15946 matches found
Energy Sector Phish Swims Past Microsoft Email Security via Google Drive
A targeted spearphishing campaign has hit an organization in the energy sector – after using a savvy trick to get around the company’s Microsoft email security stack. According to Aaron Riley, a researcher from Cofense, the campaign impersonated the CEO of the targeted company, sending email via...
Easter Attack Affects Half a Billion Apple iOS Users via Chrome Bug
UPDATE About a half a billion Apple iOS users and counting have been hit by session-hijacking cybercriminals bent on serving up malware. They’re exploiting an unpatched flaw in the Chrome for iOS browser, to bypass sandboxing and hijack user sessions, targeting iPhone and iPad users. The attacks...
Adobe Patches Critical Photoshop, Digital Edition Flaws
Adobe on Tuesday released its March Security Update, reporting and fixing only two critical flaws: one in Photoshop CC and one in Adobe Digital Editions. Both critical flaws could allow a bad actor to achieve arbitrary code execution in the context of the current user, Adobe said. The company sai...
RSAC 2019: Most Consumers Say ‘No’ to Cumbersome Data Privacy Practices
Despite high-profile headlines about companies such as Facebook and Google abusing consumers’ personal information, it turns out that the average American is still not implementing a full cadre of best practices for keeping data safe. According to survey findings from research released at the RSA...
ThreatList: APT Adversaries Up the Ante on Speed, Target Telecom
Despite law-enforcement wins in the form of several high-profile arrests and indictments during 2018, nation-state adversaries have upped their games when it comes to speed. That’s according to CrowdStrike’s 2019 Global Threat Report, which found that when analyzing how long it takes to go from...
New APT Could Signal Reemergence of Notorious Comment Crew
A recently observed APT campaign, dubbed Operation Oceansalt, could herald the return of the infamous China-linked hacking group known as Comment Crew or APT1. Attacks are cunning and are defined by their their deep targeting and use of an innovative multi-wave attack methodology. Operation...
Up to 35 Million 2018 Voter Records For Sale on Hacking Forum
Up to 35 million voter records have been found up for sale on a popular hacking forum from 19 states, researchers discovered. Researchers at Anomali Labs and Intel 471 on Monday said that they discovered Dark Web communications offering a large quantity of voter databases for sale – including...
Slideshow: Intel from Virus Bulletin 2018
This year’s Virus Bulletin 2018, held in Montreal Oct. 3-5, featured a keynote from Microsoft’s John Lambert and a range of threat intelligence research from BAE Systems, Check Point, Cisco Talos, Citizens Lab, Digita Security, ESET, GoSecure, Kaspersky Lab, Malwarebytes, Sophos Security and more...
Lenovo Warns Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models
Lenovo warned customers on Friday that two critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad brand. The vulnerabilities were first revealed in September and originally they were only reported to impact specific Broadcom chipsets used in Apple iPhones, Apple TV and Androi...
Adobe Flash Player Zero-Day Spotted in the Wild
The South Korean Computer Emergency Response Team issued a warning Wednesday of a new Adobe Flash Player zero-day spotted in the wild. The security bulletin warns that the attacks are focused on South Koreans and involve malicious Microsoft Word documents. According to the South Korean Computer...
Cisco Warns of Critical Vulnerability Revealed in WikiLeaks 'Vault 7' Data Dump
Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7...
Adobe Patches Flash Zero Day Under Attack by APT Group
Adobe on Thursday patched a zero-day vulnerability in Flash Player that has been used in targeted attacks carried out by a new APT group operating primarily against high-profile victims in Russia and Asia. Researchers at Kaspersky Lab privately disclosed the flaw to Adobe after exploits against t...
October Patch Tuesday Fixes Critical IE Bugs, 28 Vulnerabilities
As expected, Microsoft began shipping its latest batch of Patch Tuesday patches earlier this afternoon. However, while it was heavily presumed the update would fix at least one Internet Explorer zero day, the update actually fixes two critical vulnerabilities in the browser. Eight bulletins — fou...
A Decade of Microsoft Patch Tuesday Security Updates
On Oct. 9, 2003, Microsoft announced its new security patching process that would end up being a catalyst for significant change in the information security community. Ten years ago, the program was announced with a press release that promised “Improved patch management processes, policies and...
Exploit Code Surfaces for CVE-2012-1875 Internet Explorer Bug
Less than a week after Microsoft released a patch for a critical vulnerability in Internet Explorer, attack code has become publicly available in the form of a module for the Metasploit Framework. The bug is serious one that enables an attacker to bypass both ASLR and DEP, the two main anti-explo...
Oracle Patches 88 Vulnerabilities, Including Some that Allow Remote Exploits Without Authentication
Oracle yesterday released 88 security fixes for vulnerabilities — including several that allow for remote access without authentication — across its portfolio as part of its quarterly Critical Patch Update. “Due to the threat posed by a successful attack, Oracle strongly recommends that customers...
