15946 matches found
SAP to Give Threat Briefing on Uber-Severe ‘ICMAD’ Bugs
There’s a trio of critical vulnerabilities, fixed on Tuesday, in SAP business applications that use the ubiquitous Internet Communication Manager ICM: the component that gives SAP products the HTTPS web server they need to connect to the internet or talk to each other. The vulnerabilities,...
CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug
CISA is putting the thumbscrews on federal agencies to get them to patch an actively exploited Windows vulnerability. On Friday, the U.S. Cybersecurity and Infrastructure Security Agency CISA announced that it added the vulnerability – tracked as CVE-2022-21882 and with a CVSS criticality rating ...
Amazon’s Plan to Track Worker Keystrokes: A Sign of Controls to Come?
Data theft, insider threats and imposters accessing sensitive customer data have apparently gotten so bad inside Amazon, the company is considering rolling out keyboard-stroke monitoring for its customer-service reps. A confidential memo from inside Amazon explained that customer service credenti...
SonicWall Breach Stems from ‘Probable’ Zero-Days
UPDATE SonicWall is investigating “probable” zero-day flaws in its remote access security products that have been targeted by “highly-sophisticated” attackers. The company says it is investigating the attack and will update customers within 24 hours. The security company said it is currently...
Cisco Patches Critical Flaw After PoC Exploit Code Release
A day after proof-of-concept PoC exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch. Cisco Security Manager is an end-to-end security management application for enterprise administrators, which gives them the ability to enforce various security...
Critical Adobe Illustrator, Bridge and Magento Flaws Patched
Adobe is warning of critical flaws in Adobe Bridge, Adobe Illustrator and the Magento e-commerce platform. If exploited, the most severe vulnerabilities could enable remote code execution on affected systems. Adobe’s out-of-band security update, released on Tuesday, addressed vulnerabilities tied...
Cobalt Ulster Strikes Again With New ForeLord Malware
A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat APT group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between...
Hackers Cashing In On Healthcare Industry Security Weaknesses
SAN FRANCISCO – Cybercriminals are pushing boundaries in looking for new ways to cash in on the healthcare space – whether it is persuading desperate patients to download health information apps that actually infect their devices with malware, attacking hospitals with ransomware attacks or even...
Facebook Cracks Down on Deepfake Videos
Facebook is banning deepfake videos, which stem from a technique of human-image synthesis based on artificial intelligence AI to create fake content. Over the past year, security experts and lawmakers have voiced concerns about malicious deepfake applications, particularly as a vessel for...
Trump, Putin and Politics Name-Dropped to Peddle Malware
With the U.S. presidential elections looming, bad actors are tapping into the political craze with several malware distribution campaigns, using high-profile political names to tap into victims’ emotions and convince them to click on malicious links. Researchers have uncovered hundreds of...
Vulnerable Twitter API Leaves Tens of Thousands of iOS Apps Open to Attacks
Researchers are warning that an old Twitter API still used by popular iOS mobile apps that could be abused as part of a man-in-the-middle attack. It could be used to hijack Twitter accounts and compromise other third-party apps that are linked to the same “login with Twitter” feature. According t...
More U.S. Utility Firms Targeted in Evolving LookBack Spearphishing Campaign
A spearphishing campaign, first spotted in July targeting three U.S. utility companies with a new malware variant, has evolved its tactics and extended its targeting to include nearly 20 companies. The campaign was first discovered in phishing emails, sent between July 19 and 25, which targeted...
Microsoft Offers $30K Rewards For Chromium Edge Beta Flaws
Microsoft is calling on researchers to help sniff out any security glitches in the beta version of its new Chromium-based Edge browser before officially pushing it live. The tech company has been working to build a new version of Edge based on Google’s open-source Chromium code, as opposed to its...
WhatsApp, Telegram Coding Blunders Can Expose Personal Media Files
Though WhatsApp and Telegram tout themselves as secure messaging services, faulty developer coding that allows cyberattackers to intercept media files sent on the Android versions of the services like photos and videos, documents and voice memos undercuts that claim. The security weakness, dubbed...
Facebook Removes Accounts Used to Infect Thousands With Malware
Facebook has shut down more than 30 accounts spreading malware through malicious links that purport to be news about the ongoing political situation in Libya. The campaign, ongoing since 2014, has infected tens of thousands of victims with remote access trojans RATs, according to researchers. The...
WWDC 2019: Apple Takes Aim at Facebook on Privacy
Apple took a swipe at Facebook at its Worldwide Developers’ Conference WWDC on Monday, unveiling fresh privacy features for the upcoming version of its iOS operating system for iPhone and iPad iOS 13. Most notably, it took the wraps off of an authentication mechanism that will allow users to sign...
