15946 matches found
How DEP Can Mitigate IE Zero-Day Attacks
Jonathan Ness of Microsoft’s Security Research and Defense team explains the inner workings of the Data Execution Prevention technology that can help mitigate the targeted attacks exploiting the vulnerability in Internet Explorer right now...
Microsoft Cleans Up Bugs After Biggest Patch Release
After releasing its largest-ever group of security patches two weeks ago, Microsoft has done a little cleaning up. Over the past few days, the company has re-released two security updates and issued a workaround for a Windows CryptoAPI patch that caused Microsoft’s own instant-messaging server to...
‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS
A brand-new multiplatform malware, likely distributed via malicious npm packages, is spreading under the radar with Linux and Mac versions going fully undetected in VirusTotal, researchers warned. The Windows version, according to a Tuesday writeup from Intezer, has only six detections as of this...
4 Key Questions for Zero-Trust Success
Historically, securing remote access was primarily done using VPNs. However, as enterprises have begun to understand the principles of zero trust, which states that no user may access any data source without first being authenticated, VPNs are proving to be insufficient. The demand for secure...
Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
Guardicore security researcher Amit Serper has discovered a severe design bug in Microsoft Exchange’s autodiscover – a protocol that lets users easily configure applications such as Microsoft Outlook with just email addresses and passwords. The flaw has caused the Autodiscover service to leak...
NFT Collector Tricked into Buying Fake Banksy
An attacker was apparently able to breach the site for famed street artist Banksy and sell a fake non-fungible token NFT of the artist’s work for more than $336,000. The fraudster has since returned the ill-gotten cash, less a “transaction fee.” But the incident has delivered an invaluable lesson...
Law Firm to the Fortune 500 Breached with Ransomware
Campbell Conroy & O’Neil, P.C. – U.S. law firm to a dazzling array of huge companies – told its star-studded clientele that an intruder may have groped their data. It was hit with ransomware in February and is now suffering the data-breach fallout. That client list spans a slew of industries and...
FIN7 ‘Pen Tester’ Headed to Jail Amid $1B in Losses
A so-called “pen-tester” for the financial cybergang known as FIN7 will spend seven years in the slammer after being convicted for payment-card theft. According to the Department of Justice, Andrii Kolpakov, a Ukrainian national, was also ordered to pay a tidy $2.5 million in restitution for his...
Oh FCUK! Fashion Label, Medical Diagnostics Firm Latest REvil Victims
U.K.-based fashion brand French Connection, which advertises under the acronym “FCUK,” confirmed that it has been compromised by ransomware group REvil. Just hours later, Brazilian medical diagnostics firm Grupo Fleury announced it had the same misfortune. The twin attacks reveal shifting...
Linux Systems Under Attack By New RedXOR Malware
Researchers have discovered a new backdoor targeting Linux systems, which they link back to the Winnti threat group. The backdoor is called RedXOR – in part because its network data-encoding scheme is based on the XOR encryption algorithm, and in part because its samples were found on an old...
Post-Cyberattack, Universal Health Services Faces $67M in Losses
The cyberattack that hit Universal Health Services UHS in September has cost the healthcare service provider a whopping $67 million in damages, according to financial statements. A fourth-quarter earnings report last week from UHS highlighted the “significant incremental labor expense” needed to...
Android Devices Prone to New Botnet’s DDoS Onslaught
Researchers are warning a new botnet is recycling the Mirai malware framework and is now targeting Android devices in order to launch distributed denial-of-service DDoS attacks. The botnet is dubbed Matryosh after a Matryoshka Russian nesting doll due to many of its functions being “nested” in...
Android Malware Bypasses 2FA And Targets Telegram, Gmail Passwords
Researchers have uncovered a threat group launching surveillance campaigns that target victims’ personal device data, browser credentials and Telegram messaging application files. One notable tool in the group’s arsenal is an Android malware that collects all two-factor authentication 2FA securit...
China-based APT Debuts Sepulcher Malware in Spear-Phishing Attacks
A China-based APT has been sending organizations spear-phishing emails that distribute a never-before-seen intelligence-collecting RAT dubbed Sepulcher. Researchers discovered the new malware being distributed over the past six months through two separate campaigns. The first, in March, targeted...
Zoom Faces More Legal Challenges Over End-to-End Encryption
Video-conferencing behemoth Zoom has been hit with yet another lawsuit stemming from its claim to offer end-to-end encryption for sessions. The suit, filed in a Washington D.C. court PDF this week by a nonprofit advocacy group called Consumer Watchdog, alleges that the company falsely told users...
Amazon Fixes Alexa Glitch That Could Have Divulged Personal Data
UPDATE Vulnerabilities in Amazon’s Alexa virtual assistant platform could allow attackers to access users’ personal information, like home addresses – simply by persuading them to click on a malicious link. Researchers with Check Point found several web application flaws on Amazon Alexa subdomain...
