15946 matches found
Smart TVs: The Cyberthreat Lurking in Your Living Room, Feds Warn
Black Friday and Cyber Monday sales of smart TVs are likely prodigious this Thanksgiving weekend – but consumers need to be aware of the hole they can punch in home cyber-defenses. That’s the word from the FBI, which warned that smart TVs, which hook up to the internet to allow users to access ap...
Security Firms, Nonprofits Team to Fight Stalkerware
The scourge of so-called “stalkerware” has accelerated as mobile cyberattacks in general have become more common, and it’s something that’s being addressed through a security industry collaboration that launched this week. The term “stalkerware” refers to both surreptitious spyware available on t...
Galaxy S10 Fingerprint Sensor Thwarted With Screen Protector: Report
UPDATE Samsung has acknowledged that anyone can bypass the Galaxy S10 fingerprint sensor using a third-party case after a woman alleged that a $3 smartphone screen protector allowed unauthorized users to dupe her Samsung Galaxy S10’s fingerprint recognition sensor – giving access to her phone and...
Privacy Groups: Ring's Police Partnerships Can Lead to Sinister Ends
More than 30 privacy and consumer advocacy groups are urging local legislators to intervene in doorbell-camera company Ring’s partnerships with law enforcement. In 2018, Amazon-owned Ring announced that it was starting a “new neighborhood watch” effort, to allow homeowners to provide voluntary...
Fortnite Ransomware Masquerades as an Aimbot Game Hack
A ransomware that calls itself “Syrk” is targeting gaming juggernaut Fortnite’s enormous user base, purporting to be a game hack tool. Syrk promises players an “aimbot” for aiming more accurately while playing, and “ESP,” for discovering other player’s locations in the game. What it really gives...
How to Prepare for Misconfigurations Clouding the Corporate Skies
Cloud-based storage and infrastructure provides myriad benefits for any organization, like letting them avoid the costs of expensive hardware and granting them quick access to infrastructure as needed. Companies can use cloud services for minutes or years, depending on their needs. However, there...
Phishing Attacks Enlist Amazon AWS, Microsoft Azure in Ploys
Recent phishing campaigns have been spotted boosting their anti-detection efforts by using Amazon Web Services to host their landing pages. It’s a sign of a nascent trend towards using public cloud storage, according to researchers. The attackers are also layering on various obfuscation technique...
Amazon Auditors Listen to Echo Recordings, Report Says
Amazon is under fire after a bombshell report revealed the company employs thousands of auditors to listen to Echo users’ voice recordings. The team exists to help improve Amazon Alexa’s comprehension of human speech, so the voice command device responds better to commands, according to a Wednesd...
RSA Conference 2019: Cryptographers' Panel Decries Adi Shamir's Visa Issues
SAN FRANCISCO – This year’s RSA Conference Cryptographers’ Panel started on a sour note when it was announced that longtime participant Adi Shamir, one of the inventors of the RSA algorithm, would be absent because of visa issues with the U.S. Department of State. Shamir, who addressed the...
RSAC 2019: Malicious Emailed URLs See Triple-Digit Increase
SAN FRANCISCO: Business emails laced with malicious URLs in the message body have spiked by more than 125 percent in Q4 2018 in comparison with the quarter before. According to Mimecast’s latest Email Security Risk Assessment ESRA report, released at the RSA Conference 2019 in San Francisco this...
New GandCrab Decryptor Unlocks Files of Updated Ransomware
Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...
Apple Disables Group FaceTime Following Major Privacy Glitch
Apple has made Group FaceTime temporarily unavailable following a major flaw discovered on Monday evening. The bug allows anyone with iOS to FaceTime other iOS users and listen in on their private conversations – without the user on other end rejecting or accepting the call. The bug makes use of ...
Zero-Day Bug Patched by Microsoft, Part of December Patch TuesdZero-Day Bug Fixed by Microsoft in December Patch Tuesdayay
Microsoft has patched a zero-day vulnerability actively being used against older versions of the Windows operating system, as part of its December Patch Tuesday updates. According to the software giant, the vulnerability CVE-2018-8611 is an elevation-of-privilege EoP bug that affects Windows 7...
Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
Tumblr on Wednesday disclosed it had fixed a vulnerability that could have exposed sensitive account information including usernames/passwords and individual IP addresses. However, the company stressed there’s no evidence that any data was exposed. The bug existed in the “Recommended Blogs” featu...
Innovative Phishing Tactic Makes Inroads Using Azure Blob
A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, video or tex...
APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545
A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code...
