15946 matches found
Iranian APT Lures Defense Contractor in Catfishing-Malware Scam
Most people have probably heard of catfishing. That’s when someone adopts a fake online persona, usually to trick someone into falling in love. Now, threat actors have developed their own spin on the grift, developing appealing — objectively hot — profiles to charm victims into downloading malwar...
Ruthless Attackers Target Florida Condo Collapse Victims
Families mourning the loss of loved ones to the partial collapse of the Champlain Towers South condo building in Surfside, Fla. are now being urged to check the credit of their deceased relatives thanks to a group of heartless hackers targeting victims in a new identity-theft scheme. Apparently,...
Western Digital Users Face Another RCE
Bad news comes in threes, most particularly for Western Digital customers. As if things weren’t bad enough for the untold number of Western Digital customers whose data blinked out of existence last month, there’s another zero-day waiting for whoever can’t or won’t upgrade its My Cloud storage...
Kaseya Attack Fallout: CISA, FBI Offer Guidance
The REvil cybergang is taking credit for Friday’s massive ransomware attack against managed service provider Kaseya Ltd. The criminals behind the attack claim it infected 1 million systems tied to Kaseya services and are demanding $70 million in bitcoin in exchange for a decryption key. Federal...
Iran Media Websites Seized by U.S. in Disinformation Campaign
The Department of Justice has seized the domains of 36 Iranian media sites that officials say weren’t just operating in violation of sanctions, but were part of a widespread government-backed malign-influence operation targeting the U.S. The DoJ said that 33 of the sites are run by the Iranian...
Critical Palo Alto Cyber-Defense Bug Allows Remote ‘War Room’ Access
A critical security bug in Palo Alto Networks’ Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in. Found internally by Palo Alto, the bug CVE-2021-3044 is an...
IKEA Fined $1.2M for Elaborate ‘Spying System’
IKEA’s French subsidiary was just hit with a $1.2 million fine after it was found guilty of a creepy systematic snooping scheme targeting customers, employees and even prospective hires. Prosecutors said in all, the company illegally surveilled about 400 people in total, according to the BBC. IKE...
STEM Audio Table Rife with Business-Threatening Bugs
The STEM Audio Table conference-room speaker has a security vulnerability that would allow unauthenticated remote code execution RCE as root – paving the way for eavesdropping on conversations, denial of service, lateral movement throughout enterprise networks and more. And, there are multiple...
Steam Gaming Platform Hosting Malware
UPDATE Look out for SteamHide, an emerging malware that disguises itself inside profile images on the gaming platform Steam, which researchers think is being developed for a wide-scale campaign. The Steam platform merely serves as a vehicle which hosts the malicious file, according to research fr...
REvil Ransomware Ground Down JBS: Sources
The cyberattack that flattened operations at JBS Foods over the weekend was indeed a ransomware strike, the global food distributor has confirmed to the Biden administration, with sources pointing to the REvil Group as the responsible gang. Four people familiar with the matter who weren’t...
Cyber-Insurance Fuels Ransomware Payment Surge
Ransomware victims are increasingly falling back on their cyber-insurance providers to pay the ransom when they’re hit with an extortion cyberattack. But security researchers warn that this approach can quickly become problematic. In the first half of 2020, ransomware attacks accounted for 41...
Gig Workers Being Paid $500 for Payroll Passwords
Fintech startup Argyle, a financial-services platform aimed at gig workers, is working to replace credit scores assigned by bureaus like Equifax. But closer security analysis hints that Argyle could be just the latest incarnation of an ongoing data-collection campaign, paying people to give up...
Telegram Platform Abused in 'ToxicEye' Malware Campaigns
Hackers are leveraging the popular Telegram messaging app by embedding its code inside a remote access trojan RAT dubbed ToxicEye, new research has found. A victim’s computer infected with the ToxicEye malware is controlled via a hacker-operated Telegram messaging account. The ToxicEye malware ca...
Microsoft Office 365 Attacks Sparked from Google Firebase
A phishing campaign bent on stealing Microsoft login credentials is using Google Firebase to bypass email security measures in Microsoft Office 365, researchers said. Researchers at Armorblox uncovered invoice-themed emails sent to at least 20,000 mailboxes that purport to share information about...
Data from August Breach of Amazon Partner Juspay Dumped Online
Data from a breach that occurred five months ago involving Juspay, which handles payments for Amazon and other online retailers in India, has been dumped online, a researcher has found. Security researcher Rajshekhar Rajaharia discovered data of 35 million Indian credit-card holders from a breach...
Critical Bugs in Dell Wyse Thin Clients Allow Code Execution, Client Takeovers
Dell has patched two critical security vulnerabilities in its Dell Wyse Thin Client Devices, which are small form-factor computers optimized for connecting to a remote desktop. The bugs allow arbitrary code execution and the ability to access files and credentials, researchers said. Thin clients...
Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks
A high-severity Bluetooth vulnerability has been uncovered, which could enable an unauthenticated attacker within wireless range to eavesdrop or alter communications between paired devices. The flaw CVE-2020-15802, discovered independently by researchers at the École Polytechnique Fédérale de...
Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes
A security issue in popular video conferencing platform Zoom was disclosed this week, which could have allowed attackers to crack private meeting passcodes and snoop in on video conferences. The problem, which has already been fixed, stems from Zoom not having any check against repeated incorrect...
Chris Vickery: AI Will Drive Tomorrow’s Data Breaches
From malicious hacks to accidental misconfigurations, Chris Vickery has seen it all. But as cybercriminals continue to innovate, Vickery, the director of risk research with UpGuard, said one emerging security threat will “blindside” the world: “fakeable” voices. More bad actors using artificial...
Can Governments Defeat Nation-State Attacks on Critical Infrastructures?
For physical conflicts, we expect our government to protect us from nation-state adversaries. It turns out, though, that industrial enterprises are much better positioned to defeat most nation-state attacks on power plants, pipelines, and other critical infrastructures than governments are. For...
Supreme Court Phish Targets Office 365 Credentials
A highly-targeted phishing attack pretends to deliver subpoenas, but actually ends up collecting victims’ Office 365 credentials. The ongoing campaign has slipped by Office 365 and gateway security controls to hit several C-Suite level victims thus far. The phishing emails spoof the U.S. Supreme...
Quantum Security Goes Live with Samsung Galaxy
Samsung and South Korean telecom giant SK Telecom have debuted the Galaxy A Quantum 5G smartphone, sporting a quantum random number generation RNG chipset. It’s the first commercialization of quantum technology for mobile phones, and it will serve as a significant bellwether for full quantum...
Ransomware Attack Takes Down Toll Group Systems, Again
Australian transportation and logistics giant Toll Group has been hit by a ransomware attack – for the second time in three months. The company said a relatively new form of ransomware known as Nefilim had targeted its systems. Toll Group, a subsidiary of Japan Post Holdings, is a freight and...
Zoom Bombing Attack Hits U.S. Government Meeting
A U.S. House Oversight Committee meeting was the most recent victim of a Zoom bombing attack, after the meeting was disrupted at least three different times by uninvited attendees. The incident was disclosed in a recent internal letter from Jim Jordan R-Ohio to Carolyn Maloney R-NY, chairwoman fo...
Domain Name Security: Important Measures You Need to Know
Whether you are an individual, a large commercial business, or a small non-profit organization, the creation and protection of your online presence are essential. While many individuals and businesses use social media platforms to connect with followers, customers, or organization members, a doma...
Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’
UPDATE Researchers are shedding light on a Microsoft Azure misconfiguration bug that leaked sensitive access tokens, which could have given hackers access to virtual machine instances and cloud-based storage buckets. Since its discovery, an update has fixed what researchers said was a...
Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws
Adobe has released out-of-band updates addressing critical vulnerabilities in its Photoshop and Acrobat Reader products, which if exploited could allow arbitrary code-execution. Overall, Adobe on Wednesday patched flaws tied to 41 CVEs across its products, 29 of which were critical in severity. T...
FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter
Just ahead of its Champion’s League Round of 16 appearance next week, FC Barcelona’s official Twitter account was hacked in an apparent credential-stuffing attack. The strike resulted in account takeover and bogus tweets being sent out. The hacking collective known as OurMine, which made headline...
Iran-Backed APTs Collaborate on 3-Year 'Fox Kitten' Global Spy Campaign
Two Iran-backed APTs could be working together on a sprawling, three-year campaign to compromise high-value organizations from the IT, telecom, oil and gas, aviation, government and security sectors in Israel and around the world, according to a report by researchers at ClearSky. They maintain,...
Why Cloud, Collaboration Breed Insider Threats
When it comes to facing insider threats, many enterprises seem to be suffering from a type of organizational cognitive dissonance – as in, they hold two, seemingly contradictory beliefs when it comes to the cloud and the collaboration tools that they use. Specifically, business leaders and...
Smart Krampus-3PC Malware Targets iPhone Users Online
A malicious web redirect campaign affecting iPhone users has impacted more than 100 publisher websites, including online newspapers and international weekly news magazines. According to The Media Trust’s Digital Security & Operations DSO team, iPhone users visiting any of the impacted websites we...
Eye Clinic Breach Reveals Data of 20,000 Patients
A Utah eye clinic is in the process of informing 20,000 patients that they were the victims of a data breach that happened a year and a half ago and linked patients to a scam involving PayPal. The breach at the Utah Valley Eye Center in Provo, Utah, that exposed patient emails once again highligh...
Insurance Pays Out a Sliver of Norsk Hydro's Cyberattack Damages
On the heels of a severe cyberattack, aluminum giant Norsk Hydro has received only $3.6 million in cyber-insurance – just a fraction of the total costs in damage. Overall, the Oslo, Norway-based company incurred between $60 million to $71 million in damages from the incident, which forced it to...
Cynet’s free vulnerability assessment offering helps organizations significantly increase their security
Long before a cyberattack is underway, organizations need to be focused on improving their security. Part of this is to always be monitoring their environment, on the lookout for weaknesses and ready to take action if they are found. This is the best way to ensure the organization remains immune ...
