15946 matches found
Microsoft Releases Emergency Security Updates for Windows 10, Server
Microsoft has quietly pushed out two emergency security updates to fix remote code execution bugs in Microsoft Windows Codecs Library. Windows Codecs Library handles how the OS compresses large multimedia files such as photos and videos, and then decodes them for playback within applications. The...
ACLU Sues Clearview AI Over Faceprint Collection, Sale
The American Civil Liberties Union ACLU has sued a New York-based startup for amassing a database of biometric face-identification data of billions of people and selling it to third parties without their consent or knowledge The U.S. citizens’-rights watchdog organization has filed suit in the...
‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns
A recent spear-phishing campaign has been spotted spreading a weaponized NetSupport Manager remote access tool RAT, which is a legitimate tool used for troubleshooting and tech support. Attackers use the ongoing coronavirus pandemic as a lure, as well as malicious Excel documents, to convince...
Astaroth’s New Evasion Tactics Make It 'Painful to Analyze'
The operators of the Astaroth infostealer have implemented several new tactics aimed at evading detection, which researchers say have made the malware “painful to analyze.” Astaroth first emerged in 2017, but has steadily been used over the years in increasingly sophisticated campaigns aimed at...
Hackers Breach 3.5 Million MobiFriends Dating App Credentials
The credentials of 3.5 million users of MobiFriends, a popular dating app, have surfaced on a prominent deep web hacking forum, according to researchers. MobiFriends is an online service and Android app designed to help users worldwide meet new people online. The Barcelona-based developer of...
Latest Apple Text-Bomb Crashes iPhones via Message Notifications
Apple devices are vulnerable to a “text bomb” attack where simply looking at messages or posts containing characters in the Sindhi language can crash devices. Sindhi is an official language used in Pakistan. The bug affects iPhone, iPad, Macs and Apple Watches, and arises from macOS and iOS faili...
TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds
A security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to a user’s TikTok feed and swap it out with hacker-generated content. Researchers created a proof-of-concept PoC hack using a technique called a man-in-the-middle MiTM...
Tupperware Cyberattack Stores Away Customer Payment Cards
Cybercriminals hacked the official website of Tupperware, the popular food container giant, injecting a payment card skimmer into its checkout page in hopes of stealing the credit-card details of online customers. The attackers targeted the official Tupperware.com website, which averages close to...
Flaws Riddle Zyxel’s Network Management Software
Security researchers are warning that networking hardware vendor Zyxel and its Cloud CNM SecuManager software is chock-full of unpatched vulnerabilities that kick open the doors for hackers to exploit. In all, researchers have identified 16 vulnerabilities, ranging from multiple backdoors and...
More Than Half of IoT Devices Vulnerable to Severe Attacks
More than half of all internet of things IoT devices are vulnerable to medium- or high-severity attacks, meaning that enterprises are sitting on a “ticking IoT time bomb,” according to Palo Alto Networks Unit 42 research team. In new research released Tuesday, researchers said that several...
Free Download: The Ultimate Security Pros’ Checklist
You are a cybersecurity professional with the responsibility to keep your organization secured, you know your job chapter and verse, from high-level reporting duties to the bits and bytes of what malware targeted your endpoints a week ago. But it’s a lot to hold in one’s mind, so to make your lif...
Puerto Rico Gov Hit By $2.6M Phishing Scam
A phishing scam has swindled a Puerto Rico government agency out of more than $2.6 million, according to reports. According to reports, the email-based phishing scam hit Puerto Rico’s Industrial Development Company, which is a government-owned corporation aimed at driving economic development to...
LifeLabs Pays Hackers Who Accessed 15M Customers’ Lab Test Results
LifeLabs, a Canadian laboratory testing company, said it has paid hackers after they accessed the data of 15 million customers – including highly-sensitive lab test results. In a letter sent Tuesday to customers, LifeLabs said that the breach affected customer information including names,...
GE, Dunkin', Forever 21 Caught Up in Broad Internal Document Leak
A marketing firm exposed hashed passwords and sensitive public relations documents of thousands of customers via a leaky Amazon S3 database – including big-name brands like GE, Dunkin’ Donuts, Forever 21 and more. Researchers with UpGuard in October discovered a misconfigured Amazon S3 storage...
Turla Compromises, Infiltrates Iranian APT Infrastructure
The Turla APT group has been spotted co-opting two cyberweapons from an Iranian APT APT 34, according to one set of researchers, known as the Nautilus and Neuron implants, and deploying them against targets in the Middle East. The group also infiltrated the global operational infrastructure used ...
Malware Moves: The Rise of LookBack – And Return of Emotet
Malware activity for various families continues to ebb and flow; with a popular malware called LookBack recently discovered in a slew of campaigns, and Emotet and other malware variants that were quiet over the summer set to make a dangerous comeback. Researchers believe that nation-state actors...
Google Calendar Settings Gaffes Exposes Users' Meetings, Company Details
Google has come under fire for a configuration setting tied to its Google Calendar service, which has left hundreds of calendars inadvertently open to the public – and could potentially expose billions more. It’s important to note that no actual vulnerability exists in the settings of Google...