Twitter Fixes High-Severity Flaw Affecting Android Users
Twitter has fixed a vulnerability in its Android app, which could have enabled attackers to access private Twitter data, like direct messages DMs on Android devices. The flaw is related to an underlying Android operating system OS security issue CVE-2018-9492, which affects operating system...
Doki Backdoor Infiltrates Docker Servers in the Cloud
A fresh Linux backdoor called Doki is infesting Docker servers in the cloud, researchers warn, employing a brand-new technique: Using a blockchain wallet for generating command-and-control C2 domain names. Doki however is meant to provide a persistent capability for code-execution on an infected...
First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered
Researchers say they have discovered the first-ever reported Russian business email compromise BEC cybercriminal ring, showing that sophisticated attackers beyond the usual Nigerian scammers are setting their sights on the email-based attack vector. The BEC gang is called Cosmic Lynx, and has bee...
StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks
The APT group known as StrongPity is back with a new watering-hole campaign, targeting mainly Kurdish victims in Turkey and Syria. The malware served offers operators the ability to search for and exfiltrate any file or document from a victim’s machine. The group a.k.a. Promethium is operating a...
Zoom Restricts End-to-End Encryption to Paid Users
Security experts are up in arms after learning that video conferencing app Zoom will only offer end-to-end encryption to paid users. On Zoom’s Wednesday first-quarter financial earnings call, Zoom CEO Eric Yuang said that the upcoming end-to-end encryption feature would not apply for free users...
Google Location Tracking Lambasted in Arizona Lawsuit
Google has been hit by a lawsuit alleging that it violates user privacy by collecting location data via various means – and claiming that Google makes it nearly “impossible” for users to opt out of such data tracking. The lawsuit, filed by Arizona Attorney General Mark Brnovich, alleges that Goog...
InfinityBlack Dismantled After Selling Millions of Credentials
The InfinityBlack hacking group, which is responsible for selling millions of stolen credentials, has been dismantled. Polish and Swiss law-enforcement authorities, supported by Europol, arrested five individuals in Poland believed to be members of InfinityBlack, on April 29. According to Europol...
Google Bans 600 Android Apps for Obnoxious Ads
Google has removed nearly 600 Android apps from the Play Store for serving up obnoxious, invasive ads that aren’t easily “x’d” out of. The internet giant said the enforcement action was a strike against mobile ad fraud. Google said Thursday that the apps violated its disruptive ads policy – and a...
Trump Slams Apple for Refusing to Unlock Suspected Shooter’s iPhones
President Donald Trump has weighed in on Apple’s decision not to help the FBI unlock iPhones of the suspect in a shooting in Florida, slamming the company in a Tweet that demands Apple “step up to the plate and help our great Country.” The president on Tuesday suggested that Apple has benefited...
Google Boots Security Camera Maker From Nest Hub After Private Images Go Public
China-based electronics company Xiaomi said it has fixed a “cache update” issue for its Xiaomi Mijia smart camera after a Reddit user claims that attempts to view Xiaomi camera footage on his Google Nest Hub instead showed videos of strangers. The issue was first reported by a user on Reddit who...
IoT Company Wyze Leaks Emails, Device Data of 2.4M
An exposed Elasticsearch database, owned by Internet of Things IoT company Wyze, was discovered leaking connected device information and emails of millions of customers. Wyze makes smart home cameras and connected devices like connected bulbs and plugs, which can be integrated with smart home...
Top Mobile Security Stories of 2019
Top Mobile Security Stories of 2019 Cybercriminals are increasingly and successfully targeting mobile users, as our look back on the Top 10 2019 mobile security stories show. For enterprises that are embracing an ever-more-mobile workforce, escalating mobile attack vectors significantly widen the...
Feds Offer $5M Reward to Nab 'Evil Corp' Dridex Hacker
U.S. authorities are offering up $5 million for information leading to the arrest of Evil Corp. leader Maksim V. Yakubets, 32, of Russia, who goes under the moniker “aqua.” The U.S. alleges that Yakubets and his company have stolen millions of dollars from victims using the Dridex banking trojan...
Smart TVs: The Cyberthreat Lurking in Your Living Room, Feds Warn
Black Friday and Cyber Monday sales of smart TVs are likely prodigious this Thanksgiving weekend – but consumers need to be aware of the hole they can punch in home cyber-defenses. That’s the word from the FBI, which warned that smart TVs, which hook up to the internet to allow users to access ap...
Security Firms, Nonprofits Team to Fight Stalkerware
The scourge of so-called “stalkerware” has accelerated as mobile cyberattacks in general have become more common, and it’s something that’s being addressed through a security industry collaboration that launched this week. The term “stalkerware” refers to both surreptitious spyware available on t...
Galaxy S10 Fingerprint Sensor Thwarted With Screen Protector: Report
UPDATE Samsung has acknowledged that anyone can bypass the Galaxy S10 fingerprint sensor using a third-party case after a woman alleged that a $3 smartphone screen protector allowed unauthorized users to dupe her Samsung Galaxy S10’s fingerprint recognition sensor – giving access to her phone and...
