15946 matches found
How to Maximize the Value of Your Cybersecurity Investment
When it comes to developing a successful cybersecurity program in 2019, simply purchasing and deploying cybersecurity technology is only the first step in deriving value from the investment. Maximizing value and capitalizing on these efforts requires a series of defined processes and no shortage ...
Old Printer Vulnerabilities Die Hard
Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found a vulnerability that allowed an attacker to compromise a multi-function printer with fa...
Intel’s ‘Virtual Fences’ Spectre Fix Won’t Protect Against Variant 4
Spectre and Meltdown fixes for Intel chips announced in March, to be embedded into new CPUs, do not address the newly disclosed Variant 4, sources said. Intel introduced hardware-based safeguards to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry...
Wicked Botnet Uses Passel of Exploits to Target IoT
Yet another variant of the Mirai botnet has appeared on the scene, but this one has a twist: The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. It also has ties to a web of other botnets, made for DDoS...
New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown
In the wake of the Meltdown and Spectre flaws, Microsoft has rolled out a new bug bounty program targeting speculative execution side channel vulnerabilities. The limited time program is open until December 31, and offers up to $250,000 for identifying new categories of speculative execution...
Microsoft Patches Zero Day Disclosed by Google
Microsoft followed through and today patched a zero-day vulnerability being exploited in public attacks that was disclosed by Google researchers nine days ago. The victims have yet to have been identified, but Microsoft did accuse the Sofacy APT gang of carrying out the attacks. Sofacy is general...
Apple Patches iOS Flaw Exploitable by Malicious JPEG
Apple on Monday patched a code execution vulnerability in iOS that could be exploited via a JPEG file crafted to take advantage of the flaw. Apple also issued its first round of patches for macOS Sierra as part of a large update that also included fixes for vulnerabilities found in Safari, Apple...
NIST Recommends SMS Two-Factor Authentication Deprecation
A U.S. government agency said the end is nigh for SMS-based two-factor authentication, citing a lack of security around the feature. The latest draft version of the Digital Authentication Guideline issued this week by the U.S. National Institute for Standards and Technology NIST said the practice...
New Campaign Targeting Japanese with Hacking Team Zero Day
Yet another group of attackers has quickly cashed in on one of the Adobe Flash zero days uncovered in the HackingTeam leak and is leveraging it to target Japanese organizations. Last week researchers determined that attackers were able to compromise two Japanese websites, the country’s...
Routers Vulnerable to Critical Remote Code Execution Vulnerability
A zero day vulnerability in popular household routers from D-Link and Trendnet could be exploited by attackers to run arbitrary code on devices. The flaw, which can be exploited without authentication, is present in version 1.3 of Realtek’s SDK, which figures into some brands of routers, accordin...
Third Adobe Flash 0Day Under Attack in HanJuan Exploit Kit
The little-known HanJuan exploit kit is delivering attacks targeting the most recent Adobe Flash Player zero-day vulnerability. Adobe has yet to produce a patch for the flaw, which researchers at Trustwave said is a use-after-free vulnerability. The flaw is the third to hit Flash in the last two...
Pirelli Home Broadband Routers Exposed for Two Years
ISP-issued home broadband routers have been a shooting gallery for researchers and hackers alike looking for, and successfully exploiting, shocking vulnerabilities. One disclosed by a researcher in Spain this week is symptomatic of the problem to a disturbing degree. Researcher Eduardo Novella...
Microsoft Schannel Bug Latest in Long Line of Serious Crypto Flaws
The critical vulnerability in the Schannel technology in Windows that Microsoft patched Tuesday is ripe for exploitation, experts say, and continues the long line of severe vulnerabilities in major SSL/TLS implementations in recent months. Secure Channel, also known as Schannel, is a technology...
Dyreza Banker Trojan Attackers Exploiting CVE-2014-4114 Windows Flaw
The Dyreza Trojan is nothing if not ambitious. The malware has been spotted doing a variety of interesting things in the last year, including bypassing SSL and targeting users of specific business apps. Now the Trojan is exploiting the recently disclosed CVE-2014-4114 vulnerability in Windows tha...
Xsser Trojan Spies on Jailbroken iOS Devices in Hong Kong
An iOS version of an Android espionage Trojan targeting activists and protestors in Hong Kong has been discovered on the command and control server hosting the Android malware. The iOS version, a mobile remote access Trojan dubbed Xsser by Lacoon Mobile Security, affects only jailbroken iOS...
TIFF Zero Day Patch Among December 2013 Microsoft updates
Microsoft will, next week, patch a zero-day vulnerability in its GDI+ graphics component being exploited in targeted attacks in the Middle East and Asia. The zero day has sat unpatched since it was made public Nov. 5; Microsoft did release a FixIt tool as a temporary mitigation. The patch is one ...