GlitchPOS Malware Appears to Steal Credit-Card Numbers
A new insidious malware bent on siphoning credit-card numbers from point-of-sale PoS systems has recently been spotted on a crimeware forum. Researchers at Cisco Talos said in a Wednesday analysis that they discovered the malware, dubbed “GlitchPOS,” being peddled on the Dark Web for $250. The...
Equifax Says 2.4 Million More People Impacted By Massive 2017 Breach
Equifax said that an additional 2.4 million Americans have had their personal data stolen as part of the company’s massive 2017 data breach, including their names and some of their driver’s license information. The additional identified victims bring the total of those implicated in what has beco...
JenX Botnet Has Grand Theft Auto Hook
Researchers at Radware have discovered a new botnet that uses vulnerabilities linked with the Satori botnet and is leveraging the Grand Theft Auto videogame community to infect IoT devices. Satori is a derivative of Mirai, the notorious botnet that in 2016 infamously managed to take down Dyn, a D...
September 2015 Microsoft Patch Tuesday Security Bulletins
Microsoft today patched a vulnerability in its graphics component present in Windows, Office and Lync that has been publicly attacked, and is one of five vulnerabilities patched this month that have been publicly disclosed. Microsoft released a dozen bulletins today, five of them it rates critica...
Era Ends With Break Up of Trustworthy Computing Group at Microsoft
In a move that has surprised many in the security community, Microsoft has disbanded its Trustworthy Computing unit, the group that was responsible for the pioneering work that helped reverse the company’s security reputation and make Windows a much more secure and reliable computing platform. Th...
Ruby on Rails Exploit Harvests IRC Botnet
Developers who have not updated their Ruby on Rails installations with a five-month-old security patch would do well to secure the Web development framework now. Exploit code has surfaced for CVE-2013-0156 that is being used to build a botnet of compromised servers. Exploit code has been publicly...
Botnets Hit Perl Testers With Denial of Service Attack
According to a posting on the CPAN Testers’ blog, the CPAN Testers’ server has been being aggressively scanned by “20-30 bots every few seconds” in what they call “a dedicated denial of service attack”; these bots “completely ignore the rules specified in robots.txt”. Read the full article. The H...
Protect Your Executives’ Cybersecurity Amidst Global Cyberwar
It’s been roughly two months since Russia first launched its unprovoked invasion of Ukraine. Since then, the world has borne witness to unspeakable tragedy. While damaged and destroyed property can and will be rebuilt; the death and despair incurred by Ukrainians will leave a lasting imprint acro...
The Internet’s Most Tempting Targets
The number of exposed assets keeps climbing, but existing security strategies aren’t keeping up. Attack surfaces are getting more complex, and the excruciatingly hard part is figuring out where to focus. For every 1,000 assets on an attack surface, there is often only one that’s truly interesting...
Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows
Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution RCE vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents. Microsoft has not revealed much about the MSHTML bug,...
‘Pay Ransom’ Screen? Too Late, Humpty Dumpty – Podcast
Systems actively encrypted? Are they showing a screen that says “pay the ransom?” Too late: At that point, you’re probably toast. A few options, none great: 1. The painful and problematic process of recovery-via-backups if you have them and they work. You’ve tested them, right? No? Sorry: You can...
Industrial Networks Exposed Through Cloud OT
The benefits of using a cloud-based management platform to monitor and configure industrial control systems ICS devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be used to paralyz...
SonicWall Warns Firewall Hardware Bugs Under Attack
Security vendor SonicWall is warning customers to patch its enterprise secure VPN hardware to thwart an “imminent ransomware campaign using stolen credentials” that’s exploiting security holes in current models and those running legacy firmware. Targeted are the company’s Secure Mobile Access SMA...
Apple Mail Zero-Click Security Vulnerability Allows Email Snooping
A zero-click security vulnerability in Apple’s macOS Mail would allow a cyberattacker to add or modify any arbitrary file inside Mail’s sandbox environment, leading to a range of attack types. According to Mikko Kenttälä, founder and CEO of SensorFu, exploitation of the bug could lead to...
TrickBot Continues Resurgence with Port-Scanning Module
The TrickBot trojan is continuing its bounce-back from an autumn takedown, recently adding a network-scanning module that uses the Masscan open-source tool to look for open ports. Masscan is a mass TCP/IP port scanner, which can scan the entire internet in under five minutes according to its...
Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares
Healthcare cybersecurity threats have been under the spotlight this past year, in particular with the rise of COVID-19 and the budgetary and resource strains that has put on hospitals. Beau Woods, a Cyber Safety Innovation Fellow with the Atlantic Council, founder and CEO of Stratigos Security an...
Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software
ModPipe, a previously unknown backdoor, has been purpose-built to attack restaurant point-of-sale PoS solutions from Oracle. It’s notable for its unusual sophistication, according to researchers, evidenced by its multiple modules. The code is specifically taking aim at the Oracle MICROS Restauran...
