAS VEGAS – Serious vulnerabilities have been disclosed in LeapFrog’s tablet for kids, the LeapPad Ultimate, once again throwing child data privacy into the spotlight. The LeapPad Ultimate is a rugged tablet made by LeapFrog that targets children with an array of education, game and eBook apps...
POS Malware Found at 102 Checkers Restaurant Locations
The popular Checkers and Rally’s drive-through restaurant chain was attacked by Point of Sale POS malware impacting 15 percent of its stores across the U.S. Checkers is one of the largest drive-through restaurants in the U.S., operating in 28 states and headquartered in Tampa, Florida. The securi...
200k Personal Records Exposed by Events Planning Firm
A database belonging to Australian event planning startup, Amazingco, was found leaking more than 200,000 records with personal details tied to children’s entertainment, wine tour events and more. Amazingco, which is based in Austrailia but offers services in New Zealand and the U.S., connects...
Researchers in the Dark on Powerful LightNeuron Malware for Years
LightNeuron, a backdoor specifically designed to target Microsoft Exchange mail servers, has flown under the radar since at least 2014, despite being the malware linchpin at the center of several targeted campaigns. A fresh analysis of the recently uncovered code shows that it’s the first publicl...
LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files
A spam campaign pushing the info-stealing LokiBot trojan leverages a novel technique to avoid detection. According to researchers, the spam messages include malicious .zipx attachment hidden inside a .PNG file that can slip past some email security gateways. According to Trustwave SpiderLabs, tha...
Kitty Cryptomining Malware Cashes in on Drupalgeddon 2.0
Yet another bad actor has taken advantage of Drupal sites still vulnerable to “Drupalgeddon 2.0,” this time to mine cryptocurrency. The bad script, dubbed the “Kitty” cryptomining malware, takes advantage of the known critical remote-code execution vulnerability in Drupal CVE-2018-7600 to target...
FruityArmor APT Group Used Recently Patched Windows Zero Day
One of the four zero-day vulnerabilities Microsoft patched last week was being used by an APT group called FruityArmor to carry out targeted attacks, escape browser-based sandboxes, and execute malicious code in the wild. Anton Ivanov, a researcher at Kaspersky Lab, was credited by Microsoft for...
Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates
UPDATE – In an unexpected turn, Microsoft’s monthly Patch Tuesday security updates released today did not include patches for Internet Explorer vulnerabilities used during the Pwn2Own contest one month ago. The popular hacker contest attracted researchers from all over who were targeting all the...
New Flaw Found in Microsoft SharePoint
There is a cross-site scripting flaw in SharePoint 2007, Microsoft’s collaboration product, which could give an attacker the ability to execute arbitrary JavaScript code on a machine through a browser. High-Tech Bridge, a Swiss security firm, published an advisory about the vulnerability on...
Kill Cloud Risk: Get Everybody to Stop Fighting Over App Security - Podcast
Brought to you by Uptycs. Underwriters of Threatpost podcasts do not assert any editorial control over content. Applications are cybercriminals’ favorite ways to crack open targeted organizations. Yet no single team or process can assure the rollout of safe cloud applications. From code design to...
Bluetooth Bugs Open Billions of Devices to DoS, Code Execution
Researchers have disclosed a group of 16 different vulnerabilities collectively dubbed BrakTooth, which impact billions of devices that rely on Bluetooth Classic BT for communication. According to an academic paper from the University of Singapore, the bugs are found in the closed commercial BT...
VMware Fixes Critical Flaw in ESXi Hypervisor
VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a few weeks after it was found during China’s Tianfu Cup hacking competition. The use-after-free vulnerability CVE-2020-4004 has a CVSS score of 9.3 out of 10, making it critical. It exists in the eXtensible Host Controller...
Unpatched Wi-Fi Extender Opens Home Networks to Remote Control
A popular Wi-Fi extender for the home has multiple unpatched vulnerabilities, including the use of a weak, default password, according to researchers. Also, two of the bugs could allow complete remote control of the device. The flaws have been found in Tenda PA6 Wi-Fi Powerline extender, version...
Mootbot Botnet Targets Fiber Routers with Dual Zero-Days
The Mootbot botnet has been using a pair of zero-day exploits to compromise multiple types of fiber routers. According to researchers, other botnets have attempted to do the same, but have so far failed. According to researchers at NetLab 360, the operators of the Mootbot botnet in late February...