15946 matches found
Amazon Auditors Listen to Echo Recordings, Report Says
Amazon is under fire after a bombshell report revealed the company employs thousands of auditors to listen to Echo users’ voice recordings. The team exists to help improve Amazon Alexa’s comprehension of human speech, so the voice command device responds better to commands, according to a Wednesd...
RSA Conference 2019: Cryptographers' Panel Decries Adi Shamir's Visa Issues
SAN FRANCISCO – This year’s RSA Conference Cryptographers’ Panel started on a sour note when it was announced that longtime participant Adi Shamir, one of the inventors of the RSA algorithm, would be absent because of visa issues with the U.S. Department of State. Shamir, who addressed the...
RSAC 2019: Malicious Emailed URLs See Triple-Digit Increase
SAN FRANCISCO: Business emails laced with malicious URLs in the message body have spiked by more than 125 percent in Q4 2018 in comparison with the quarter before. According to Mimecast’s latest Email Security Risk Assessment ESRA report, released at the RSA Conference 2019 in San Francisco this...
New GandCrab Decryptor Unlocks Files of Updated Ransomware
Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...
Airbus Data Takes Flight; and Billions of Credentials Dumped on Dark Web
French airplane and military aircraft behemoth Airbus SE has become the latest victim of a cyberattack leading to a data breach, with an incident detected on its “commercial aircraft business” information systems. It is only the latest high-profile data exposure to come to light in recent days, a...
Apple Disables Group FaceTime Following Major Privacy Glitch
Apple has made Group FaceTime temporarily unavailable following a major flaw discovered on Monday evening. The bug allows anyone with iOS to FaceTime other iOS users and listen in on their private conversations – without the user on other end rejecting or accepting the call. The bug makes use of ...
Zero-Day Bug Patched by Microsoft, Part of December Patch TuesdZero-Day Bug Fixed by Microsoft in December Patch Tuesdayay
Microsoft has patched a zero-day vulnerability actively being used against older versions of the Windows operating system, as part of its December Patch Tuesday updates. According to the software giant, the vulnerability CVE-2018-8611 is an elevation-of-privilege EoP bug that affects Windows 7...
Tumblr Privacy Bug Could Have Exposed Sensitive Account Data
Tumblr on Wednesday disclosed it had fixed a vulnerability that could have exposed sensitive account information including usernames/passwords and individual IP addresses. However, the company stressed there’s no evidence that any data was exposed. The bug existed in the “Recommended Blogs” featu...
Innovative Phishing Tactic Makes Inroads Using Azure Blob
A fresh tactic for phishing Office 365 users employs credential-harvesting forms hosted on Azure Blob storage – signed with legitimate Microsoft SSL certificates to lend an air of legitimacy. Azure Blob Storage is a cloud storage solution for hosting unstructured data such as images, video or tex...
APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545
A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code...
Google Fixes 51 Bugs in Chrome 41
Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties. Google paid bounties for 18 bugs ranging from medium to high severity. The bounties for all of the vulnerabilities totaled $52,000. 13 of those bugs ca...
Ghost glibc Vulnerability Patching and Exploits
There are some silver linings in the wake of yesterday’s disclosure of the Ghost vulnerability in the Gnu C library, glibc, which affects all Linux systems and seemed to harken yet another Internet-wide vulnerability. First, the 15-year-old bug isn’t the showstopper that the Shellshock...
VMware Begins to Patch Bash Issues Across Product Line
Much like Heartbleed triggered vendors to issue out of band patches to remedy vulnerabilities that popped up earlier this year, Shellshock, the Bash vulnerability, has forced vendors’ hands in a similar fashion. Virtualization firm VMware issued a progress report on fixes for four different types...
August 2014 Microsoft Patch Tuesday Security Bulletins
Microsoft today released its monthly Patch Tuesday Security Bulletins, and the top priority is another cumulative update for Internet Explorer; this one patches 26 vulnerabilities, including one that’s been publicly reported, Microsoft said, and is likely being exploited. All of them are rated...
Call for Ban on Vulnerable PHP SuperGlobal Variables
The ease with which PHP applications can be subverted should be pretty apparent by now given the number of botnets supported by compromised sites hosting PHP code. The biggest culprit in the PHP universe may be a set of nine variables called SuperGlobals that provide programmers with development...
Ryan Naraine on Microsoft's New Bug Bounty Program
Dennis Fisher talks with Ryan Naraine about the new Microsoft bug bounty program, how it may affect prices for vulnerabilities on the private market and why it took the company so long to start the reward program. Download: digitalunderground116...
PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug
UPDATE–The developers of PHP have released new versions of the scripting language to fix a remotely exploitable vulnerability announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP...
New Apache Reverse Proxy Issue Uncovered
A new reverse proxy issue affecting Apache HTTP server can be used by attackers to access internal systems if certain rules are improperly configured, a security researcher said. Prutha Parikh, vulnerability signature engineer at Qualys, blogged that she uncovered the issue while creating a...
New Zero-Day Flaw Discovered in IE7
There is a newly discovered vulnerability in both Internet Explorer 6 and Internet Explorer 7 that could enable an attacker to take complete control of a vulnerable machine. The vulnerability is the result of a dangling pointer in IE and there is a working exploit for the flaw circulating online...
Critical Flaw Found in Linux Kernel
There is a NULL pointer dereference flaw in the Linux kernel that can be exploited by attackers to gain root access to a vulnerable machine. The vulnerability is in version 2.6.21 of the Linux kernel and some Linux vendors already have taken steps to fix the vulnerability. Red Hat has released a...
Open Redirect Flaw Snags Amex, Snapchat User Data
Attackers are exploiting a well-known open redirect flaw to phish people’s credentials and personally identifiable information PII using American Express and Snapchat domains, researchers have found. “Since the first domain name in the manipulated link is in fact the original site’s, the link may...
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
Application service provider F5 is warning a critical vulnerability allows unauthenticated hackers with network access to execute arbitrary commands on its BIG-IP systems. The F5 BIG-IP is a combination of software and hardware that is designed around access control, application availability and...
Feds Shut Down RaidForums Hacking Marketplace
U.S. law enforcement has shut down one of the largest cybercriminal online forums in the world and revealed the charges its Portuguese founder will face in federal court. However, the takedown is likely to only be a temporary blow to hackers, who will find other ways of buying and selling data...
McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges
McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM. According to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint...
Google Chrome is Abused to Deliver Malware as Legit Windows 10 App
Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that cleverly bypasses Windows cybersecurity protections called User Account Control UAC. Researchers from Rapid7 recently identified the campaign and warn the goal of t...
Twitter Suspends Accounts Used to Snare Security Researchers
Twitter has shuttered two accounts – @lagal1990 and @shiftrows13 – specifically used to trick security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. The campaign was first discovered by the Google Threat Analysis Group TAG in January an...
REvil Affiliates Confirm Getting Screwed Out of Payments
A day after news broke about REvil having screwed their own affiliates out of ransomware payments – by using double chats and a backdoor that let REvil operators hijack ransom payments – those affiliates took to the top Russian-language hacking forum to renew their demands for REvil to fork over...
‘Glowworm’ Attack Turns Light Flickers into Audio
Virtual meetings are vulnerable to a new, exotic attack called Glowworm, which measures an audio output device’s LED power light changes and converts them to audio reproductions — allowing cyberattackers to listen to sensitive conversations. As an increasing amount of business is being conducted...
Major U.S. Pipeline Crippled in Ransomware Attack
A ransomware attack has halted pipeline activities for the Colonial Pipeline Co., which supplies the East Coast with roughly 45 percent of its liquid fuels. In a statement released on Saturday, Colonial Pipeline said it has temporarily halted pipeline operations in response to a cyberattack...
Buer Malware Tool Rewritten in E-Z Rust Language
A variant of the Buer malware, which is being distributed in emails disguised as DHL support shipping notices, comes with a fresh code rewrite in the popular Rust language and looks like it may be in the process of prepping for rental to other cybercrooks. Join Threatpost for “Fortifying Your...
Mount Locker Ransomware Aggressively Changes Up Tactics
The Mount Locker ransomware has shaken things up in recent campaigns with more sophisticated scripting and anti-prevention features, according to researchers. And, the change in tactics appears to coincide with a rebranding for the malware into “AstroLocker.” According to researchers, Mount Locke...
Finnish IT Giant Hit with Ransomware Cyberattack
A major Finnish IT provider has been hit with a ransomware attack that has forced the company to turn off some services and infrastructure in a disruption to customers, while it takes recovery measures. Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesda...
Adobe Fixes 7 Critical Flaws, Blocks Flash Player Content
Adobe Systems has patched seven critical vulnerabilities, which impact Windows, macOS and Linux users. The impact of the serious flaws range from arbitrary code execution to sensitive information disclosure. The software company’s regularly scheduled Tuesday security updates impact a slew of its...
Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On
Companies worldwide have continued to receive extortion emails threatening to launch a distributed denial-of-service DDoS attack on their network, unless they pay up – with British foreign-exchange company Travelex reportedly being one recent high-profile threat recipient. Researchers said that...
Cloud Leak Exposes 320M Dating-Site Records
Users of 70 different adult dating and e-commerce websites have had their personal information exposed, thanks to a misconfigured, publicly accessible Elasticsearch cloud server. In all, 320 million individual records were leaked online, researchers said. All of the impacted websites have one thi...
CEOs Could Be Held Personally Liable for Cyberattacks that Kill
A full 75 percent of top brass at companies will be personally on the hook for cyber-physical security CSP incidents by 2024 – especially those that involve fatalities. That’s according to the Gartner research firm, which predicted this week that CEOs soon will no longer be able to hide behind...
Leak Exposes Private Data of Genealogy Service Users
A server containing information of users of a genealogy service has exposed the data of 60,000 users, putting them at risk for fraud, phishing and other cybercriminal activity. Research led by Avishai Efrat at WizCase has discovered the leak, which affected an open and unencrypted ElasticSearch...
Microsoft Warns on OAuth Attacks Against Cloud App Users
Against the backdrop of widespread remote working and the increased use of collaboration apps, attackers are ramping up application-based attacks that exploit OAuth 2.0, Microsoft is warning. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services...
Safe Remote Access to Critical Infrastructure Networks in a Time of Global Crisis
With governments closing down workplaces all over the world, telecommuting presents not just online administrative and capacity challenges for organizations, but also security challenges. As highlighted in a recent article by Andy Greenberg from Wired, when more and more employees are asked to VP...
Copycat Site Serves Up Raccoon Stealer
Someone is targeting web denizens with a malicious, copycat Malwarebytes website, which serves up the Raccoon information stealer malware to unsuspecting visitors. According to the security firm itself, the attackers set up the domain “malwarebytes-free.com” with a domain registrar in Russia in...
Zoom Removes Data-Mining LinkedIn Feature
Zoom has nixed a feature that came under fire for “undisclosed data mining” of users’ names and email addresses, used to match them with their LinkedIn profiles. The feature, the LinkedIn Sales Navigator, is a LinkedIn service used for sales prospecting. When users enter a web conference meeting,...
44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig
Key Ring, creator of a digital wallet app used by 14 million people across North America, has exposed 44 million IDs, charge cards, loyalty cards, gift cards and membership cards to the open internet, researchers say. The Key Ring app allows users to upload scans and photos of various physical...
Top Email Protections Fail in Latest COVID-19 Phishing Campaign
Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections ATPs, researchers have found. The Cofense Phishing...
Let's Encrypt to Revoke Millions of TLS Certs
UPDATE Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security TLS certificates Wednesday, because of a Certificate Authority Authorization CAA bug. The move could mean that millions of websites and machine identities that rely on those certificates...
Google: Efforts Against Bad Android Apps on Play Store Are Working
Some of the efforts Google has made over the past few years to bolster the security of Android app users as well as the mobile apps available on its Google Play store are starting to work, according to the tech giant. The company, which historically has struggled mightily to keep bad apps and...
Docker Registries Expose Hundreds of Orgs to Malware, Data Theft
A slew of misconfigured Docker container registries has inadvertently exposed source code for 15,887 unique versions of applications owned by research institutes, retailers, news media organizations and technology companies. According to Palo Alto Networks’ Unit 42 division, the registries lacked...
Google Chrome To Bar HTTP File Downloads
Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection, if they are loaded on HTTPS webpages. HTTPS indicates that a website has an encrypted connection. When connecting to an HTTP website, browsers merely look up the IP address and...
Twitter Fixes Bug that Enabled Takeover of Android App Accounts
Twitter for Android users are being urged to update their app to avoid a security bug that allows a malicious user to access private account data and could also allow an attacker to take control of accounts to send tweets and direct messages. The warning comes from Twitter who said there are no...
‘Highly Competitive' Buer Loader Emerges in Underground Markets
A previously undocumented modular loader has emerged as a lucrative tool for cybercriminals in a variety of campaigns. Researchers say the “highly competitive” loader, dubbed Buer, is intended for use by actors seeking a turn-key, off-the-shelf solution. Researchers say they have spotted the load...
Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak
An open Elasticsearch server has exposed the rich profiles of more than 1.2 billion people to the open internet. First found on October 16 by researchers Bob Diachenko and Vinny Troia, the database contains more than 4 terabytes of data. It consists of scraped information from social media source...