15946 matches found
WordPress Injection Anchors Widespread Malware Campaign
The downloader malware known as Gootloader is poisoning websites globally as part of an extensive drive-by and watering-hole cybercampaign that abuses WordPress sites by injecting them with hundreds of pages of fake content. The adversaries have so far delivered the Cobalt Strike intrusion tool,...
2.28M MeetMindful Daters Compromised in Data Breach
More than 2.28 million members of the online dating site MeetMindful have reportedly been caught up in a wide-ranging data breach that exposes everything from Facebook tokens to physical characteristics. The ShinyHunters hacking group has stolen and published the personally identifiable PII data ...
Discord-Stealing Malware Invades npm Packages
Three malicious software packages have been published to npm, a code repository for JavaScript developers to share and reuse code blocks. The packages represent a supply-chain threat given that they may be used as building blocks in various web applications; any applications corrupted by the code...
Inbox Attacks: The Miserable Year (2020) That Was
Purging your inbox has become a year-end tradition for many. A short hiatus for the holidays often provides a quiet moment to flush the previous year’s mountain of spam. And, from the looks of our 2020 inbox, years of herculean efforts to harden email defenses have fallen short. The most-targeted...
Gitpaste-12 Worm Widens Set of Exploits in New Attacks
The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers, this time with an expanded set of exploits for initially compromising devices. First discovered in a round of late-October attacks that targeted Linux-based servers and internet-of-things IoT...
DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report
The U.S. Department of Homeland Security DHS, plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were caught up in the attack, FireEye said, which was carried...
FireEye Cyberattack Compromises Red-Team Security Tools
Cybersecurity firm FireEye has been hit in what CEO Kevin Mandia described as a highly targeted cyberattack. The attacker targeted and was able to access certain Red Team assessment tools that the company uses to test its customers’ security. Mandia on Tuesday said that based on the techniques an...
Mysterious APT Leaves Curious ‘KilllSomeOne’ Clue
Researchers are scratching their heads when it comes to unmasking a new advanced persistent threat APT group targeting non-governmental organizations in the Southeast Asian nation Myanmar formerly Burma. Based on crude messages, such as “KilllSomeOne”, used in attack code strings, coupled with...
U.S. Levies Sanctions Against Russian Research Institution Linked to Triton Malware
The Trump administration sanctioned a Russia government research institution on Friday claiming it was behind a series of cyberattacks using the highly destructive Triton malware. The Department of the Treasury’s Office of Foreign Assets Control OFAC said the Triton malware had been used in vario...
Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack
Boom! Mobile’s U.S. website recently fell victim to an e-commerce attack, putting online shoppers in danger of payment-card theft, researchers said. Boom! is a wireless provider that resells mobile phone plans from Verizon, AT&T and T-Mobile USA, under its own brand and with its own perks the...
Firefox 81 Release Kills High-Severity Code-Execution Bugs
Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3, including several that could be exploited to run arbitrary code. Two severe bugs CVE-2020-15674 and CVE-2020-15673 are errors in the browser’s memory-safety protections, which prevent memory access...
Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs
A stack of Linux backdoor malware used for espionage, compiled dynamically and customizable to specific targets, is being used as a shared resource by five different Chinese-language APT groups, according to researchers. According to an analysis from BlackBerry released at Black Hat 2020 on...
ProLock Ransomware Teams Up With QakBot Trojan to Infect Victims
A relatively new ransomware, ProLock, has paired up with the QakBot banking trojan to access victims’ networks. ProLock’s leveraging of QakBot gives it bolstered persistence, anti-detection and credential-dumping techniques. ProLock ransomware first emerged in March as a successor to another rece...
Google Android RCE Bug Allows Attacker Full Device Access
Google has patched a vulnerability in its Android OS that could allow attackers to completely take over someone’s device to install programs, steal or change data, or create new accounts with full privileges. The flaw CVE-2020-0103 was one of 39 vulnerabilities affecting Android OS builds that us...
Activities of a Nigerian Cybercriminal Uncovered
Ever wonder who’s behind one of those Nigerian cyber-crime email campaigns asking you to enter into a shady business deal and how they’re enacted? In a unique profile, researchers pulled back the curtain on such an attack with a report outlining how a Nigerian cybercriminal made hundreds of...
Critical Bugs in Rockwell, Johnson Controls ICS Gear
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems ICS gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure. First, a set of critical vulnerabilities in...
Serious Security Flaws Found in Children's Connected Toys
Various connected toys for children – hot off the shelves from this holiday shopping season – have been found with deep-rooted security issues, including missing authentication for device pairing and a lack of encryption for connected online accounts. The research, formed by a partnership between...
Google Discloses Android Camera Hijack Hack
Researchers have disclosed a high-severity issue that could allow attackers to hijack the Google Camera App, the built-in smartphone camera for Android phones. The issue was fixed for Google-manufactured phones in July – but Google said patches are still rolling out to smartphones in the broader...
