15946 matches found
How Zero Trust and SASE Can Redefine Network Defenses for Remote Workforces
Zero Trust has been touted for years as the future of network security. But, only recently has it started to gain traction as a practical enterprise security framework. The implementation of digital transformation initiatives has thrust Zero Trust into the spotlight as network applications and...
Augmenting AWS Security Controls
Has the onslaught of lackluster webinars over the past few months left you wanting more? Are you seeking practical, relevant, and usable information and advice on how to stay secure in the cloud? Well, you’re in luck! DivvyCloud, the leading provider of cloud and container security and compliance...
Malicious 'Blur' Photo App Campaign Discovered on Google Play
A new campaign of malicious photo apps on Google Play floods Android devices with random ads instead of functioning as advertised. They also elude detection by making its icon disappear from the device home screen soon after it’s downloaded. Researchers at the White Ops Satori Threat Intelligence...
OilRig APT Drills into Malware Innovation with Unique Backdoor
A series of cyberattacks on a telecom company in the Middle East has signaled the return of the OilRig APT. The attacks also revealed a revised backdoor tool in the group’s arsenal, called RDAT. The attacks were observed in April by Palo Alto Networks’ Unit 42. Researchers there said that the...
Tycoon Ransomware Banks on Unusual Image File Tactic
A new ransomware strain called Tycoon is seeking to wheel and deal its way into the Windows and Linux worlds, using a little-known Java image format as part of its kill chain. The ransomware is housed in a trojanized version of the Java Runtime Environment JRE, according to researchers at...
Turla APT Revamps One of Its Go-To Spy Tools
The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan RAT to attack governmental targets. Turla a.k.a. Snake, Venomous Bear, Waterbug or Uroboros, is a Russian-speaking threat actor known since 2014, but with roots that go back to 2004 and earlier,...
Silent Night Banking Trojan Charges Top Dollar on the Underground
A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware’s author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service MaaS model. Custom builds can run as much as $4,000 per month to use, which researchers say is now...
Texas Courts Won't Pay Up in Ransomware Attack
A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested by the cybercriminals. Specifically affected is the...
Zoom Kills iOS App’s Data-Sharing Facebook Feature
Zoom has removed a feature in its iOS web conferencing app that was sharing analytics data with Facebook, after a report revealing the practice sparked outrage. According to the Motherboard report last week that originally disclosed the privacy issue, the transferred information included data on...
TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal
The TrickBot malware has added a new feature: A module called rdpScanDll, built for brute-forcing remote desktop protocol RDP accounts. According to BitDefender, the module has been used in campaigns against telecom, education and financial services industry targets in the United States and Hong...
Equifax Breach: Four Members of Chinese Military Charged with Hacking
U.S. authorities have charged four Chinese military officers in the 2017 Equifax data breach, which compromised the data of nearly 150 million. The four, Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei, are believed to be members of the 54th Research Institute of the Chinese People’s Liberation Army PLA...
Tesla Autopilot Duped By 'Phantom' Images
Researchers said that autopilot systems used by popular cars – including the Tesla Model X – can be fooled into detecting fake images, projected by drones on the road or on surrounding billboards, as real. Attackers could potentially leverage this design hole to trigger the systems to brake or...
Google to Nix Chrome Support for Third-Party Cookies by 2022
Google has set an aggressive two-year deadline for dropping support for third-party tracking cookies in its Chrome web browser. Tracking cookies, which allow advertisers to virtually follow people around the web, are used for ad targeting. The move follows a number of privacy hardening steps by...
N.J.'s Largest Hospital System Pays Up in Ransomware Attack
New Jersey’s largest hospital system said that it has paid hackers a ransom after a ransomware attack disrupted its services earlier this month. Hackensack Meridian Health, a $6 billion non-profit health provider system based in Edison, N.J., operates 17 hospitals, nursing homes and outpatient...
Elder Scrolls Online Targeted by Cybercrooks Hunting In-Game Loot
Phishers are out in force to scam aficionados of the Elder Scrolls Online video game into giving up their account details. The crooks are posing as developers for the game under the moniker “ElderScrollDevs,” and targeting those with PlayStation consoles and possibly others, according to a Reddit...
