15946 matches found
Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers
For the first time, researchers have publicly spotted a Linux encryptor used by the HelloKitty ransomware gang: the outfit behind the February attack on videogame developer CD Projekt Red. On Wednesday, MalwareHunterTeam disclosed its discovery of numerous Linux ELF-64 versions of the HelloKitty...
SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack
SolarWinds has issued a hotfix for a zero-day remote code execution RCE vulnerability already under active, yet limited, attack on some of the company’s customers. Microsoft alerted the company about the flaw, which affects its Serv-U Managed File Transfer Server and Serv-U Secured FTP products...
New Crypto-Stealer ‘Panda’ Spreads via Discord
Yet another new information stealer – Panda Stealer – is being spread through a worldwide spam campaign. On Tuesday, Trend Micro researchers said that they first spotted the new stealer in April. The most recent wave of the spam campaign has had the biggest impact in Australia, Germany, Japan and...
Zero-Click Wormable RCE Vulnerability in Cisco Jabber Gets Fixed, Again
Cisco Systems released an updated patch for a critical vulnerability in its video and instant messaging platform Jabber, originally patched in September. The cross-site scripting bug could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and...
4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users
UPDATE Multiple high-severity vulnerabilities in the Grandstream HT800 series of Analog Telephone Adaptors ATAs threaten home office and midrange users alike, with outages, eavesdropping and device takeover. The HT800 series of ATAs is designed for everyone from home or small-office users to...
Amazon-Themed Phishing Campaigns Swim Past Security Checks
Amazon in the era of COVID-19 has become a staple of many people’s lives, as they order everything from sourdough starter to exercise equipment. Cybercrooks have latched onto the delivery behemoth as a lure for phishing emails, knowing that plenty of legitimate delivery messages are also making i...
WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug?
UPDATE A researcher is warning that a WhatsApp feature called “Click to Chat” puts users’ mobile phone numbers at risk — by allowing Google Search to index them for anyone to find. But WhatsApp owner Facebook says it is no big deal and that the search results only reveal what the users have chose...
Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested
A hacker accused of selling hundreds of millions of stolen credentials from last year’s “Collection 1” data dump on the dark web has been arrested in the Ukraine. The Security Service of Ukraine SSU took into custody a threat actor known as “Sanix,” who they claim posted 773 million e-mail...
GDPR Compliance Site Leaks Git Data, Passwords
A website that gives advice on privacy regulation compliance has fixed a security issue that was exposing MySQL database settings — including passwords — to anyone on the internet. The website, GDPR.EU, is an advice site for organizations that are struggling to comply with the General Data...
Eight Common OT / Industrial Firewall Mistakes
Most industrial sites deploy firewalls as the first line of defense for their Operations Technology OT / industrial networks. However, configuring and managing these firewalls is a complex undertaking. Configuration and other mistakes are easy to make. This article explores eight common mistakes...
Valve Confirms CS:GO, Team Fortress 2 Source-Code Leak
The discovery of leaked source code for two popular games – Counter-Strike: Global Offensive CS:GO and Team Fortress 2 – has led to security concerns and even calls for gamers to uninstall the software from their computers. The developer and publisher of the two games, Valve, is downplaying the...
Millions of Guests Impacted in Marriott Data Breach, Again
For the second time in two years, the Marriott hotel empire has suffered a major data breach. This time, approximately 5.2 million guests have been affected. The attack was carried out via third-party software that Marriott’s hotel properties use to provide guest services, according to an online...
Hackers Actively Exploit 0-Day in CCTV Camera Hardware
Multiple zero-day vulnerabilities were actively being exploited in CCTV security cameras manufactured by Taiwan-based LILIN, researchers found. The company, an IP video solution provider, was being targeted by hackers hijacking the company’s DVR hardware. Once commandeered, hackers then planted...
Microsoft Offers Rewards of Up to $20,000 in New Xbox Bug Bounty Program
Microsoft is offering rewards of up to $20,000 for finding vulnerabilities in its Xbox gaming platform through its latest bug bounty program unveiled this week. The Xbox Bounty Program is open to gamers, security researchers and basically anyone who can help the tech giant identify security...
Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment
The very first Pwn2Own hacking competition that exclusively focuses on the industrial control systems ICS has kicked off in Miami. So far, a total of $180,000 has been awarded for pwning five different products. The contest hosts at Trend Micro’s Zero Day initiative ZDI have allocated more than...
Oil-and-Gas APT Pivots to U.S. Power Plants.
A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the discovery is part...
Magecart Group Targets Routers Behind Public Wi-Fi Networks
A faction of the Magecart threat group is testing code that targets routers used to provide free or paid Wi-Fi services in public spaces and hotels. If successful, attackers would able to compromise these commercial-grade routers and be able to siphon payment data of users joining Wi-Fi networks ...