Just-Released Checkra1n iPhone Jailbreak Stirs Security Concerns
With the checkra1n iPhone jailbreak now available, security experts are urging mobile-device managers to keep on their toes as the powerful new tool becomes available to hackers and iPhone users who may recklessly use it. Jailbreaking is the process of hacking these devices to bypass DRM...
Bedside Hotel Robot Hacked to Stream In-Room Video
A Japanese hotel chain called “Henn na” that uses robots in lieu of human staff is wrestling with bedside bots that researchers hacked to view video footage from guest rooms. The chain’s parent, HIS Group, owns 10 locations throughout Japan that leverage robots with facial recognition capability...
On-Board 'Mystery Boxes' Threaten Global Shipping Vessels
Commercial shipping environments are rife with vulnerabilities, according to researchers – up to and including unpatched “mystery boxes” that no one knows anything about. “In every single nautical pen test to date we have unearthed a system or device, that of the few crew that were aware, no one...
Adwind Spyware-as-a-Service Attacks Utility Grid Operators
A phishing campaign that spoofs a PDF attachment to deliver Adwind spyware has been taking aim at national grid utilities infrastructure. Adwind, a.k.a. JRAT or SockRat, is being used in a malware-as-a-service model in this campaign, researchers said. It offers a full cadre of info-gathering...
JetBlue Bomb Scare Set Off with Apple AirDrop
The feature in Apple mobile devices that allows people to send photos to nearby phones via Bluetooth is at the heart of a terrorism scare on a JetBlue flight over the weekend. According to the New York Daily News, a prankster sent a photo of a suicide vest to everyone who had an Apple device on t...
Dating App Jack'd Fined After Leaking Users' Nude Pics
LGBTQ dating app Jack’d must cough up a $240,000 fine and “make substantial changes to improve security” on the heels of a security faux pas that leaked the private data – including nude photos – of thousands of its users. Jack’d is a popular location-based app that caters to gay and bisexual men...
5G Security Challenges: A Vendor's POV
How are vendors preparing themselves for the onslaught of 5G networks from a security standpoint? When it comes to 5G there are a slew of use cases being utilized at the bleeding edge – from smart factories to IoT – but these are also opening up security risks. At the GSMA Mobile 360 Security for...
March Madness Scams Give Attackers Fast Break
With the 2019 NCAA tournament’s Final Four around the corner, researchers are urging viewers to be wary of a slew of March Madness-related phishing attacks, adware installers and other security threats. While security concerns regarding popular sporting events – from the World Cup to the Super Bo...
ASUS Patches Live Update Bug That Allowed APT to Infect Thousands of PCs
ASUS has expedited a patch for a major bug impacting thousands of PCs that allowed an advanced persistent threat group to launch a supply-chain attack dubbed “Operation ShadowHammer.” The vulnerability targeted a range of new ASUS PCs with a backdoor injection technique tied to the PC-maker’s...
Bugs in Grandstream Gear Lay Open SMBs to Range of Attacks
A series of both unauthenticated and authenticated remote code-execution vulnerabilities have been uncovered in a variety of Grandstream products for small to medium-sized businesses, including audio and video conferencing units, IP video phones, routers and IP PBXs. Affected Products According t...
Wordpress Plugin Patched After Zero Day Discovered
UPDATE A popular WordPress plugin is urging users to update as soon as possible after it patched a vulnerability that was being exploited in the wild. If users cannot update, developers recommended they disable the plugin. The plugin, Social Warfare, lets users add social media sharing buttons to...
RSA Conference 2019: Operational Technology Widens Supply Chain Attack Surfaces
SAN FRANCISCO – Today’s supply chain has evolved, with operational technology OT used in factories increasingly becoming connected and converging with IT systems — introducing new attack vectors. This new reality is vital for companies to understand in the context of risk, according to Dawn...
Cisco Patches High-Severity Webex Vulnerability For Third Time
Cisco Systems is hoping three times is a charm. The networking giant has issued a third patch for a stubborn high-severity flaw in its Webex Meetings platform after researchers once again discovered a way to bypass the previous fix. The privilege elevation vulnerability CVE-2019-1674 exists in th...
RSAC 2019: Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks
The notorious Chinese-linked threat group, dubbed Bronze Union, has been spotted in a widespread 2018 campaign updating its arsenal of cyberweapons by breathing new life into old tools. The threat group was spotted in 2018 using updated source code to target data owned by political, technology,...
Apple's Shazam App Boots Facebook Ads and Other Third-Party SDKs
Shazam, the handy app that uses audio recognition to tell you what song is playing over any given set of speakers, has reportedly eliminated all third-party software developer kits SDKs in its iOS version except for one: HockeyApp. Apple, which bought the startup for $400 million last year, has...