Attackers Beat Java Default Security Settings with Social Engineering
Oracle’s new security model for Java, in place since the release of Java 7 update 11, is under serious fire now that attackers have demonstrated in the wild how to bypass the updated controls with the help of social engineering. In 7U11, Oracle changed the default security setting in Java from...
MiniDuke Espionage Malware Hits Governments in Europe Using Adobe Exploits
New espionage malware has been discovered that targets a patched sandbox-bypass vulnerability in Adobe Reader. The attacks have hit a relatively small number of government victims in 23 countries, primarily in Europe, and rely on a string of unusual tactics, including the use of steganography to...
Java Exploit Linked to Red October Espionage Malware Campaign
Red October, the espionage campaign uncovered by Kaspersky Lab this week after attackers spent five years actively spying on diplomats, scientists, and governments worldwide, is using a Java exploit to infect its victims, bringing the exploit count to four in this campaign. Seculert, an Israeli...
Bank DDoS Attacks Using Compromised Web Servers as Bots
A rash of politically and socially motivated distributed denial-of-service attacks against major U.S. banks has been able to intermittently disrupt online and mobile banking services. The attackers have been able to fire unprecedented amounts of traffic at the likes of Wells Fargo, Bank of Americ...
Volume of Malware Targeting Java CVE-2012-1723 Flaw Spikes
It’s been nearly two months since Oracle patched the CVE-2012-1723 Java vulnerability, a serious remote pre-authentication flaw that’s present in the Java Runtime Environment. It’s taken a little time, but the attacker community has decided that this bug deserves some serious attention, and as a...
Microsoft to Issue Seven Bulletins, One Critical, on Patch Tuesday
Microsoft plans to issue seven security bulletins in the January Patch Tuesday release next week, fixing six vulnerabilities rated important and one rated critical. The bugs affect a variety of products, including Windows XP, Vista, Windows 7, Server 2003 and 2008 and Microsoft Developer Tools an...
U.S. Water Utilities Prime Cyberattack Target, Experts
Industrial controls governing water-related U.S. critical infrastructure are woefully under-estimated as cyberattack targets. The potential for attack, say policymakers, is too great to ignore with consequences potentially devastating to populations. On Wednesday, the Center on Cyber and Technolo...
2FA Bypassed in $34.6M Crypto.com Heist
Early Thursday morning, Crypto.com acknowledged that it had lost $34.65 million worth of cash, Bitcoin and Ethereum after getting ransacked in an attack that slipped fat transactions past two-factor authentication 2FA. Users had complained over the weekend that their accounts had been drained:...
Critical SonicWall NAC Vulnerability Stems from Apache Mods
Rapid7 has offered up more details on a SonicWall critical flaw that allows for unauthenticated remote code execution RCE on affected devices, noting that it arises from tweaks that the vendor made to the Apache httpd server. The bug CVE-2021-20038 is one of five vulnerabilities discovered in its...
Apple macOS Flaw Allows Kernel-Level Compromise
Apple has patched a vulnerability in macOS can allow attackers to bypass a key OS protection and install a malicious rootkit to perform arbitrary operations on a device, researchers from Microsoft have discovered. The problem—dubbed “Shrootless”–is associated with a security technology called...
U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn
The launch of a standing offer to pay for Windows virtual private network VPN software zero-day exploits came to light this week, even as the U.S. mulls new regulations on the export of tools that could be used in cyberattacks against the U.S. or its interests. The developments signal that the U....
Epik Confirms Hack, Gigabytes of Data on Offer
Epik, the domain registrar known for hosting several large right-wing organizations, has confirmed a hack of its systems, a week after attackers branding themselves part of the Anonymous hacktivist collective said that they had obtained and leaked gigabits of data from the hosting company,...
Amazon Driver-Surveillance Cameras Roll Out, Sparking Debate
Drivers working for Amazon Delivery Service Partners DSPs are increasingly under constant surveillance for safe driving, monitored by artificial intelligence which awards them a score and generates voice reminders for safe driving. That score is used to award bonuses, promotions and more. Drivers...
Gutenberg Template Library & Redux Framework Bugs Plague WordPress Sites
Two vulnerabilities have been found in the Gutenberg Template Library & Redux Framework plugin for WordPress, which is installed on more than 1 million websites. They could allow arbitrary plugin installation, post deletions and access to potentially sensitive information about a site’s...
Cream Finance DeFi Platform Rooked For $29M
Cream Finance is the latest decentralized finance DeFi platform for cryptocurrency trading to take a major financial hit at the hands of hackers, losing nearly $19 million in an attack this week on its “flash loan” feature. The attacker was able to steal nearly $29 million before being discovered...
‘I’m Calling About Your Car Warranty’, aka PII Hijinx
LAS VEGAS – When you sign up on a new website, where does that information go? Some researchers decided to find out. On Wednesday, they released their preliminary information at a Black Hat USA 2021 session called Use and Abuse of Personal Information. Researchers created 300 fake identities,...