Magecart Hits 80 Major eCommerce Sites in Card-Skimming Bonanza
UPDATE More than 80 global eCommerce sites have been uncovered that were actively compromised by Magecart groups. Magecart, a loose affiliation of attack groups responsible for the payment-card attacks on Ticketmaster, Forbes, British Airways, Newegg and others, typically insert virtual credit-ca...
Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover
A critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request. Cisco Elastic Services Controller is a virtual network functions manager, which enables businesses to...
Researchers: Facebook's Data-Leveraging Scandal Puts Users on Notice
On the heels of reports that Facebook leveraged its users’ data in its relationships with other companies, researchers say that the tech space needs to re-assess the value of data as it relates to user privacy measures. However, they also said that users need to take steps themselves to safeguard...
Yahoo Offers $117.5M Settlement in Data Breach Lawsuit
Yahoo is offering to cough up $117.5 million to settle a lawsuit regarding its massive data breaches that compromised the personal information of three billion users. The new $117.5 million settlement, filed Tuesday in the U.S. District Court in San Jose, comes after the internet company’s first...
ThreatList: Game of Thrones, a Top Malware Conduit for Cybercriminals
As Game of Thrones’ eighth season approaches, fans are getting ready for the ultimate clash of living vs. dead, fire vs. ice, human vs. monster. But they should be careful where they get their Jon Snow fix from; fresh analysis has concluded that the fantasy series is cybercriminals’ favorite targ...
FitMetrix Exposes Millions of Customer Details, Accessed by Criminals
FitMetrix, which makes performance-tracking software that gym owners can brand and offer to their customers, has exposed millions of customers’ records, because they were maintaining completely open cloud servers. To boot, the records were accessed by cybercriminals prior to the public access...
Another Linux Kernel Bug Surfaces, Allowing Root Access
A high-severity cache invalidation bug in the Linux kernel has been uncovered, which could allow an attacker to gain root privileges on the targeted system. This is the second kernel flaw in Linux to debut in the last week; a local-privilege escalation issue was also recently discovered. The flaw...
“Unbreakable” Smart Lock Tapplock Issues Critical Security Patch
Tapplock, a smart padlock that received positive reviews and media hype when it was released earlier this year, has issued a critical patch after researchers discovered several security issues enabling them to easily hack into and unlock the device. The $100 lock is Bluetooth-based and can be...
WordPress Fixes CSRF, XSS Bugs, Announces Bug Bounty Program
WordPress is urging webmasters to update to the latest version of its content management system to mitigate several issues, including a pair of cross-site scripting XSS bugs and a cross-site request forgery CSRF bug that’s existed for 10 months. The latest iteration of the software, version 4.7.5...
Oracle Fixes 253 Vulnerabilities in Last CPU of 2016
Oracle fixed 253 vulnerabilities across 76 product lines on Tuesday as part of its quarterly Critical Patch Update. Many of the fixes addressed by Oracle tackled vulnerabilities tied to securing critical enterprise data. Vulnerabilities in Oracle Fusion Middleware, a family of infrastructure...
December 2013 Microsoft Patch Tuesday Security Updates
One zero-day down, one to go. As expected, Microsoft did today patch a zero-day in its GDI+ graphics component MS13-096 reported more than a month ago after exploits were spotted in the wild. The fix was one of 11 security bulletins—five critical—released as part of the December 2013 Patch Tuesda...
Oracle Rushes Emergency Java Update to Patch McRAT Vulnerabilities
Oracle has once again released an emergency Java update to patch zero-day vulnerabilities in the browser plug-in, the fifth time it has updated the platform this year. Today’s update patches CVE-2013-1493 and CVE-2013-0809, the former was discovered last week being exploited in the wild for Java ...
ExploitHub Offering Bounties – And Residuals – for Exploits
NSS Labs’ announced today that their penetration-testing site, Exploithub, will be offering bounties to researchers for developing exploits for12 high-value vulnerabilities. Exploithub is putting up $4,400 for working exploits against what the company describes as a “dirty dozen” of client-side...
Week in Security: More Wikileaks Fallout, Cybersecurity Buzz and Browser Updates
The words “cyber war” were in the headlines this week, as controversy and debate about the leak of confidential diplomatic cables by Wikileaks reached a fever pitch. As speculation turned to the fallout from the ongoing publication of documents, the U.S. government laid the groundwork to prevent...
Microsoft Pushes for Better Software Security Practices
WASHINGTON–Microsoft has spent several years and untold millions of dollars working on methods to write more secure and reliable software, and now the company is encouraging other organizations to make the same investment in software security. One of the outputs of the company’s software security...
Microsoft confirms flaw in WebDAV in IIS
Microsoft has confirmed the reported vulnerability in the WebDAV implementation in IIS 5.0, 5.1 and 6.0, saying that the flaw could be used to bypass the authentication mechanism on the Web server. However, the company said that there are a number of mitigating factors involved and that company...
Malicious Npm Packages Tapped Again to Target Discord Users
Threat actors once again are using the node package manager npm repository to hide malware that can steal Discord tokens to monitor user sessions and steal data on the popular chat and collaboration platform, researchers have found. A campaign discovered this week by Kaspersky researchers is hidi...
