15946 matches found
Researcher Breaks reCAPTCHA With Google’s Speech-to-Text API
An old attack method dating back to 2017 that uses voice-to-text to bypass CAPTCHA protections turns out to still work on Google’s latest reCAPTCHA v3. That’s according to researcher Nikolai Tschacher, who posted a video proof-of-concept PoC of the attack on Jan. 2. CAPTCHA, introduced in 2014, i...
How to Increase Your Security Posture with Fewer Resources
With the number of COVID-19 cases increasing, another round of attacks is looming over schools and universities as they move into holiday break and prepare for the spring semester. According to a recent article the Wall Street Journal, there have been “nearly three dozen ransomware attacks agains...
New Windows Trojan Steals Browser Credentials, Outlook Files
Researchers have discovered a new information-stealing trojan, which targets Microsoft Windows systems with an onslaught of data-exfiltration capabilities– from collecting browser credentials to targeting Outlook files. The trojan, called PyMicropsia due to it being built with Python has been...
Scalper-Bots Shake Down Desperate PS5, Xbox Series X Shoppers
It’s a big week for gamers across the globe, with imminent, dueling releases of Xbox Series X and PlayStation PS5. However, an army of retail bots threaten to drive prices up as much as three times the retail price, putting the coveted holiday gifts well out of reach of everyday fans. Retailers...
Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals
The boozy names might sound like the kind of thing conjured up in a frat-house common room, but malware families Kegtap, Singlemalt and Winekey are being used to gain initial network access in potentially lethal ransomware attacks on healthcare organizations in the midst of a global pandemic,...
Unpatched Apple T2 Chip Flaw Plagues Macs
A researcher is claiming that Apple devices – with a macOS operating system and a T2 security chip – are open to an exploit that could give bad actors root access. A fix has not been issued by Apple. The flaw stems from the T2 chip, which is the second-generation version of Apple’s chip that...
Gamer Credentials Now a Booming, Juicy Target for Hackers
Credential theft targeting hardcore gamers has hit an all-time high as scams, illicit markets and account takeovers have become a booming business. The driving force behind the uptick in gaming-related crime is a sudden spike in usage of online games, spurred by the coronavirus pandemic and...
APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins
The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. Microsoft researchers have tied APT28 a.k.a. Strontium, Sofacy or Fancy Bear to this newly uncovered pattern of O365 activity, which began in April and is...
How Zero Trust and SASE Can Redefine Network Defenses for Remote Workforces
Zero Trust has been touted for years as the future of network security. But, only recently has it started to gain traction as a practical enterprise security framework. The implementation of digital transformation initiatives has thrust Zero Trust into the spotlight as network applications and...
Augmenting AWS Security Controls
Has the onslaught of lackluster webinars over the past few months left you wanting more? Are you seeking practical, relevant, and usable information and advice on how to stay secure in the cloud? Well, you’re in luck! DivvyCloud, the leading provider of cloud and container security and compliance...
Malicious 'Blur' Photo App Campaign Discovered on Google Play
A new campaign of malicious photo apps on Google Play floods Android devices with random ads instead of functioning as advertised. They also elude detection by making its icon disappear from the device home screen soon after it’s downloaded. Researchers at the White Ops Satori Threat Intelligence...
OilRig APT Drills into Malware Innovation with Unique Backdoor
A series of cyberattacks on a telecom company in the Middle East has signaled the return of the OilRig APT. The attacks also revealed a revised backdoor tool in the group’s arsenal, called RDAT. The attacks were observed in April by Palo Alto Networks’ Unit 42. Researchers there said that the...
Tycoon Ransomware Banks on Unusual Image File Tactic
A new ransomware strain called Tycoon is seeking to wheel and deal its way into the Windows and Linux worlds, using a little-known Java image format as part of its kill chain. The ransomware is housed in a trojanized version of the Java Runtime Environment JRE, according to researchers at...
Turla APT Revamps One of Its Go-To Spy Tools
The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan RAT to attack governmental targets. Turla a.k.a. Snake, Venomous Bear, Waterbug or Uroboros, is a Russian-speaking threat actor known since 2014, but with roots that go back to 2004 and earlier,...
Silent Night Banking Trojan Charges Top Dollar on the Underground
A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware’s author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service MaaS model. Custom builds can run as much as $4,000 per month to use, which researchers say is now...
Texas Courts Won't Pay Up in Ransomware Attack
A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested by the cybercriminals. Specifically affected is the...
Zoom Kills iOS App’s Data-Sharing Facebook Feature
Zoom has removed a feature in its iOS web conferencing app that was sharing analytics data with Facebook, after a report revealing the practice sparked outrage. According to the Motherboard report last week that originally disclosed the privacy issue, the transferred information included data on...
TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal
The TrickBot malware has added a new feature: A module called rdpScanDll, built for brute-forcing remote desktop protocol RDP accounts. According to BitDefender, the module has been used in campaigns against telecom, education and financial services industry targets in the United States and Hong...