Apple Patches Bugs Tied to Previously Identified Zero-Days
Apple has patched three previously identified zero-day vulnerabilities in its iPhone, iPod and iPad devices potentially related to a spate of related flaws recently discovered by the Google Project Zero team that also affect Google Chrome and Windows. Apple this week released iOS 14.2 and iPadOS...
FortiGate VPN Default Config Allows MitM Attacks
Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle MitM attacks, according to researchers, where threat actors could intercept important data. According to the SAM IoT Security Lab, the FortiGate SSL-VPN client only verifies that the...
Attackers Horn in on MFA Bypass Options for Account Takeovers
An uptick in business email compromise attacks is being attributed to successful compromises of multi-factor authentication MFA and conditional access controls, according to researchers. While brute-forcing and password spraying techniques are the most common way to mount account takeovers, more...
Oracle Tackles a Massive 405 Bugs for Its April Quarterly Patch Update
Oracle admins are staring down the barrel of a massive quarterly Critical Patch Update that includes 405 patches. Business software giant Oracle Corp. revealed 286 of those vulnerabilities are remotely exploitable across nearly two dozen product lines. Impacted with multiple critical flaws, rated...
Dark_Nexus Botnet Compromises Thousands of ASUS, D-Link Routers
A new botnet has compromised hundreds of ASUS, D-Link and Dasan Zhone routers over the past three months, as well as Internet of Things IoT devices like video recorders and thermal cameras. The botnet, called darknexus based on a string it prints in its banner, uses processes similar to previous...
xHelper: The Russian Nesting Doll of Android Malware
The “undeletable” xHelper malware – which ultimately results in the installation of the Triada trojan – has become a virulent scourge for Android devices this year, according to researcher analysis – bringing with it a hallmark of being virtually indestructible for the common user. xHelper is kno...
Official Government COVID-19 Mobile Apps Hide a Raft of Threats
A rash of COVID-19 Android mobile apps have emerged that are aimed at helping citizens in Iran, Italy and Colombia track symptoms and virus infections. However, they’re also putting people’s privacy and the security of their data at risk, researchers have found. Security researchers at the ZeroFO...
Working from Home: COVID-19's Constellation of Security Challenges
As the threat of coronavirus continues to spread, businesses are sending employees home to work remotely, and students are moving to online classes. But with the social distancing comes a new threat – a cyber-related one. As organizations rush to shift their businesses and classes online,...
Video: Ransomware a Growing Industrial Security Threat
SAN FRANCISCO – Today, Operational Technology OT and Information Technology systems are merging and changing security playbooks. Here at RSA Conference 2020, Waterfall Security‘s CEO and co-founder Lior Frenkel describes the front lines of the convergence. Frenkel maintains that just as more...
TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection
The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control UAC to deliver malware across multiple workstations and endpoints on a network, researchers have discovered. Researchers at Morphisec Labs te...
‘Fleeceware’ Apps Downloaded 600M Times from Google Play
Google has made a concerted effort in recent months to try to eliminate bad apps for its Android mobile platform on the Google Play store—something the company historically has battled. However, fleeceware apps—which trick users into paying excessive amounts of money for simple apps with...
267M Facebook Users’ Phone Numbers Exposed Online
A database exposing the names, phone numbers and Facebook user IDs of millions of platform users was left unsecured on the web for nearly two weeks before it was removed. Security researcher Bob Diachenko, who along with Comparitech discovered the unsecured Elasticsearch database, believe it...
Alexa, Google Home Eavesdropping Hack Not Yet Fixed
Months after researchers disclosed a new way to exploit Alexa and Google Home smart speakers to spy on users, those same researchers now warn that Amazon and Google have yet to create effective ways to prevent the eavesdropping hack. The researchers who in October disclosed the “Smart Spies” hack...
Podcast: Managing an Out-Of-Control Security Tech Stack
This podcast is sponsored by Arctic Wolf. In this sponsored podcast, Threatpost podcast host Cody Hackett and Sam McLane, chief technology officer with Arctic Wolf, discuss important considerations when building a multi-layered cybersecurity strategy and best practices when evaluating security...
Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security
The headlines over the past few years have been consistent – enterprises are pouring more and more money into cybersecurity countermeasures. Indications are that 2020 will be no different, with reports that nearly three quarters of CISOs plan to ask their CFOs for increased cybersecurity investme...
Fancy Bear Targets Sporting, Anti-Doping Orgs As 2020 Olympics Loom
At least 16 anti-doping authorities and sporting organizations around the world have been hit by cyberattacks as the world begins to gear up for the Tokyo Summer Olympic Games, which kick off July 2020. The attacks, which began Sept. 16, have been linked to infamous Russian threat group Fancy Bea...
Cybercrime Tool Prices Bump Up in Dark Web Markets
Prices have been rising in the last two years for longstanding tools available on the Dark Web to help bad actors commit cyber attacks and fraud, alongside newer innovations that are emerging to bolster crimes like ransomware and SIM swapping, new research has found. Keeping track of these trends...