Back-to-School Scams Target Students with Library-Themed Emails
College students settling back into school might want to think twice before clicking on an email prompting them to renew their school library account. Researchers warn that students at hundreds of universities worldwide are being targeted with fake emails this week, which tout attachments or link...
Feds: Cyberattack on NASA's JPL Threatened Mission-Control Data
NASA’s Jet Propulsion Laboratory JPL may know how to send delicate equipment to Mars, but basic cybersecurity best practices appear to pose an issue for it. A comprehensive federal review has detailed an April 2018 security incident that compromised mission systems – stemming from multiple IT...
Infosecurity Europe: Easing the Clash Between IT and Industrial Worlds
LONDON, UK – Information technology and operational technology are like two sides of the same coin. Their objectives are the same, but too often they don’t see eye-to-eye when it comes to priorities, according to cybersecurity experts. Information technology IT teams are tasked with securing and...
Tor Security Add-On Abruptly Killed by Mozilla Bug
Thanks to Mozilla letting an intermediate signing certificate expire, the Tor community was thrown into disarray over the weekend when the NoScript security add-on was suddenly killed for both Firefox and the Tor browser. A fix is available for Firefox, but the Tor issue continues. NoScript is a...
Microsoft Outlook Breach Widens in Scope, Impacting MSN And Hotmail – Report
UPDATE A recently-disclosed Microsoft email-platform breach is reportedly much worse than previously thought, now impacting a large number of Outlook accounts as well as MSN and Hotmail email accounts. On Friday, a slew of Outlook users reported receiving notifications from Microsoft. The...
SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort
SINGAPORE — Around 240 high-profile victims in 39 countries worldwide have become victims of an APT cyber-espionage attack, led by an organization dubbed the Gaza Cybergang that comprises several groups of varying sophistication. The victims, who were all targeted last year, include political,...
Threatpost Poll: Over Half of Firms Asked Struggle with Mobile Security
A Threatpost survey of readers found over half of respondents don’t feel sufficiently prepared to prevent or handle a security incident stemming from mobile devices in their firm. The informal survey results should serve as harbinger for security professionals in light of the fact that 80 percent...
Microsoft Fixes 66 Bugs in April Patch Tuesday Release
Microsoft’s April Patch Tuesday release includes fixes for 66 bugs, 24 of which are rated critical. Notable is Microsoft’s disclosure of a publicly known SharePoint elevation of privilege bug CVE-2018-1034, rated important, which has no fix but has not been publicly exploited. Microsoft SharePoin...
Cisco Patches Two Critical RCE Bugs in IOS XE Software
Three critical vulnerabilities were patched by Cisco Systems on Wednesday, each tied to the company’s widely used internetworking operating system IOS XE. Two of the bugs are remote code execution vulnerabilities that could allow an attacker to take control over affected systems. The critical bug...
Cisco Issues New Patches for Critical Firewall Software Vulnerability
Cisco has released new patches for a critical vulnerability in its Adaptive Security Appliance software after further investigation revealed additional attack vectors. The company first announced the vulnerability, CVE-2018-0101, on Jan. 29. It received a Common Vulnerability Scoring System base...
Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability
Popular open source forum software suffers from vulnerabilities that could let an attacker gain access to user accounts, carry out web-cache poisoning attacks, and in some instances, execute arbitrary code. Legal Hackers‘ Dawid Golunski found the vulnerabilities–a host header injection and an...
APT Group 'Patchwork' Cuts-and-Pastes a Potent Attack
An advanced persistent threat tied to Southeast Asia and the South China Sea is targeting governments and entities around the world including the U.S. The attacks are unique, according to security experts, because the perpetrators are relying nearly 100 percent on computer code copied-and-pasted...
Google Patches More Trouble in Mediaserver
Google has re-branded its monthly patch release, bringing a new name and new scope to the newly renamed Android Security Bulletin. While that may be new, the content is definitely familiar. Once again, critical remote code execution Mediaserver vulnerabilities dominate this month’s patches...
OpenSSH Private Crypto Key Leak Patch
OpenSSH today released a patch for a critical vulnerability that could be exploited by an attacker to force a client to leak private cryptographic keys. The attacker would have to control a malicious server in order to force the client to give up the key, OpenSSH and researchers at Qualys said in...
October 2015 Microsoft Patch Tuesday Security Bulletins
Microsoft’s monthly release of security bulletins today is a relatively light load of patches to be tested and deployed. The real news, however, could be in a separate advisory in which it continues to deprecate the outdated RC4 encryption algorithm. Following its initial advisory in May that...
Angler Exploit Kit Exploiting New Adobe Vulnerability, Dropping Cryptowall 3.0
While the Angler Exploit Kit may have already established itself as one of the more sophisticated kits on the underground market, it appears it’s still finding ways to evolve. Angler, this week, was spotted dropping the latest iteration of CryptoWall ransomware and leveraging yet another previous...