Equifax Breach: Four Members of Chinese Military Charged with Hacking
U.S. authorities have charged four Chinese military officers in the 2017 Equifax data breach, which compromised the data of nearly 150 million. The four, Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei, are believed to be members of the 54th Research Institute of the Chinese People’s Liberation Army PLA...
Tesla Autopilot Duped By 'Phantom' Images
Researchers said that autopilot systems used by popular cars – including the Tesla Model X – can be fooled into detecting fake images, projected by drones on the road or on surrounding billboards, as real. Attackers could potentially leverage this design hole to trigger the systems to brake or...
Google to Nix Chrome Support for Third-Party Cookies by 2022
Google has set an aggressive two-year deadline for dropping support for third-party tracking cookies in its Chrome web browser. Tracking cookies, which allow advertisers to virtually follow people around the web, are used for ad targeting. The move follows a number of privacy hardening steps by...
N.J.'s Largest Hospital System Pays Up in Ransomware Attack
New Jersey’s largest hospital system said that it has paid hackers a ransom after a ransomware attack disrupted its services earlier this month. Hackensack Meridian Health, a $6 billion non-profit health provider system based in Edison, N.J., operates 17 hospitals, nursing homes and outpatient...
Elder Scrolls Online Targeted by Cybercrooks Hunting In-Game Loot
Phishers are out in force to scam aficionados of the Elder Scrolls Online video game into giving up their account details. The crooks are posing as developers for the game under the moniker “ElderScrollDevs,” and targeting those with PlayStation consoles and possibly others, according to a Reddit...
Point Blank Gamers Targeted with Backdoor Malware
The focus of the APT behind the ShadowHammer supply-chain attack that abused the ASUS computer update function turns out to be wider in scope than previously thought. Researchers have found similar digitally-signed binaries using the videogame industry as a delivery conduit for malware. Victims...
RSA Conference 2019: Data-Wiping Cyberattacks Plague Financial Firms
Over a quarter of surveyed financial institutions reported that they were targeted by destructive cyberattacks over the past year, bent on completely destroying data. That’s according to a new Carbon Black report unveiled at RSA this year. The report, “Modern Bank Heists: The Bank Robbery Shifts ...
Ring Doorbell Flaw Opens Door to Spying
UPDATE A serious flaw in the popular Ring smart doorbell could allow an attacker on a shared WiFi network to spy on families’ video and audio footage, according to researchers. Ring Doorbell is a popular home security device acquired by Amazon. Researchers with BullGuard discovered a way to launc...
Adobe Patches Important Bugs in Connect and Digital Edition
Adobe released patches for two bugs rated “important” in its Adobe Digital Edition and Adobe Connect products. The two important vulnerabilities, patched Tuesday, include an information disclosure bug in Adobe’s ebook reader software program, Digital Edition; as well as a session token exposure b...
Federal Agencies Face an Uphill Battle in Cyber-Preparedness
In the wake of the elimination of the federal cybersecurity czar position, the latest federal cybersecurity preparedness report from the Office of Management and Budget OMB and the Department of Homeland Security DHS shows that U.S. government is nowhere near ready for prime time when it comes to...
Browser Side-Channel Flaw De-Anonymizes Facebook Data
A side-channel vulnerability in Google Chrome and Mozilla Firefox allows drive-by de-anonymization of Facebook users. An exploit would allow an attacker to pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website – with no...
Firefox, Chrome Patch Vulnerabilities, Add Security Features
Both Mozilla and Google have updated their browsers this week and have added important security fixes along with bolstering user privacy and safety. Google tackled 53 security fixes on Wednesday with the debut of Chrome 64 version 64.0.3282.119 for Windows, Mac and Linux. Only three of the...
1M Downloads Later, Google Pulls Phony WhatsApp From Google Play
Google has removed a phony WhatsApp download from Google Play and suspended the developer’s account, but not before the ad-spewing app was downloaded more than one million times. The unwanted app, called Update WhatsApp Messenger, was disclosed by a handful of Redditors over the weekend who said...
Apache OpenOffice Update Patches Four Vulnerabilities
The Apache Software Foundation fixed four vulnerabilities Friday tied to its popular Apache OpenOffice suite of free productivity applications. The patches are for the suite’s word processing and graphics apps. Each of the vulnerabilities are rated medium in severity. Three of the four bugs patch...
Cisco Patches Publicly Disclosed SNMP Vulnerabilities in IOS, IOS XE
Cisco has patched nine serious remote code execution vulnerabilities in the SNMP subsystem running in its IOS and IOS XE software. The vulnerabilities had been publicly disclosed. Cisco notified users of the availability of patches after releasing its initial advisory on the matter on June 29,...
Risk of 'Destructive Cyber Attacks' Prompts Microsoft to Update XP Again
Fearing destructive attacks precipitated by the availability of the nation-state exploits in the wild that spawned the WannaCry outbreak, Microsoft today announced that its Patch Tuesday updates would include fixes for older versions of Windows, including XP. The move is unusual and mimics a...
Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop
Adobe patched 59 vulnerabilities in five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App as part of its regularly scheduled software update today. The company warned in a series of security bulletins posted shortly before noo...
OpenSSL Update Fixes High Severity DoS Vulnerability
The OpenSSL Software Foundation released an update to the OpenSSL crypto library that patches a vulnerability rated high severity that could allow a remote attacker to cause a denial-of-service condition. OpenSSL released the version 1.1.0e update that fixes flaws found in OpenSSL 1.1.0, accordin...
Google Patches 29 Critical Android Vulnerabilities Including Holes in Mediaserver, Qualcomm
Google has patched ten critical vulnerabilities tied to problem-plagued Android components like Mediaserver, NVIDIA’s GPU driver, and Qualcomm’s driver. The most serious bug, according to Google’s January Android Security Bulletin, is the Mediaserver vulnerability. “The most severe of these issue...
July 2015 Microsoft Patch Tuesday Security Bulletins
Microsoft has patched a zero-day vulnerability in the Windows kernel uncovered and exploited by Hacking Team. The zero day was found among the 400 GB of data stolen from the Italian surveillance software maker and posted online July 5. A trio of Adobe Flash Player zero days were also uncovered...
OPM Hack Expands to Include Data of 21.5M People
UPDATE–The ever-expanding data breach at the Office of Personnel Management has now spread to include the Social Security numbers and other personal data of a total of 21.5 million people, and the toll also now includes the agency’s director, Katherine Archuleta, who resigned Friday morning...
IBM Outs Dyre Wolf Campaign Steals $1 Million
The Dyre banking Trojan‘s ascension to the top of the financial malware food chain took a massive leap forward in the first three months of 2015. Already spreading a damaging piece of malware that targets corporate bank accounts, the Eastern European keepers of Dyre recently upped their social...
Malvertising Campaign Hits AOL Ad Network, Leads to Exploit Kit
Researchers have detected a malvertising campaign running on a pair of sites owned by Huffington Post that is using ads distributed through an AOL ad network. The attack is sending victims through a series of redirects that eventually brings them to a landing page that is running an exploit kit...
OpenSSL Releases Patch for POODLE Attack
The OpenSSL Project has released a new version of the encryption software, which patches several security flaws, including the bug that is exploited by the POODLE attack on SSLv3. The updated versions of OpenSSL come just a couple of days after a trio of researchers at Google revealed the POODLE...
Fake AV Defru Puts New Spin on Rogue AV
Rogue antivirus was once the scourge of the Internet, and while this sort of malware is not entirely extinct, it’s fallen out of favor among criminals as users have become more aware and security products have gotten better at blocking the threat. Image via TechNet However, Daniel Chipiristeanu, ...
SSL Pulse Scans Quantify Vulnerable OpenSSL Servers
Certain mitigating factors made the recent OpenSSL man-in-the-middle vulnerability a notch or two below Heartbleed in terms of criticality. With that in consideration, it’s probably no surprise that patching levels for CVE-2014-0224 aren’t as high out of the gate as they were for Heartbleed. Ivan...
counterfeit merchandise domains seized
In an attempt to curb the rampancy of fraud throughout the holiday shopping season, a coalition of international law enforcement agencies seized 706 Internet domains allegedly involved in the sale of counterfeit merchandise. The United States Homeland Security Investigations’ HSI National...
Nearly 2000 Sites Vulnerable to Ruby on Rails Cookie Problem
A lingering security issue in Ruby on Rails that stems from a setting in the framework’s cookie-based storage mechanism is still present in almost 2,000 websites. Sites using an old version of Ruby on Rails that relies on CookieStore, the framework’s default cookie storage mechanism, are at risk...
Metasploit Module Adds Sudo Vulnerability for OS X
Attackers looking to exploit a previously disclosed and apparently still unpatched bug in sudo, a Unix-based Linux command found in most Apple OS X builds have gotten a little more help this week. As Threatpost reported in March, the vulnerability CVE-2013-1775 can essentially set back the...
TrueType Font Flaws in July 2013 Microsoft Patch Tuesday
Going all the way back to the Duqu attacks, font-parsing vulnerabilities and exploits have been symptomatic of some high-end espionage attacks targeting the Windows kernel. As a result, with hackers paying more attention to the core of the Windows OS, this year Microsoft has had to address a numb...
Google Fixes Security Vulnerabilities with Chrome Update
Google released a stable channel update for its Chrome browser yesterday, resolving 12 vulnerabilities, one of which was considered ‘critical’, Google’s most severe rating, ten of which received second most severe ‘high’ ratings, and one receiving a third-in-line ‘medium’ rating. Google paid out ...
Ruby on Rails Patches DoS, XSS Vulnerabilities
The developers of Ruby on Rails, the popular web app framework, released four new versions of the product yesterday, complete with fixes for a series of vulnerabilities that could have lead to denial of service attacks and XSS injections. Four vulnerabilities in total are addressed in versions...