Attackers Can Track Kids' Locations via Connected Watches
Despite ongoing warnings about connected watches and toys endangering kids’ privacy and potentially their physical safety, makers of these Internet of Things gadgets continue to turn out products that do just that. The latest concern is a gamut of kids’ GPS-tracking watches, which were found to b...
Fake Adobe Flash Updates Hide Malicious Crypto Miners
While fake Flash updates that push malware have traditionally been easy to spot and avoid, a new campaign has employed new tricks that stealthily download cryptocurrency miners on Windows systems. To the average user, the newly discovered samples, which have been active as early as August, seem...
Rubella Crimeware Kit: Cheap, Easy and Gaining Traction
A crimeware kit dubbed the Rubella Macro Builder is betting on a “dirty deeds done dirt cheap” approach to gain popularity in the criminal underground. The kit does two things: with a point-and-click builder functionality, it generates an initial malware payload for social-engineering spam...
Microsoft Patches 17-Year-Old Office Bug
Microsoft on Tuesday patched a 17-year-old remote code execution bug found in an Office executable called Microsoft Equation Editor. The vulnerability CVE-2017-11882 was patched as part of Microsoft’s November Patch Tuesday release of 53 fixes. While Microsoft rates the vulnerability only as...
Hackers Prepping IOTroop Botnet with Exploits
Hackers moved one step closer to launching full-scale DDoS attacks using millions of IoT devices herded into the botnet known as Reaper or IOTroop. Researchers at NewSky Security warn that hackers are swapping scripts on forums that can scan the internet for vulnerable IoT devices and dump defaul...
Samba Patches Critical Bug Exploitable With One Line Of Code
A patch for a critical vulnerability impacting the free networking software Samba was issued Wednesday. The flaw poses a severe threat to users, with approximately 104,000 Samba installations vulnerable to remote takeover. More troubling, experts say, the vulnerability can be exploited with just...
Microsoft Tears off the Band-Aid with EMET
Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit EMET. But for some time, the once-useful tool has been well on its way out to pasture. While EMET was never meant to be anything more than stopgap...
CryptoLocker Variant Coming After Gamers
Gamers may soon be feeling the pain of crypto-ransomware. A variant of CryptoLocker is in the wild that goes after data files associated with 20 different online games, locking downloadable content in an attempt to target younger computer users. Researchers at Bromium today said an unnamed...
Windows Kernel-Mode Driver Flaw Exploitable With One Bit
The vulnerabilities addressed in this month’s Patch Tuesday security bulletins from Microsoft have been a mashup of critical bugs affecting most supported versions of Windows and Internet Explorer that could pave the way for attackers to gain complete control of affected systems. Sounds like most...
September 2014 Microsoft Patch Tuesday advance notification
Microsoft today announced a relatively light load of patches will be delivered on Patch Tuesday next week, along with some numbers that demonstrate public vulnerability disclosures continue to rise. Four security bulletins, one rated critical, are scheduled to be released next Tuesday. In what’s...
IE 8 0Day in Sunshop Targeted Espionage Malware Campaign
Lady Boyle seems to have an admirer. Malware named after a character in the Dishonored video game continues to pop up in targeted attacks against a number of high profile military and socially motivated websites. The latest surfaced about 10 days ago in an attack researchers at FireEye are callin...
Researchers Uncover Polymorphic AutoRun Worm
W32/Autorun.worm.aaeb-h is an evolved, virtual machine-aware AutoRun worm that makes use of obfuscation and polymorphic techniques in order to evade detection and infect removable media and mounted network shares, according to McAfee. Researchers have seen an increase in samples for the year-old...
Emergency Zero-Day Patch Does Not Quiet Calls to Disable Java
Oracle’s emergency Java update this weekend for a zero-day sandbox bypass vulnerability hasn’t exactly kicked off a love-fest for the company among security experts. Researchers are still cautious about recommending users re-enable the ubiquitous software, despite the availability of the fix for...
From Three Nations and Three Different Perspectives, Blue Hat Finalists Focus on Defense
By Rob Lemos LAS VEGAS — If Jared DeMott hadn’t been eager to take a different path, he would never be in security, much less a finalist in Microsoft’s search for defensive technologies, known as the Blue Hat Prize.Raised in a manufacturing town, he was accepted to the Air Force Academy in 1996,...
Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw
For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately. The vulnerability...
Google Fixes 15 Flaws in Chrome
Google has fixed 15 security vulnerabilities in its Chrome browser, including six high-risk bugs. As part of its reward program, Google paid out $6,000 in rewards to researchers who reported flaws. This is one of the larger groups of bug fixes that Google has included in recent releases of Chrome...
Attorney General: Massachusetts Won't Investigate iTunes Fraud
It looks as if Apple iTunes users who have been the victim of identity theft will have to look for a new knight in shining armor to wring answers from the notoriously close-lipped Cupertino technology giant. The Massachusetts Attorney General’s Office said on Monday that it isn’t planning to...