380K Kubernetes API Servers Exposed to Public Internet
More than 380,000 Kubernetes API servers allow some kind of access to the public internet, making the popular open-source container-orchestration engine for managing cloud deployments an easy target and broad attack surface for threat actors, researchers have found. The Shadowserver Foundation...
URL Parsing-Library Bugs Allow DoS, RCE, Spoofing & More
Eight different security vulnerabilities arising from inconsistencies among 16 different URL parsing libraries could allow denial-of-service DoS conditions, information leaks and remote code execution RCE in various web applications, researchers are warning. The bugs were found in third-party web...
T-Mobile’s Security Is ‘Awful,’ Says Purported Thief
On Thursday, a 21-year-old US citizen claiming to be the attacker who stole data on more than 50 million T-Mobile customers called the telecom’s security “awful.” On Friday, a “humbled” T-Mobile CEO Mike Sievert wiped the egg from his face and apologized for the debacle, the repercussions of whic...
F5 Bug Could Lead to Complete System Takeover
Application delivery and networking firm F5 released a baker’s dozen of 13 fixes for high-severity bugs, including one that could lead to complete system takeover and hence is boosted to “critical” for customers that run BIG-IP in Appliance Mode, given that an attacker that holds valid credential...
What’s Next for REvil’s Victims?
Last week, the servers of ransomware giant REvil vanished. Many applauded as dark-web and clear-web sites used to support the backend infrastructure of REvil, aka Sodinokibi, as well as to leak victims’ data, slipped offline early Tuesday morning. Not REvil’s victims, though. They’re now stuck,...
Hackers Crack Pirated Games with Cryptojacking Malware
A new Monero cryptojacking malware distributed via “cracked” versions of popular online games is wiping out antivirus programs AVs and surreptitiously mining cryptocurrency in more than a dozen countries, researchers have found. Dubbed “Crackonosh,” the malware — which has been active since June...
Scripps Cyberattack Causes Widespread Hospital Outages
Scripps Health, a hospital network based in San Diego, was hit by a cyberattack over the weekend, forcing some critical-care patients to be diverted, according to the San Diego Union-Tribune. Scripps acknowledged the attack in a statement but didn’t specify whether it was a ransomware incident...
Credential-Stuffing Attack Targets Regional Internet Registry
Regional internet registry RIPE NCC is warning of a credential-stuffing attack against its single sign-on service, RIPE NCC Access, and is encouraging users to implement two-factor authentication 2FA. Click to Register Located in Amsterdam, the Réseaux IP Européens Network Coordination Centre RIP...
mHealth Apps Expose Millions to Cyberattacks
Some 23 million mobile health mHealth application users are exposed to application programming interface API attacks that could expose sensitive information, according to researchers. Generally speaking, APIs are an intermediary between applications that defines how they can talk to one another a...
Ransomware in 2020: A Banner Year for Extortion
Remote learning platforms shut down. Hospital chemotherapy appointments cancelled. Ransomware attacks in 2020 dominated as a top threat vector this past year. Couple that with the COVID-19 pandemic, putting strains on the healthcare sector, and we witnessed ransomware exact a particularly cruel...
Microsoft Exchange Attack Exposes New xHunt Backdoors
Two never-before-seen Powershell backdoors have been uncovered, after researchers recently discovered an attack on Microsoft Exchange servers at an organization in Kuwait . The activity is tied back to the known xHunt threat group, which was first discovered in 2018 and has previously launched an...
Lazarus Group Brings APT Tactics to Ransomware
Targeted ransomware attacks are on the rise, usually perpetrated by financially motivated threat gangs, which often work in concert together. However, researchers said that a recent strain of ransomware, called VHD, can be linked to an unusual source: The Lazarus Group APT. According to researche...
A 'New Age' of Sophisticated Business Email Compromise is Coming
A newly discovered, sophisticated threat group that targets organizations without DMARC implemented and relies on business email compromise is heralding what researchers call “a new age” of business email compromise. The group, called Cosmic Lynx, is the first reported Russian BEC cybercriminal...
Emerging Ransomware Targets Photos, Videos on Android Devices
A new strain of ransomware has arisen in Canada, targeting Android users and locking up personal photos and videos. Called CryCryptor, it has initially been spotted pretending to be the official COVID-19 tracing app provided by Health Canada. It’s propagating via two different bogus websites that...
LinkedIn 'Job Offers' Targeted Aerospace, Military Firms With Malware
Attackers are impersonating human resource employees from Collins Aerospace and General Dynamics in a spear-phishing campaign leveraging LinkedIn’s messaging service. Targets are sent phony job offers that include malicious documents designed to fetch data-exfiltrating malware. The spear-phishing...
Octopus Scanner Sinks Tentacles into GitHub Repositories
The Octopus Scanner malware, which targets the Apache NetBeans Java integrated development environment IDE, has been nesting in at least 26 GitHub source-code repositories, according to researchers – waiting to take over developer machines. A team from GitHub Security Labs, acting on a tip from a...