198 Million Car-Buyer Records Exposed Online for All to See
Over 198 million records containing information on prospective car buyers, including loan and finance data, vehicle information and IP addresses for website visitors, has been found exposed on the internet for anyone to see. The non-password protected Elasticsearch database belonged to Dealer...
MSP or System Integrator? Add Incident Response to Your Portfolio at No Cost
As breaches and cyberattacks grow in a steady upward trajectory, organizations are increasingly looking for ways to protect their assets, outsourcing critical Incident Response IR services to third-party providers. Cynet is now providing its IR services at no cost in a market-first offering which...
Mass Spoofing Campaign Abuses Walmart Brand
An ongoing domain name spoofing campaign is taking aim at retail giant Walmart and other big fish, with more than 540 malicious domains being used to harvest consumer information. The scam domains are mimicking legitimate sites in name and appearance, in hopes of fooling visitors into entering...
Chrome 76 Dumps Default Adobe Flash Player Support
Google has launched the latest iteration of the Chrome browser for Windows, Mac and Linux, which blocks Adobe Flash Player default support and comes with more than 40 security fixes. Though plans to deprecate Adobe Flash in Chrome have been brewing for years, Chrome 76 takes an official first ste...
1,300 Popular Android Apps Access Data Without Proper Permissions
Over 1,300 popular Android apps defy user permissions and gather sensitive data with no consent, according to a study by a coalition of academics from the International Computer Science Institute. The report examined popular mobile apps available through the U.S. version of the Google Play store,...
Millions of Golfers Land in Privacy Hazard After Cloud Misconfig
Finding cloud databases with sensitive information left open to the internet has become par for the course these days – as a new exposure of millions of sensitive data points for the users of a golf app demonstrates. Millions of golfer records from the Game Golf app, including GPS details from...
Twitter Leaks Apple iOS Users' Location Data to Ad Partner
Twitter has disclosed a security bug in its platform that it said inadvertently leaked iOS users’ location data. The Twitter for iOS bug leaked location data at the ZIP code or city level, according to the social media company’s announcement on Monday. Twitter stressed that it has fixed the bug,...
Podcast: Chris Vickery on UpGuard's Discovery of Millions of Facebook Records
Data collection and security was thrust to the forefront this week after researchers with UpGuard disclosed that hundreds of millions of Facebook records were found in two separate publicly-exposed app datasets. The two publicly-exposed datasets included one controlled by Mexican media company...
Google Gives Users More Choice with Location-Tracking Apps
Anyone who uses a mobile app knows how convenient the features that use location data can be, from getting turn-by-turn directions and finding nearby restaurants to fitness-tracking and weather integration. But these rich mobile “experiences” – as app developers call them – can be a double-edged...
RSA Conference 2019: Firms Continue to Fail at IoT Security
SAN FRANCISCO – Low prices and firms racing products to market are two of the biggest factors when it comes to why Internet of Things devices are not getting the type of security do diligence they deserve. According to Checkmarx researcher Erez Yalon, despite years of the infosec community soundi...
Lenovo Watch X Riddled with Security Vulnerabilities
Researchers are raking the Lenovo Watch X over the security coals in a report that blasts the device for shipping with a half dozen “disturbing” privacy and security vulnerabilities. The budget $50 smartwatch was introduced in June 2018 and was initially praised for its design, features and...
U.S. Government Goes After North Korea's Joanap Botnet
The U.S. Justice Department is looking to retaliate against North Korea-linked hackers who have built up a massive global network of infected computers. The department announced on Wednesday that it would seek to map out the Joanap botnet, which has been built and controlled by North Korea-linked...
Adobe Patches Zero-Day Vulnerability in Flash Player
Adobe on Wednesday released several unscheduled fixes for Flash Player, including a critical vulnerability that it said is being exploited in the wild. The critical vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code-execution in Flash. “Adobe has released security...
Google Patches 11 Critical RCE Android Vulnerabilities
Remote code-execution RCE vulnerabilities dominated Google’s December Android Security Bulletin. The flaws are part of a total of 53 unique bugs patched by the Android security team, with a total number of 11 critical bugs – six of which are RCE flaws tied to the operating system’s Media Framewor...
Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update
Microsoft patched 15 critical vulnerabilities this month as part of its March Patch Tuesday roundup of fixes. In all, the company issued 75 fixes, with 61 rated important. Products receiving the most urgent patches included Microsoft browsers and browser-related technologies such as the company’s...
GHOST glibc Linux Remote Code Execution Vulnerability
A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The issue stems from a heap-based buffer overflow found in the nsshostnamedigitsdots...