Google Fixes 51 Bugs in Chrome 41
Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties. Google paid bounties for 18 bugs ranging from medium to high severity. The bounties for all of the vulnerabilities totaled $52,000. 13 of those bugs ca...
Ghost glibc Vulnerability Patching and Exploits
There are some silver linings in the wake of yesterday’s disclosure of the Ghost vulnerability in the Gnu C library, glibc, which affects all Linux systems and seemed to harken yet another Internet-wide vulnerability. First, the 15-year-old bug isn’t the showstopper that the Shellshock...
Pirelli Home Broadband Routers Exposed for Two Years
ISP-issued home broadband routers have been a shooting gallery for researchers and hackers alike looking for, and successfully exploiting, shocking vulnerabilities. One disclosed by a researcher in Spain this week is symptomatic of the problem to a disturbing degree. Researcher Eduardo Novella...
VMware Begins to Patch Bash Issues Across Product Line
Much like Heartbleed triggered vendors to issue out of band patches to remedy vulnerabilities that popped up earlier this year, Shellshock, the Bash vulnerability, has forced vendors’ hands in a similar fashion. Virtualization firm VMware issued a progress report on fixes for four different types...
August 2014 Microsoft Patch Tuesday Security Bulletins
Microsoft today released its monthly Patch Tuesday Security Bulletins, and the top priority is another cumulative update for Internet Explorer; this one patches 26 vulnerabilities, including one that’s been publicly reported, Microsoft said, and is likely being exploited. All of them are rated...
Call for Ban on Vulnerable PHP SuperGlobal Variables
The ease with which PHP applications can be subverted should be pretty apparent by now given the number of botnets supported by compromised sites hosting PHP code. The biggest culprit in the PHP universe may be a set of nine variables called SuperGlobals that provide programmers with development...
Ryan Naraine on Microsoft's New Bug Bounty Program
Dennis Fisher talks with Ryan Naraine about the new Microsoft bug bounty program, how it may affect prices for vulnerabilities on the private market and why it took the company so long to start the reward program. Download: digitalunderground116...
PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug
UPDATE–The developers of PHP have released new versions of the scripting language to fix a remotely exploitable vulnerability announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP...
New Apache Reverse Proxy Issue Uncovered
A new reverse proxy issue affecting Apache HTTP server can be used by attackers to access internal systems if certain rules are improperly configured, a security researcher said. Prutha Parikh, vulnerability signature engineer at Qualys, blogged that she uncovered the issue while creating a...
New Zero-Day Flaw Discovered in IE7
There is a newly discovered vulnerability in both Internet Explorer 6 and Internet Explorer 7 that could enable an attacker to take complete control of a vulnerable machine. The vulnerability is the result of a dangling pointer in IE and there is a working exploit for the flaw circulating online...
Open Redirect Flaw Snags Amex, Snapchat User Data
Attackers are exploiting a well-known open redirect flaw to phish people’s credentials and personally identifiable information PII using American Express and Snapchat domains, researchers have found. “Since the first domain name in the manipulated link is in fact the original site’s, the link may...
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
Application service provider F5 is warning a critical vulnerability allows unauthenticated hackers with network access to execute arbitrary commands on its BIG-IP systems. The F5 BIG-IP is a combination of software and hardware that is designed around access control, application availability and...
Feds Shut Down RaidForums Hacking Marketplace
U.S. law enforcement has shut down one of the largest cybercriminal online forums in the world and revealed the charges its Portuguese founder will face in federal court. However, the takedown is likely to only be a temporary blow to hackers, who will find other ways of buying and selling data...
McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges
McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM. According to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint...
Google Chrome is Abused to Deliver Malware as Legit Windows 10 App
Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that cleverly bypasses Windows cybersecurity protections called User Account Control UAC. Researchers from Rapid7 recently identified the campaign and warn the goal of t...
Twitter Suspends Accounts Used to Snare Security Researchers
Twitter has shuttered two accounts – @lagal1990 and @shiftrows13 – specifically used to trick security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. The campaign was first discovered by the Google Threat Analysis Group TAG in January an...
REvil Affiliates Confirm Getting Screwed Out of Payments
A day after news broke about REvil having screwed their own affiliates out of ransomware payments – by using double chats and a backdoor that let REvil operators hijack ransom payments – those affiliates took to the top Russian-language hacking forum to renew their demands for REvil to fork over...
