15946 matches found
ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users
While macOS is often touted as “safer” on the cybersecurity front compared to Windows-based systems, cybercriminals are in fact increasingly targeting Apple’s ecosystem. The number of attacks on macOS users through malicious and potentially unwanted programs has been increasing annually since 201...
Android Zero-Days Now Worth More Than iPhone Exploits
An Android zero-day exploit is now worth more than one for the iPhone on the global cyberweapons market. Exploit acquisition vendor Zerodium said Tuesday that it is willing to pay a whopping $2.5 million for a zero-click Android zero-day with persistence. That number significantly increases the...
Facebook Drops Default Facial Recognition Tag Suggestions
Facebook is giving users more control over a facial recognition feature used by the company to help identify, or Tag, people on its platform. Starting Tuesday, the company said it would allow its users to opt-out of the Tag Suggestions feature, while at the same time the company is attempting to...
Tips for Successful Zero-Trust Implementation
The zero-trust concept is often and pithily summarized as “trust no one, verify everything.” No enterprise can stave off the myriad of cyberthreats as long as they assume that any individual element can be trusted as secure. No traffic, whether internal or external, can automatically be deemed...
Cisco DNA Center Critical Flaw Opens Access to Internal Services
Cisco is urging customers to update after discovering a critical vulnerability in its Digital Network Architecture DNA Center, which could allow an unauthenticated attacker to access critical internal services. Overall, Cisco issued fixes for 25 vulnerabilities across its various products: Two...
Google Play Boots Italian Spyware Apps That Infected Hundreds
Google has removed more than a dozen malicious apps harboring Android spyware from its Google Play marketplace. The spyware appears to have been developed by an Italian firm, which is now under investigation for its development. Researchers allege that the apps have infected several hundred – up ...
Uber Deployed 'Surfcam Spyware' in Australia to Crush the Competition – Report
A rogue employee at rideshare behemoth Uber created and deployed a piece of information-gathering software in order to help his company get a leg up on the local competition in Australia, according to a report. The so-called “secret spyware program” was dubbed Surfcam, and was developed by the...
RSA Conference 2019: Picking Apart the Foreshadow Attack
SAN FRANCISCO – Starting off with a bang with Spectre and Meltdown, 2018 was the year of speculative execution vulnerabilities in CPUs, which wreaked havoc in the IT industry. One of these attacks, dubbed Foreshadow, could allow unauthorized disclosure of information. Foreshadow impacts the Intel...
Microsoft Issues 'Important' Security Fix for Azure AD Connect
Microsoft is warning customers of a bug in its Azure Active Directory Connect product that could allow an adversary to escalate privileges and reset passwords and gain unauthorized access to user accounts. The advisory 4033453 was issued Tuesday via Microsoft’s TechNet website for the vulnerabili...
FreeBSD Patches TCP Processing DoS Vulnerability
FreeBSD has patched a denial-of-service vulnerability that could affect a host of third-party packages built atop the UNIX-like operating system. The vulnerability—found in the way FreeBSD processes TCP packets—was discovered by a member of Juniper Networks’ incident response team. FreeBSD’s...
Amazon Web Services Combing Third Parties for Credentials
Amazon Web Services is actively searching a number of sources, including code repositories and application stores, looking for exposed credentials that could put users’ accounts and services at risk. A week ago, a security consultant in Australia said that as many as 10,000 secret Amazon Web...
Microsoft Yanks Buggy Windows Server Updates
Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable...
FTC to Go After Companies that Ignore Log4j
The Federal Trade Commission FTC will muster its legal muscle to pursue companies and vendors that fail to protect consumer data from the risks of the Log4j vulnerabilities, it warned on Tuesday. “The FTC intends to use its full legal authority to pursue companies that fail to take reasonable ste...
Google Crushes YouTube Cookie-Stealing Channel Hijackers
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on the ripped-off channels. In a Wednesday post, Ashley Shen, with Google’s Threat Analysis Group TAG, said that TAG attributes the assaults to a group of attackers recruit...
Porn Problem: Adult Ads Persist on US Gov’t, Military Sites
U.S. military and government website subdomains have a sticky problem: They’re “quite vulnerable” to blackhat SEO tactics that result in persistent redirects to spammy Viagra ads and porn videos. An example is one that showed up on a dot.mil subdomain on the Minnesota National Guard site you can...
SonicWall Warns Firewall Hardware Bugs Under Attack
Security vendor SonicWall is warning customers to patch its enterprise firewall hardware to thwart an “imminent ransomware campaign using stolen credentials” that’s exploiting security holes in current models and those running legacy firmware. Targeted are the company’s Secure Mobile Access SMA 1...
Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers
Researchers have uncovered more custom malware that is being used by the threat group behind the SolarWinds attack. Researchers with Microsoft and FireEye identified three new pieces of malware that the companies said are being used in late-stage activity by the threat actor previously called...