Bash Vulnerability Exploits Dropping DDoS Bots
A honeypot run by researchers at AlienVault Labs has snared two separate pieces of malware attempting to exploit the Bash vulnerability. One sample is a repurposed IRC bot written in Perl that is trying to build a botnet to be used in distributed denial of service attacks DDoS, said Jaime Blasco,...
Android Root Access Vulnerability Affecting Most Devices
A recently disclosed vulnerability in version 3.14.5 of the Linux kernel is also present in most versions of Android and could give attackers the ability to acquire root access on affected devices. Researchers at Lacoon Mobile Security are calling the bug “TowelRoot,” because it is the very same...
Microsoft Releases Free Threat Modeling Tool 2014
Threat modeling has been part of the security culture at Microsoft for the better part of a decade, an important piece of the Security Development Lifecycle that’s at the core of Trustworthy Computing. Today, Microsoft updated its free Threat Modeling Tool with a number of enhancements that bring...
IE 11 Stands Up to Pwn2Own Exploit Attempt
VANCOUVER – Successful exploits at the Pwn2Own contest get all the glitz, but the rarities are the exploits that fail. A group of four young South Korean hackers from ASRT, all of them well shy of their thirtieth birthdays, stood in proxy for Jung Hoon Lee. Lee was home fulfilling a military...
Threat Modeling, Legos and Dancing Babies
SAN FRANCISCO–The concept of threat modeling has evolved quite a lot in the last few years, moving from an activity that massive software companies such as Microsoft and Google use to anticipate and defend against potential threats to their products to something that many smaller organizations...
Vasillis Pappas Wins $200,000 Microsoft Blue Hat Prize
LAS VEGAS–Microsoft on Thursday handed out three rather large checks to a trio of security researchers, the largest one–$200,000–going to Vasillis Pappas who won the company’s first Blue Hat Prize competition for defensive technologies. Pappas’s kBouncer ROP mitigation technology edged out...
Microsoft Warns of Attacks Against ASP.NET Flaw
Microsoft is warning customers that it has seen ongoing attacks against the recently disclosed padding oracle vulnerability in ASP.NET and is encouraging them to implement a workaround that will help protect against the publicly disclosed exploit for the bug. The workaround that Microsoft has...
Microsoft Security Intelligence Report: The Vinny and Tim Show
This video features Tim Rains and Vinny Gullotto of Microsoft discussing the major threats from the second half of 2008...
Microsoft Takes the Lead in Security
From InfoWorld Roger Grimes Talk about a turnaround. It’s always hard to recognize the larger, slow-moving paradigm shifts as they happen. But after a decade of bad press regarding its commitment to software security, Microsoft seems to have turned the tide. Redmond is getting consistent security...
Iranian State Broadcaster Clobbered by ‘Clumsy, Buggy’ Code
Footage of opposition leaders calling for the assassination of Iran’s Supreme Leader ran on several of the nation’s state-run TV channels in late January after a state-sponsored cyber-attack on Iranian state broadcaster IRIB. The incident – one of a series of politically motivated attacks in Iran...
Partially Unpatched VMware Bug Opens Door to Hypervisor Takeover
A security vulnerability in VMware’s Cloud Foundation, ESXi, Fusion and Workstation platforms could pave the way for hypervisor takeover in virtual environments – and a patch is still pending for some users. The issue affects a wide swath of the virtualization specialist’s portfolio and affects...
Where the Latest Log4Shell Attacks Are Coming From
Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote code-execution RCE flaw CVE-2021-44228 in the Apache Log4j tool, discovered just days ago. Now under active exploit, the “Log4Shell” bug allows complete server takeover. Researche...
FIN7 Liquor Lure Compromises Law Firm with Backdoor
Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoade...
Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows
Kubernetes clusters are being attacked via misconfigured Argo Workflows instances, security researchers are warning. Argo Workflows is an open-source, container-native workflow engine for orchestrating parallel jobs on Kubernetes – to speed up processing time for compute-intensive jobs like machi...
Trickbot Malware Rebounds with Virtual-Desktop Espionage Module
The Trickbot trojan is in resurgence mode, with its operators filling out infrastructure globally and releasing an updated version of its “vncDll” module, used for monitoring and intelligence gathering, researchers said. According to an analysis this week from Bitdefender, there has been “a...
Cyber Polygon 2021
On June 9, 2021, the III annual international online training event Cyber Polygon took place. It connects various global organisations to train their competencies, exchange best practices and bring tangible results to the world community. 200 organizations from 48 countries tested their skills in...
Microsoft Office Users Face Malware-Protection Bypass
Legacy users of Microsoft Excel are being targeted in a malware campaign that uses a novel malware-obfuscation technique to disable Office defenses and deliver the Zloader trojan. The attack, according to research published Thursday by McAfee, marries functions in Microsoft Office Word and Excel ...