‘Glowworm’ Attack Turns Light Flickers into Audio
Virtual meetings are vulnerable to a new, exotic attack called Glowworm, which measures an audio output device’s LED power light changes and converts them to audio reproductions — allowing cyberattackers to listen to sensitive conversations. As an increasing amount of business is being conducted...
Podcast: The State of Ransomware
Last month, ransomware group DarkSide targeted operator Colonial Pipeline Co., disrupting fuel supply in the Eastern part of the U.S. The attack on a major U.S. oil pipeline had widespread ripples: it prompted President Joe Biden to declare a state of emergency and caused substantial pain at gas...
Major U.S. Pipeline Crippled in Ransomware Attack
A ransomware attack has halted pipeline activities for the Colonial Pipeline Co., which supplies the East Coast with roughly 45 percent of its liquid fuels. In a statement released on Saturday, Colonial Pipeline said it has temporarily halted pipeline operations in response to a cyberattack...
Buer Malware Tool Rewritten in E-Z Rust Language
A variant of the Buer malware, which is being distributed in emails disguised as DHL support shipping notices, comes with a fresh code rewrite in the popular Rust language and looks like it may be in the process of prepping for rental to other cybercrooks. Join Threatpost for “Fortifying Your...
Mount Locker Ransomware Aggressively Changes Up Tactics
The Mount Locker ransomware has shaken things up in recent campaigns with more sophisticated scripting and anti-prevention features, according to researchers. And, the change in tactics appears to coincide with a rebranding for the malware into “AstroLocker.” According to researchers, Mount Locke...
Finnish IT Giant Hit with Ransomware Cyberattack
A major Finnish IT provider has been hit with a ransomware attack that has forced the company to turn off some services and infrastructure in a disruption to customers, while it takes recovery measures. Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesda...
Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content
Adobe Systems has patched seven critical vulnerabilities, which impact Windows, macOS and Linux users. The impact of the serious flaws range from arbitrary code execution to sensitive information disclosure. The software company’s regularly scheduled Tuesday security updates impact a slew of its...
Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On
Companies worldwide have continued to receive extortion emails threatening to launch a distributed denial-of-service DDoS attack on their network, unless they pay up – with British foreign-exchange company Travelex reportedly being one recent high-profile threat recipient. Researchers said that...
Cloud Leak Exposes 320M Dating-Site Records
Users of 70 different adult dating and e-commerce websites have had their personal information exposed, thanks to a misconfigured, publicly accessible Elasticsearch cloud server. In all, 320 million individual records were leaked online, researchers said. All of the impacted websites have one thi...
CEOs Could Be Held Personally Liable for Cyberattacks that Kill
A full 75 percent of top brass at companies will be personally on the hook for cyber-physical security CSP incidents by 2024 – especially those that involve fatalities. That’s according to the Gartner research firm, which predicted this week that CEOs soon will no longer be able to hide behind...
Leak Exposes Private Data of Genealogy Service Users
A server containing information of users of a genealogy service has exposed the data of 60,000 users, putting them at risk for fraud, phishing and other cybercriminal activity. Research led by Avishai Efrat at WizCase has discovered the leak, which affected an open and unencrypted ElasticSearch...
Microsoft Warns on OAuth Attacks Against Cloud App Users
Against the backdrop of widespread remote working and the increased use of collaboration apps, attackers are ramping up application-based attacks that exploit OAuth 2.0, Microsoft is warning. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services...
Copycat Site Serves Up Raccoon Stealer
Someone is targeting web denizens with a malicious, copycat Malwarebytes website, which serves up the Raccoon information stealer malware to unsuspecting visitors. According to the security firm itself, the attackers set up the domain “malwarebytes-free.com” with a domain registrar in Russia in...
Zoom Removes Data-Mining LinkedIn Feature
Zoom has nixed a feature that came under fire for “undisclosed data mining” of users’ names and email addresses, used to match them with their LinkedIn profiles. The feature, the LinkedIn Sales Navigator, is a LinkedIn service used for sales prospecting. When users enter a web conference meeting,...
44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig
Key Ring, creator of a digital wallet app used by 14 million people across North America, has exposed 44 million IDs, charge cards, loyalty cards, gift cards and membership cards to the open internet, researchers say. The Key Ring app allows users to upload scans and photos of various physical...
Top Email Protections Fail in Latest COVID-19 Phishing Campaign
Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections ATPs, researchers have found. The Cofense Phishing...
Let's Encrypt to Revoke Millions of TLS Certs
UPDATE Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security TLS certificates Wednesday, because of a Certificate Authority Authorization CAA bug. The move could mean that millions of websites and machine identities that rely on those certificates...