Fresh APT Harvester Reaps Telco, Government Data
A previously unseen advanced persistent threat APT group dubbed Harvester by researchers is attacking telcos, IT companies and government-sector targets in a campaign that’s been ongoing since June. According to a Symantec analysis, the group sports a veritable cornucopia of advanced and custom...
LockBit 2.0 Ransomware Proliferates Globally
The LockBit ransomware-as-a-service RaaS gang has ramped up its targeted attacks, researchers said, with attempts against organizations in Chile, Italy, Taiwan and the U.K. using version 2.0 of its malware. Attacks in July and August have employed LockBit 2.0, according to a Trend Micro analysis...
Windows Hello Bypass Fools Biometrics Safeguards
A vulnerability in Microsoft’s Windows 10 password-free authentication system has been uncovered that could allow an attacker to spoof an image of a person’s face to trick the facial-recognition system and take control of a device. Windows Hello is a feature in Windows 10 that allows users to...
How Fake Accounts and Sneaker-Bots Took Over the Internet
Recently, one of my friends from my submarine days sent me a friend request on Facebook. The weird thing is, I was already connected with this friend. Looking further at the profile, I noticed a few of the same pictures but only 11 friends. So I knew this was some scammer and, being me, I message...
Targeted AnyDesk Ads on Google Served Up Weaponized App
A fake version of the popular remote desktop application AnyDesk, pushed via ads appearing in Google search results, served up a trojanized version of the program. The campaign even bested AnyDesk’s own ad campaign on Google – ranking higher in its paid results. The campaign, active since April 2...
623K Payment Cards Stolen from Cybercrime Forum
The Swarmshop cyber-underground “card shop” has been hit by hackers, who lifted the site’s database of stolen payment-card data and leaked it online. That’s according to researchers at Group-IB, who said that the database was posted on a rival underground forum. Card shops, are online cybercrimin...
Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data
A security blip in the current version of Zoom could inadvertently leak users’ data to other meeting participants on a call. However, the data is only leaked briefly, making a potential attack difficult to carry out. The flaw CVE-2021-28133 stems from a glitch in the screen sharing function of...
PYSA Ransomware Pillages Education Sector, Feds Warn
The FBI has issued a warning about an uptick in cyberattacks on the education sector that are delivering the PYSA ransomware. In a “Flash” alert to the cybersecurity community issued on Tuesday, the Feds said that PYSA has been seen in attacks on schools in 12 U.S. states and in the United Kingdo...
Apple’s Device Location-Tracking System Could Expose User Identities
Two vulnerabilities in a crowdsourced location-tracking system that helps users find Apple devices even when they’re offline could expose the identity of users, research claim. Offline Finding, a proprietary app introduced by Apple in 2019 for its iOS, macOS and watchOS platforms, enables the...
Facebook: Malicious Chrome Extension Developers Scraped Profile Data
Facebook has filed legal action against two Chrome extension developers that the company said was scraping user profile data – including names and profile IDs – as well as other browser-related information. The two unnamed developers under the business name Oink and Stuff, developed Chrome...
Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw
Security experts are warning hackers are ramping up attempts to exploit a high-severity vulnerability that may still reside in over 100,000 Zyxel Communications products. Zyxel, a Taiwanese manufacturer of networking devices, on Dec. 23 warned of the flaw in its firmware CVE-2020-29583 and releas...
Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits
Researchers are warning that a new class of botnets could be marshaled and used to manipulate energy markets via zombie armies of power-hungry connected devices such as air conditioners, heaters, dryers and digital thermostats. A coordinated attack could cause an energy stock index to predictably...
NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug
The U.S. National Security Agency NSA and the Cybersecurity and Infrastructure Security Agency CISA have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S. Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric...
Report: Hackers Selling Zoom Zero-Days for Windows, MacOS
Hackers claim they have discovered two zero-day vulnerabilities for the Zoom video conferencing platform that would allow threat actors to spy on people’s private video conferences and further exploit a target’s system. Flaws target Zoom clients for the Windows and the MacOS operating system,...
Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown
The Department of Justice has raised its first federal court action against online fraud relating to the coronavirus pandemic, on Sunday taking steps to shutter a fraudulent website that claimed to give away free coronavirus vaccines. The website, “coronavirusmedicalkit.com,” was purporting to gi...
What is the Best Defense Against Phishing Attacks?
Whether the subject line was “You’re account will be closed!” or the email address was [email protected], we have all received and rolled our eyes at a poorly disguised phishing attempt. While many view phishing as a small annoyance, this attack method has maintained longevity for a reason and...
RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers
SAN FRANCISCO – Researchers have discovered a slew of security vulnerabilities in a popular baby monitor, which if exploited allows attackers to remotely access the camera’s video footage. The vulnerabilities were discovered in the iBaby Monitor M6S connected baby camera by researchers with...
New 'Haken' Malware Found On Eight Apps In Google Play Store
Researchers have identified eight malicious Android apps in the official Google Play marketplace distributing a new malware family. The “Haken” malware exfiltrates sensitive data from victims and covertly signs them up for expensive premium subscription services. The eight apps in question, which...