5G Security Vulnerabilities Fluster Mobile Operators
As 5G private networks roll out in the coming years, security may be a key issue for enterprises. A survey released at Mobile World Congress on Monday shows that major gaps persist in security capabilities among mobile operators. Some 68 percent of operators already sell private wireless networks...
Utilities ‘Concerningly’ at Risk from Active Exploits
The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against. A new...
Windows Container Malware Targets Kubernetes
Windows containers have been victimized for over a year by the first known malware to target Windows containers. The ongoing campaign pierces Kubernetes clusters so as to plant backdoors, allowing attackers to steal data and user credentials, or even hijack an entire databases hosted in a cluster...
BazaLoader Masquerades as Movie-Streaming Service
There’s a new, fake movie-streaming service in town called BravoMovies, and the offerings are utter garbage. Despite its pretty pictures and fun-sounding titles, it’s got nothing to offer for download besides BazaLoader malware. BazaLoader is a loader used to deploy ransomware or other types of...
SolarWinds Malware Arsenal Widens with Raindrop
An additional piece of malware, dubbed Raindrop, has been unmasked in the sprawling SolarWinds supply-chain attacks. It was used in targeted attacks after the effort’s initial mass Sunburst compromise, researchers said. The SolarWinds espionage attack, which has affected several U.S. government...
TikTok Takes Teen Accounts Private
TikTok has decided to boost privacy measures for its underage users, the popular video-sharing social-media company announced. TikTok’s popularity is being driven by teens — the company reported in 2019 about 60 percent of its 26.5 monthly users are between the ages of 16 and 24, and these latest...
OldGremlin Ransomware Group Bedevils Russian Orgs
A new cybercriminal group called OldGremlin has been targeting Russian companies – including banks, industrial enterprises and medical firms – with ransomware attacks. OldGremlin relies on a bevy of tools, including custom backdoors called TinyPosh and TinyNode, to gain an initial foothold in the...
APIs Are the Next Frontier in Cybercrime
Application Programming Interface API usage has exploded, and cybercriminals are increasingly taking advantage of API security flaws to commit fraud and steal data. APIs, which are used to create connections between software programs and perform integrations, make everything a bit easier — from...
Researchers Sound Alarm Over Malicious AWS Community AMIs
Researchers are sounding the alarm over what they say is a growing threat vector tied to Amazon Web Services and its marketplace of pre-configured virtual servers. The danger, according to researchers with Mitiga, is that threat actors can easily build malware-laced Community Amazon Machine Image...
Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government
The APT group Transparent Tribe is mounting an ongoing cyberespionage campaign, researchers said, which is aimed at military and diplomatic targets around the world. The effort features a worm that can propagate from machine to machine while stealing files from USB removable drives. Transparent...
Anti-NATO Disinformation Campaign Leveraged CMS Compromises
Researchers have uncovered a widespread influence campaign that aims to discredit the Northern Atlantic Treaty Organization NATO, an intergovernmental military alliance between 30 North American and European countries. According to new research from FireEye, the campaign has been ongoing since at...
Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More
Despite COVID-19 pushing the Black Hat USA 2020 conference to go virtual for the first time, you can expect a steady stream of new security research, threat intel and an impressive lineup of high-profile speakers. This year’s conference kicks off with Matt Blaze, McDevitt Chair in Computer Scienc...
Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites
Researchers have identified a credit-card skimming campaign that’s been active since mid-April that has a rather specific and unusual target: ASP.NET-based websites running on Microsoft Internet Information Services IIS servers. New research from Malwarebytes Labs recently uncovered the campaign,...
Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic
The rate of mobile phishing rose sharply between the last quarter of 2019 and the first quarter of 2020, a boost most likely due to the increased number of people working from home due to COVID-19 stay-at-home orders, new research has found. In fact, encounter rates for enterprise mobile phishing...
'ICEBUCKET" Streaming TV Fraudsters Steal Millions of Ad Dollars in 'ICEBUCKET' Attack
A massive television ad fraud campaign that abuses the programmatic advertising ecosystem for connected TV CTV has successfully impersonated more than 2 million people in over 30 countries so far during its run, defrauding more than 300 different brands out of their ad dollars. The recently...
'Fake Fingerprints' Bypass Scanners with 3D Printing
New research has found that it’s possible to use 3D printing technology to create “fake fingerprints” that can bypass most fingerprint scanners used by popular devices. But, creating the attack remains costly and time-consuming. Researchers with Cisco Talos created different threat models that us...
In COVID-19 Scam Scramble, Cybercrooks Recycle Phishing Kits
Phishing attacks looking to take advantage of interest and fear around the COVID-19 health crisis are becoming a pandemic themselves – and apparently cybercriminals are looking to conserve resources by leaning on their older stockpiles of weapons to keep the infection wave going. Or Katz, a...
Coronavirus ‘Financial Relief’ Phishing Attacks Spike
Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic. The slew of campaigns piggy-back on news of governments mulling financial relief packages, in response to the economic stall brought on...