15946 matches found
Microsoft IE 8 Shines in Web Browser Security Test
From Network World Ellen Messmer Microsoft’s Internet Explorer 8 rated tops among five browsers tested by NSS Labs for effectiveness in protecting against malware and phishing attacks — though NSS Labs acknowledges Microsoft paid for the tests. Nevertheless, the test process, which lasted over a...
Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data
The Cybersecurity and Infrastructure Security Agency CISA and Coast Guard Cyber Command CGCYBER released a joint advisory warning the Log4Shell flaw is being abused by threat actors that are compromising public-facing VMware Horizon and Unified Access Gateway UAG servers. The VMware Horizon is a...
Windows Hello Bypass Bug Patch is Faulty, Researchers Say
LAS VEGAS – Microsoft Windows 10 biometric user authentication systems Windows Hello can be bypassed, using a single infrared image of a user’s face planted on a tampered clone of an external USB-based webcam. The vulnerability, tracked as CVE-2021-34466, CVSS score: 5.7, was patched by Microsoft...
Kaseya Obtains Universal Decryptor for REvil Ransomware
Kaseya has obtained a master decryptor key for the REvil ransomware that locked up the systems of at least 60 of its customers in a spate of worldwide cyberattacks on July 2. The attacks, which exploited now-patched zero-days in the Kaseya Virtual System/Server Administrator VSA platform, affecte...
Europol Credits Sweeping Arrests to Cracked Sky ECC Comms
Europol launched “major interventions” against organized crime on March 9, which it said were made possible by monitoring the encrypted messages of around 70,000 users of the Sky ECC service since mid-February. Sky ECC, which focuses on selling mobile phones with specialized, private...
As Modern Mobile Enables Remote Work, It Also Demands Security
Smartphones, tablets, collaboration apps and other modern framework tools are critical to maintaining productivity remotely, but they also demand an integrated security strategy purpose-built for mobile devices. The coronavirus pandemic has completely upended the way we work, educate and socializ...
Cisco Webex 'Ghost' Flaw Opens Meetings to Snooping
A vulnerability in Cisco’s Webex conferencing application could allow an attendee to act as a “ghost” in the meeting – allowing them to spy in on potentially sensitive company secrets. To exploit the flaw CVE-2020-3419, attackers can be remote – however, they would need access to join the Webex...
COVID-19 Vaccine-Maker Hit with Cyberattack, Data Breach
COVID-19 vaccine manufacturer Dr. Reddy’s Laboratories has shut down its plants in Brazil, India, Russia, the U.K. and the U.S. following a cyberattack, according to reports. The Indian company is the contractor for Russia’s “Sputinik V” COVID-19 vaccine, which is about to enter Phase 2 human...
Instagram 'Help Center' Phishing Scam Pilfers Credentials
Turkish-speaking cybercriminals are sending Instagram users seemingly legitimate messages from the social media company, with the aim of stealing their Instagram and email credentials. Researchers said that the campaign has been targeting hundreds of celebrities, startup business owners, and othe...
Have I Been Pwned Set to Go Open-Source
Have I Been Pwned, the service that logs data breaches and lets individuals search to see if they’ve been affected by one, is about to go open-source. The result of that, according to its founder, will be additional transparency and security-enhancing features. HIBP, which was kicked off in 2013,...
Zeus Sphinx Banking Trojan Arises Amid COVID-19
The Zeus Sphinx banking trojan is back after being off the scene for nearly three years. According to researchers Amir Gandler and Limor Kessem at IBM X-Force, Sphinx a.k.a. Zloader or Terdot began resurfacing in December. However, the researchers observed a significant increase in volume in Marc...
Lizard Squad Threatens UK's Labour Leader with Cyberattacks Against His Family
Lizard Squad, the well-known hacktivist cybergang, is pledging to mount personal cyberattacks on Britain’s Labour Party leader, Jeremy Corbyn. As the UK continues to be roiled by Brexit debate ahead of a Dec. 12 general election, the Labour Party said on Tuesday that it had been targeted by a...
ENFUSE 2019: Security Regulations, Insider Threats, and IoT Privacy Risks
LAS VEGAS – From insider threats, Internet of Things insecurity, to medical device hacking, ENFUSE 2019 broke down the top privacy and security issues help desks are seeing today. It also tackle what regulatory efforts are being developed to address those threats. Threatpost editor Lindsey...
News Wrap: Voice Assistant Laser Hack, Twitter Insider Threats, Data Breach Fine Fails
Threatpost editors break down the top news stories for the week ended Nov. 8. The hot stories of the week include: Despite trillions of dollars in data-breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise – a Threatpost feature looks at...
U.S. Government, Military Personnel Data Leaked By Autoclerk
A leaky database owned by reservations management system Autoclerk has exposed the personal data and travel information for thousands of users – including U.S. government and military personnel. Autoclerk, which was acquired by the Best Western Hotel and Resorts Group in August, provides...
Hacking Back? BriansClub Dark Web Attack a Boon for Banks
UPDATE A Dark Web “carding store” called BriansClub, which specializes in selling stolen payment card information, has itself become a victim, with thieves making off with 26 million credit- and debit-card records. The site appears to be a target of roundabout “hacking back” by a competitor , who...