Hackers Leak Stolen Pfizer-BioNTech COVID-19 Vaccine Data
On the heels of a previously-reported cyberattack on the European Medicines Agency EMA, cybercriminals have spilled compromised data related to COVID-19 vaccinations onto the internet. The EMA is an agency of the European Union in charge of the evaluation and supervision of medicinal products in...
Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Google’s latest version of its browser, Chrome 86, is now being rolled out with 35 security fixes – including a critical bug – and a feature that checks if users have any compromised passwords. As of Tuesday, Chrome 86 is being promoted to the stable channel for Windows, Mac and Linux and will ro...
Adobe Patches Critical RCE Flaw in Character Animator App
Adobe has issued an out-of-band patch for a critical flaw in Adobe Character Animator, its application for creating live motion-capture animation videos. The flaw can be exploited by a remote attacker to execute code on affected systems. The flaw CVE-2020-9586 is found in versions 3.2 and earlier...
Spear-Phishing Attack Lures Victims With 'HIV Results'
Recently discovered spear-phishing emails are using a unique “scare-factor” lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. Researchers are warning of a recent campaign involving emails claiming to come from Vanderbilt University Medical...
Small Tax-Preparation Firms at Higher Risk this Tax Season, Report
This tax season crooks are targeting users with a new crop of scams that include leveraging remote desktop software and compromising small tax-prep company websites. “If you have the word ‘tax’ in your domain name; you’re a target this year,” warns Sherrod DeGrippo, senior director of threat...
Microsoft Leaves 250M Customer Service Records Open to the Web
UPDATE Misconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records to the open internet for 25 days. The account info dates back as far as 2005 and is as recent as December 2019 — and exposes Microsoft customers to phishing and tech scams...
Oski Data-Stealing Malware Emerges to Target North America, China
An emergent and effective data-harvesting tool dubbed Oski is proliferating in North America and China, stealing online account credentials, credit-card numbers, cryptowallet accounts and more. Oski, likely a Finnish or Nordic variant of the word Oska, meaning “Viking warrior or god” in Samoan,...
Telnet Backdoor Opens More Than 1M IoT Radios to Hijack
Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets’ embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, add a compromised radio to a botnet, send custom audio...
Joker Spyware Found in 24 Google Play Apps
A new spyware has been making the rounds in Android apps on Google Play, infecting victims post-download to steal their SMS messages, contact lists and device information. In addition to stealing victims’ information, the malware also stealthily signs them up for premium service subscriptions tha...
Critical Bugs Open Food-Safety Systems to Remote Attacks
Two critical vulnerabilities in a food-quality management software package would allow adversaries to completely compromise the system. The issues affect the AK-EM 800 product from SCADA vendor Danfoss. It’s an enterprise management solution for the food retail industry that provides a central...
Half of Android Handsets Susceptible to Clever SMS Phishing Attack
Over half of all Android handsets are susceptible to a clever over-the-air SMS phishing attack that could allow an adversary to route all internet traffic through a rogue proxy, as well as hijack features such as a handset’s homepage, mail server and directory servers for synchronizing contacts a...
CEO 'Deep Fake' Swindles Company Out of $243K
In the first known case of successful financial scamming via audio deep fakes, cybercrooks were able to create a near-perfect impersonation of a chief executive’s voice – and then used the audio to fool his company into transferring $243,000 to their bank account. A deep fake is a plausible video...
Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers
UPDATE Cosmetics giant Yves Rocher is warning that a giant data leak exposed the personal data of millions of its customers and reams of sensitive internal company information to the public. The data exposure stems from a database left unprotected by a third-party consultant to the firm...
Innovation on the Dark Web: How Bad Actors Are Keeping Pace
By now, the vast majority of consumers have heard of the dark web. Even if they aren’t exactly sure how it works, they know that it’s the deep corner of the internet where “bad things happen.” Ever since the highly publicized seizure of large dark markets like AlphaBay and Hansa, It’s become comm...
WordPress Plugin Flaws Exploited in Ongoing Malvertising Campaign
A widespread and ongoing malicious advertising campaign is exploiting several recently-disclosed WordPress plugin vulnerabilities to redirect website visitors to booby-trapped landing pages. Researchers at Wordfence said that they recently discovered bad actors injecting code into websites with t...
Snapchat Privacy Blunder Piques Concerns About Insider Threats
Snap, the company behind the popular Snapchat social media app, has found itself in hot water after a recent report revealed that Snap employees were abusing their access to private user data – which includes location data, saved Snaps and phone numbers. According to a Thursday Motherboard report...
Data Security in the Cloud: How to Lock Down the Next-Gen Perimeter
With businesses continuing their digital migrations to cloud services and applications, IT is finding itself wrestling with how to keep companies’ data safe. The challenge? The cloud has created a next-generation, virtual perimeter. Businesses are using infrastructure-as-a-service IaaS, cloud...