Privacy Groups: Ring's Police Partnerships Can Lead to Sinister Ends
More than 30 privacy and consumer advocacy groups are urging local legislators to intervene in doorbell-camera company Ring’s partnerships with law enforcement. In 2018, Amazon-owned Ring announced that it was starting a “new neighborhood watch” effort, to allow homeowners to provide voluntary...
Fortnite Ransomware Masquerades as an Aimbot Game Hack
A ransomware that calls itself “Syrk” is targeting gaming juggernaut Fortnite’s enormous user base, purporting to be a game hack tool. Syrk promises players an “aimbot” for aiming more accurately while playing, and “ESP,” for discovering other player’s locations in the game. What it really gives...
How to Prepare for Misconfigurations Clouding the Corporate Skies
Cloud-based storage and infrastructure provides myriad benefits for any organization, like letting them avoid the costs of expensive hardware and granting them quick access to infrastructure as needed. Companies can use cloud services for minutes or years, depending on their needs. However, there...
Phishing Attacks Enlist Amazon AWS, Microsoft Azure in Ploys
Recent phishing campaigns have been spotted boosting their anti-detection efforts by using Amazon Web Services to host their landing pages. It’s a sign of a nascent trend towards using public cloud storage, according to researchers. The attackers are also layering on various obfuscation technique...
Amazon Auditors Listen to Echo Recordings, Report Says
Amazon is under fire after a bombshell report revealed the company employs thousands of auditors to listen to Echo users’ voice recordings. The team exists to help improve Amazon Alexa’s comprehension of human speech, so the voice command device responds better to commands, according to a Wednesd...
Samsung Galaxy S10 Fingerprint Sensor Duped With 3D Print
A Samsung Galaxy S10 user said he was able to successfully bypass the phone’s fingerprint sensors using a 3D print of his own fingerprint. The Samsung user posted on Imgur this weekend under the alias, “darkshark” saying he was able to fool the Galaxy S10’s fingerprint using a simple technique – ...
RSA Conference 2019: Cryptographers' Panel Decries Adi Shamir's Visa Issues
SAN FRANCISCO – This year’s RSA Conference Cryptographers’ Panel started on a sour note when it was announced that longtime participant Adi Shamir, one of the inventors of the RSA algorithm, would be absent because of visa issues with the U.S. Department of State. Shamir, who addressed the...
New GandCrab Decryptor Unlocks Files of Updated Ransomware
Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...
Airbus Data Takes Flight; and Billions of Credentials Dumped on Dark Web
French airplane and military aircraft behemoth Airbus SE has become the latest victim of a cyberattack leading to a data breach, with an incident detected on its “commercial aircraft business” information systems. It is only the latest high-profile data exposure to come to light in recent days, a...
Apple Disables Group FaceTime Following Major Privacy Glitch
Apple has made Group FaceTime temporarily unavailable following a major flaw discovered on Monday evening. The bug allows anyone with iOS to FaceTime other iOS users and listen in on their private conversations – without the user on other end rejecting or accepting the call. The bug makes use of ...
Zero-Day Bug Patched by Microsoft, Part of December Patch TuesdZero-Day Bug Fixed by Microsoft in December Patch Tuesdayay
Microsoft has patched a zero-day vulnerability actively being used against older versions of the Windows operating system, as part of its December Patch Tuesday updates. According to the software giant, the vulnerability CVE-2018-8611 is an elevation-of-privilege EoP bug that affects Windows 7...
Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
Tumblr on Wednesday disclosed it had fixed a vulnerability that could have exposed sensitive account information including usernames/passwords and individual IP addresses. However, the company stressed there’s no evidence that any data was exposed. The bug existed in the “Recommended Blogs” featu...
Innovative Phishing Tactic Makes Inroads Using Azure Blob
A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, video or tex...
Intel Confirms Its Much-Loathed ME Feature Has A Kill Switch
Researchers at Positive Technologies forced Intel’s hand at revealing that a previously undocumented kill switch exists for its oft-criticized Intel Management Engine, a remote management component of Intel CPUs. Initially, Positive Technologies set out to disable the feature that some security...
August 2016 Microsoft Patch Tuesday Security Bulletins
A tricky vulnerability patched today in the Windows PDF Library could have put Microsoft Edge users on Windows 10 systems at risk for remote code execution attacks. Edge automatically renders PDF content when it’s set as a computer’s default browser, unlike most other browsers; the feature means...
APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545
A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code...
Google Fixes 51 Bugs in Chrome 41
Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties. Google paid bounties for 18 bugs ranging from medium to high severity. The bounties for all of the vulnerabilities totaled $52,000. 13 of those bugs ca...
Ghost glibc Vulnerability Patching and Exploits
There are some silver linings in the wake of yesterday’s disclosure of the Ghost vulnerability in the Gnu C library, glibc, which affects all Linux systems and seemed to harken yet another Internet-wide vulnerability. First, the 15-year-old bug isn’t the showstopper that the Shellshock...