Silent Librarian Retools Phishing Emails to Hook Student Credentials
Silent Librarian is targeting university students in full force with a revamped phishing campaign. The threat group, aiming to steal student login credentials, is using new tricks that bring more credibility to its phishing emails and helping it avoid detection. The threat group also known as TA4...
Sophisticated Spy Kit Targets Russians with Rare GSM Plugin
A sophisticated cyberespionage platform called Attor has come to light, sporting an unusual capability for fingerprinting mobile devices as part of its attacks on government and diplomatic victims. According to researchers at ESET, Attor, which has flown under the radar since at least 2013, also...
Venmo's Public Transactions Policy Stirs Privacy Concerns
Your simple $5 Venmo payment to a friend after splitting a pizza could easily expedite various malicious attacks, from stalking to spear-phishing, according to researcher concerns. Many have weighed in on Venmo’s privacy practices, but the latest are Mozilla Foundation and the Electronic Frontier...
DEF CON and Feds Partner on Anonymous Bug Submission Program
Hacking conference organizer DEF CON Communications said it plans to roll out a global anonymous bug submission platform based on the SecureDrop communications tool. During a session at DEF CON in Las Vegas last week, conference founder Jeff Moss said the goal was to launch the yet-to-be-named...
Black Hat 2019 News Wrap: The Best and Worst of the Show
LAS VEGAS – Black Hat and DEF CON 2019 may be wrapping up, but the dual conferences last week in Las Vegas left the security industry with a flurry of new security flaws, topics and announcements to discuss for the weeks to come. Threatpost editors Tara Seals and Lindsey O’Donnell get together to...
Election Security Threats: From Misinformation to Voting Machine
Election security continues to be a top concern – from social media misinformation campaigns, to vulnerabilities in the actual voting machines themselves. At Black Hat USA 2019, Threatpost caught up with Matt Olney, director of threat intelligence at Cisco Talos, to discuss the challenges that...
Gamers Urged to Patch Critical Bugs in GOG Galaxy
GOG Galaxy Games, a popular video game digital distribution platform that enables users to purchase new games and launch them from their desktop, is riddled with vulnerabilities, according to researchers at Cisco Talos. The researchers assert that the GOG Galaxy video game launcher contains six...
Intel Windows 10 Graphics Drivers Riddled With Flaws
Intel has patched 19 vulnerabilities across its popular graphics drivers for Windows 10, including two high-severity flaws. CVE-2018-12216 and CVE-2018-12214 could both allow a privileged user to execute arbitrary code via local access, according to an Intel advisory. “Multiple potential security...
BlackEnergy Malware Used in Attacks Against ICS HMI
Industrial control system operations running human-machine interface software from a handful of vendors are being targeted by a hacking campaign making use of the BlackEnergy malware. The United States Industrial Control System Cyber Emergency Response Team ICS-CERT published an advisory on Tuesd...
September 2014 Microsoft Patch Tuesday security bulletins
The Operation SnowMan espionage campaign, which targeted military intelligence earlier this year via an Internet Explorer zero day, exposed a weak spot in Microsoft’s vulnerability management efforts. What was unique about the SnowMan operation is that it included a check as to whether the...
Microsoft Giving .NET Users The Option to Shed RC4
Microsoft didn’t beat around the bush when it warned customers to stay away from the deprecated RC4 algorithm last fall. Now it’s giving those who use its .NET software framework an option to disable the cipher in Transport Layer Security TLS as well. In a security advisory issued on its Security...
Microsoft to Fix Critical Word Flaw in October Patch Tuesday
Microsoft will release seven bulletins in the October Patch Tuesday next week, fixing 20 total vulnerabilities in Windows, Office, Lync and SQL Server. Only one of the bulletins is rated critical, while the six others are rated important. The one critical bulletin affects Microsoft Office 2003,...
White House Security Czar Howard Schmidt Retiring
Howard Schmidt, the top White House information security adviser, is retiring after more than two years on the job and several decades in security both in government and private industry. Schmidt is in his second stint as the White House security chief and he’s leaving at a time when cybersecurit...
Arms Race In Zero Days Spells Trouble For Privacy, Public Safety
Editor’s Note: This is the second of a two-part podcast with independent security researcher Chris Soghoian. In the first part of our podcast with independent security researcher Chris Soghoian, we talked about the way that the proliferation of “free” applications have forced consumers into the...
Katie Moussouris on Microsoft, Trustworthy Computing and the Evolution of the Security Community
Dennis Fisher talks with Microsoft’s Katie Moussouris about the way that the Trustworthy Computing effort at Microsoft has changed, how the security community has evolved since she got involved in the 1990s and the challenges–and fun–of being a woman in security. Podcast audio courtesy of sykboy6...
Linux Servers at Risk of RCE Due to Critical CWP Bugs
Researchers have discovered two critical bugs in Control Web Panel CWP – a popular web hosting management software used by 200,000+ servers – that could allow for remote code execution RCE as root on vulnerable Linux servers. CWP, formerly known as CentOS Web Panel, is an open-source Linux contro...