Malspam Campaigns Distribute HawkEye Keylogger, Post Ownership Change
The HawkEye malware kit and information-stealer has been spotted in a newfound slew of campaigns after a recent ownership change. While the keylogger has been in continuous development since 2013, in December a thread on a hacking site noted an ownership change, after which posts on hacking forum...
Verizon Router Command Injection Flaw Impacts Millions
UPDATE Three vulnerabilities have been discovered in the Verizon Fios Quantum Gateway which, when exploited together, could give an attacker complete control of a victim’s network. The device is used by millions of Verizon home customers and functions as a home’s wireless router and digital...
Magento Patches Critical SQL Injection and RCE Vulnerabilities
Magento patched 37 vulnerabilities on Thursday, including a host of critical flaws in the e-commerce platform that could have let attackers perform a range of malicious activities, such as take over a site and create new admin accounts. The most serious of the bugs is a remote code-execution RCE...
Microsoft Confirms Serious 'PrivExchange' Vulnerability
Microsoft acknowledged an elevated privilege flaw in its Exchange Server could allow a remote attacker with a simple mailbox account to gain administrator privileges. Both a Microsoft advisory and a US-CERT alert were issued on Tuesday warning users of the elevation of privilege flaw, dubbed...
Mac "CookieMiner" Malware Aims to Gobble Crypto Funds
A newly-discovered malware is targeting Mac users’ web cookies and credentials in hopes of withdrawing funds on their cryptocurrency exchange accounts. The malware, discovered this month and aptly named “CookieMiner,” collects cryptocurrency-related cookies – in addition to compromised credential...
libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers
The libssh open-source project has issued an update to address an authentication bypass vulnerability in the server code — to say that it’s trivial to exploit is an understatement. The flaw CVE-2018-10933 exists in libssh versions 0.6 and above being used in server mode – and it allows anyone to...
On Heels of Criticism, Newly-Released Google Chrome 70 Prioritizes Privacy
Google has lifted the curtain on its latest version of Chrome, which the tech giant has pledged touts more data privacy features, as well as fixes for high-priority vulnerabilities. The release comes after Google had promised updates in Chrome 70 to “better communicate our changes and offer more...
Tools Used by Lamberts APT Found in Vault 7 Dumps
Links have emerged connecting targeted attacks going back a decade against high-profile government, industrial and financial targets around the world to hacking tools and documents leaked in the Vault 7 dump. Researchers at Kaspersky Lab today published a technical report on the activities of a...
Attacks Heating Up Against Apache Struts 2 Vulnerability
Public attacks and scans looking for exposed Apache webservers have ramped up dramatically since Monday when a vulnerability in the Struts 2 web application framework was patched and proof-of-concept exploit code was introduced into Metasploit. The vulnerability, CVE-2017-5638, was already under...
Flash Exploit Found in Seven Exploit Kits
A nasty Adobe Flash zero-day vulnerability that was remediated in an emergency update in October 2015 was thereafter co-opted by seven exploit kits, according to an analysis published today by researchers at Recorded Future. The Adobe vulnerability, CVE-2015-7645, was also used by the Russian APT...
November 2014 Microsoft Patch Tuesday Security Bulletins
A busy Microsoft Patch Tuesday arrived today with an extra sense of urgency and a complication. Among 14 bulletins, four of which are rated critical by Microsoft, is a patch for the OLE zero-day vulnerability being used in a number of targeted attacks. The zero-day is being spread via email...
Microsoft Reads User Email without Warrant
Late last week it emerged that Microsoft had searched through the contents of a French blogger’s Hotmail account in order to track down the source of a leak of proprietary information from the Redmond, Wash., tech giant. The Electronic Frontier Foundation and transparency advocates have expressed...
Millions of Java Apps Remain Vulnerable to Log4Shell
Four months after the discovery of the zero-day Log4Shell critical flaw, millions of Java applications still remain vulnerable to compromise, researchers have found. Rezilion expected that due to the “massive amount of media coverage” the bug unsurprisingly received, the majority of applications...
Five Critical Android Bugs Patched, Part of Feb. Security Bulletin
Google patched five critical bugs in its Android operating system as part of its February Security Bulletin. Two of the flaws were remote code execution vulnerabilities found within the Android media framework and system. Three additional critical Qualcomm bugs were reported by Google and patched...
Oracle WebLogic Server RCE Flaw Under Active Attack
If an organization hasn’t updated their Oracle WebLogic servers to protect them against a recently disclosed RCE flaw, researchers have a dire warning: “Assume it has been compromised.” Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE...
Election Security: Beyond Mail-In Voting
As a highly publicized event, every four years the U.S presidential election comes with inevitable security risks — and interest from high-level hackers and sophisticated cybercriminals looking to sway its results. The upcoming election ups the stakes — it has captured the attention of everyone...