Pairing Privacy and Security with Digital Identities in Retail
As today’s customer expectations for digital shopping continue to escalate, many online retailers are leveraging consumers’ unique digital identities to provide a seamless and secure account registration and login process. However, it’s important to recognize the security and privacy implications...
All in the (Ransomware) Family: 10 Ways to Take Action
In a world where everything is an “as-a-service,” it’s no surprise that ransomware-as-a-service RaaS is a hot ticket on the Dark Web. FortiGuard Labs has observed at least two significant ransomware families – Sodinokibi and Nemty – now being deployed as RaaS solutions. Meanwhile, cybercriminals...
Your Smart Christmas Lights Are Safer Than They Were Last Year
Thinking about putting up smart Christmas lights but worried about your internet of things IoT security? You can rest a bit easier this year because at least one festive light option is a bit safer than it used to be, new research has found. Manufacturers of the Twinkly smart lights have taken in...
California's Domino Effect on U.S. Privacy Regulation
LAS VEGAS – The California Consumer Privacy Act CCPA, which goes into effect in January 2020, will implement strict requirements for companies to create more transparency about how user data is being used and disseminated. Microsoft’s acknowledgement this week that it will extend CCPA to all of i...
DarkUniverse APT Emerges to Deliver Sophisticated, Targeted Spy Attacks
A sophisticated espionage APT that was active for at least eight years before receding into the shadows has been uncovered — and researchers said that it may still be active. In April 2017, ShadowBrokers published one of their many leaks of cyberweapons used by the National Security Agency NSA an...
Google Analytics Emerges as a Phishing Tool
Cybercriminals are leveraging key technical markers used in web analytics—particularly Google Analytics—to create more sophisticated and targeted phishing attacks, new research has found. However, this also makes them more susceptible to detection by organizations defending their sites against...
New Adwind Variant Targets Windows, Chromium Credentials
A new version of the Adwind remote access trojan RAT has been discovered taking aim at new targets. Adwind a.k.a. JRAT or SockRat is a Java-based remote access trojan that sniffs out data – mainly login credentials – from victims’ machines. While Adwind has historically been platform-agnostic,...
Trump Campaign Website Left Open to Email Server Hijack
A mistake made by website developers left an official re-election website for President Donald Trump open to attack. The error, impacting hundreds of other websites as well, is tied to a website development tool called Laravel, used to test sites before they go live. The tool, accidentally left...
Feds Indict 281 People for Involvement in Massive Email Fraud Scheme
Federal authorities have arrested 281 people and seized nearly $3.7 million in a coordinated effort between multiple agencies to disrupt a massive email-fraud scheme. Perpetrators of a global business email compromise BEC scheme were the target of a four-month investigation that began in May call...
TGI Fridays Delivers Customer Indigestion Over Data Exposure
Customers of TGI Fridays Australia were “strongly recommended” to change their MyFridays membership rewards program passwords. According to an email sent to customers this week, the company had inadvertently left sensitive loyalty program data exposed on the internet. News of the leaky server...
Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats
Organizations that suspect an active threat or breach have two options: calling an external incident response provider to manage the investigation and response or trying to handle it internally with their own resources. Cynet is now introducing a free IR offering that caters to both scenarios – a...
RSA Conference 2019: The Sky's the Limit For Satellite Hacks
SAN FRANCISCO – The satellites orbiting the world are rife with vulnerabilities – and as more satellites go up, and antenna equipment becomes cheaper, they are becoming a lucrative target for threat actors back on earth, according to researchers. William Malik, vice president of infrastructure...
RSA Conference 2019: How to Be Better, on Trust, AI and IoT
SAN FRANCISCO – The slogan of this year’s RSA Conference is “Better” – and accordingly, Tuesday morning’s keynotes zeroed in on reversing some of the disturbing sociological trends that have been festering of late. That includes “information warfare,” meant to undermine citizens’ trust in media a...
Argentinian Teen Becomes First to Earn $1M in Bug Bounties with HackerOne
A 19-year-old that goes by the handle “@trytohack” became the first white hat hacker to surpass $1 million in bounty awards on the HackerOne platform. The Argentinian researcher, whose real name is Santiago Lopez, started reporting security weaknesses to companies in 2015 on HackerOne, when he wa...
Threatpost Data: Password Managers Are Worth the Risk, Readers Say
Despite a high-profile memory-related vulnerability in password managers capturing headlines last week, a recent Threatpost poll found that 84 percent of respondents use password managers – while only 10 percent said they don’t due to security risks. There have been vulnerabilities found before i...
U.S. Senators Urge VPN Ban for Federal Workers Over Spying
UPDATE Two U.S. senators are taking bipartisan aim at foreign-owned virtual private networks VPNs, which they say are often headquartered “in countries that do not share American interests or values” – specifically, China and Russia. Sens. Ron Wyden D-Ore. and Marco Rubio R-Fla. have signed a joi...