Google Emergency Update Fixes Two Chrome Zero Days
Google has pushed out an emergency Chrome update to fix yet another pair of zero days – the second pair this month – that are being exploited in the wild. This hoists this year’s total number of zero days found in the browser up to a dozen. “Google is aware the exploits for CVE-2021-37975 and...
Novel Meteor Wiper Used in Attack that Crippled Iranian Train System
An attack earlier this month on Iran’s train system, which disrupted rail service and taunted Iran’s leadership via hacked public transit display screens, used a never-before-seen wiper malware called Meteor that appears to have been design for reuse, a security researcher has found. The initial...
533M Facebook Accounts Leaked Online: Check if You Are Exposed
More than 533 million Facebook users had their personal information posted to a public hacker forum, a move that is raising concerns about an uptick in cybercrime leveraging the credentials. The publicly released Facebook user data is believed to be part of a 2019 “Add Friend” Facebook security b...
WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug?
UPDATE A researcher is warning that a WhatsApp feature called “Click to Chat” puts users’ mobile phone numbers at risk — by allowing Google Search to index them for anyone to find. But WhatsApp owner Facebook says it is no big deal and that the search results only reveal what the users have chose...
Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested
A hacker accused of selling hundreds of millions of stolen credentials from last year’s “Collection 1” data dump on the dark web has been arrested in the Ukraine. The Security Service of Ukraine SSU took into custody a threat actor known as “Sanix,” who they claim posted 773 million e-mail...
GDPR Compliance Site Leaks Git Data, Passwords
A website that gives advice on privacy regulation compliance has fixed a security issue that was exposing MySQL database settings — including passwords — to anyone on the internet. The website, GDPR.EU, is an advice site for organizations that are struggling to comply with the General Data...
Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak
The discovery of leaked source code for two popular games – Counter-Strike: Global Offensive CS:GO and Team Fortress 2 – has led to security concerns and even calls for gamers to uninstall the software from their computers. The developer and publisher of the two games, Valve, is downplaying the...
Millions of Guests Impacted in Marriott Data Breach, Again
For the second time in two years, the Marriott hotel empire has suffered a major data breach. This time, approximately 5.2 million guests have been affected. The attack was carried out via third-party software that Marriott’s hotel properties use to provide guest services, according to an online...
Hackers Actively Exploit 0-Day in CCTV Camera Hardware
Multiple zero-day vulnerabilities were actively being exploited in CCTV security cameras manufactured by Taiwan-based LILIN, researchers found. The company, an IP video solution provider, was being targeted by hackers hijacking the company’s DVR hardware. Once commandeered, hackers then planted...
High-Severity Flaws Plague Intel Graphics Drivers
Intel has issued security patches for six high-severity vulnerabilities in its Windows graphics drivers which, if exploited, could enable escalation of privilege, denial of service DoS and information disclosure. The graphics driver is software that controls how graphic components work with the...
Microsoft Offers Rewards of Up to $20,000 in New Xbox Bug Bounty Program
Microsoft is offering rewards of up to $20,000 for finding vulnerabilities in its Xbox gaming platform through its latest bug bounty program unveiled this week. The Xbox Bounty Program is open to gamers, security researchers and basically anyone who can help the tech giant identify security...
Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment
The very first Pwn2Own hacking competition that exclusively focuses on the industrial control systems ICS has kicked off in Miami. So far, a total of $180,000 has been awarded for pwning five different products. The contest hosts at Trend Micro’s Zero Day initiative ZDI have allocated more than...
Oil-and-Gas APT Pivots to U.S. Power Plants.
A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the discovery is part...
Magecart Group Targets Routers Behind Public Wi-Fi Networks
A faction of the Magecart threat group is testing code that targets routers used to provide free or paid Wi-Fi services in public spaces and hotels. If successful, attackers would able to compromise these commercial-grade routers and be able to siphon payment data of users joining Wi-Fi networks ...
198 Million Car-Buyer Records Exposed Online for All to See
Over 198 million records containing information on prospective car buyers, including loan and finance data, vehicle information and IP addresses for website visitors, has been found exposed on the internet for anyone to see. The non-password protected Elasticsearch database belonged to Dealer...
MSP or System Integrator? Add Incident Response to Your Portfolio at No Cost
As breaches and cyberattacks grow in a steady upward trajectory, organizations are increasingly looking for ways to protect their assets, outsourcing critical Incident Response IR services to third-party providers. Cynet is now providing its IR services at no cost in a market-first offering which...
Mass Spoofing Campaign Abuses Walmart Brand
An ongoing domain name spoofing campaign is taking aim at retail giant Walmart and other big fish, with more than 540 malicious domains being used to harvest consumer information. The scam domains are mimicking legitimate sites in name and appearance, in hopes of fooling visitors into entering...
1,300 Popular Android Apps Access Data Without Proper Permissions
Over 1,300 popular Android apps defy user permissions and gather sensitive data with no consent, according to a study by a coalition of academics from the International Computer Science Institute. The report examined popular mobile apps available through the U.S. version of the Google Play store,...