Ukrainian Charged With Launching 100 Million Malicious Ads
A Ukrainian national has been extradited to the U.S. for allegedly operating a five-year-long malvertising scheme – reaching victims with more than 100 million malicious ads worldwide. Oleksii Petrovich Ivanov, 31, appeared in Newark, N.J. federal court on Friday after being extradited to the U.S...
Point Blank Gamers Targeted with Backdoor Malware
The focus of the APT behind the ShadowHammer supply-chain attack that abused the ASUS computer update function turns out to be wider in scope than previously thought. Researchers have found similar digitally-signed binaries using the videogame industry as a delivery conduit for malware. Victims...
RSA Conference 2019: Data-Wiping Cyberattacks Plague Financial Firms
Over a quarter of surveyed financial institutions reported that they were targeted by destructive cyberattacks over the past year, bent on completely destroying data. That’s according to a new Carbon Black report unveiled at RSA this year. The report, “Modern Bank Heists: The Bank Robbery Shifts ...
Ring Doorbell Flaw Opens Door to Spying
UPDATE A serious flaw in the popular Ring smart doorbell could allow an attacker on a shared WiFi network to spy on families’ video and audio footage, according to researchers. Ring Doorbell is a popular home security device acquired by Amazon. Researchers with BullGuard discovered a way to launc...
Adobe Patches Important Bugs in Connect and Digital Edition
Adobe released patches for two bugs rated “important” in its Adobe Digital Edition and Adobe Connect products. The two important vulnerabilities, patched Tuesday, include an information disclosure bug in Adobe’s ebook reader software program, Digital Edition; as well as a session token exposure b...
Federal Agencies Face an Uphill Battle in Cyber-Preparedness
In the wake of the elimination of the federal cybersecurity czar position, the latest federal cybersecurity preparedness report from the Office of Management and Budget OMB and the Department of Homeland Security DHS shows that U.S. government is nowhere near ready for prime time when it comes to...
Browser Side-Channel Flaw De-Anonymizes Facebook Data
A side-channel vulnerability in Google Chrome and Mozilla Firefox allows drive-by de-anonymization of Facebook users. An exploit would allow an attacker to pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website – with no...
Firefox, Chrome Patch Vulnerabilities, Add Security Features
Both Mozilla and Google have updated their browsers this week and have added important security fixes along with bolstering user privacy and safety. Google tackled 53 security fixes on Wednesday with the debut of Chrome 64 version 64.0.3282.119 for Windows, Mac and Linux. Only three of the...
Huawei Router Vulnerability Used to Spread Mirai Variant
Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router mode...
1M Downloads Later, Google Pulls Phony WhatsApp From Google Play
Google has removed a phony WhatsApp download from Google Play and suspended the developer’s account, but not before the ad-spewing app was downloaded more than one million times. The unwanted app, called Update WhatsApp Messenger, was disclosed by a handful of Redditors over the weekend who said...
Apache OpenOffice Update Patches Four Vulnerabilities
The Apache Software Foundation fixed four vulnerabilities Friday tied to its popular Apache OpenOffice suite of free productivity applications. The patches are for the suite’s word processing and graphics apps. Each of the vulnerabilities are rated medium in severity. Three of the four bugs patch...
Cisco Patches Publicly Disclosed SNMP Vulnerabilities in IOS, IOS XE
Cisco has patched nine serious remote code execution vulnerabilities in the SNMP subsystem running in its IOS and IOS XE software. The vulnerabilities had been publicly disclosed. Cisco notified users of the availability of patches after releasing its initial advisory on the matter on June 29,...
Risk of 'Destructive Cyber Attacks' Prompts Microsoft to Update XP Again
Fearing destructive attacks precipitated by the availability of the nation-state exploits in the wild that spawned the WannaCry outbreak, Microsoft today announced that its Patch Tuesday updates would include fixes for older versions of Windows, including XP. The move is unusual and mimics a...
Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop
Adobe patched 59 vulnerabilities in five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App as part of its regularly scheduled software update today. The company warned in a series of security bulletins posted shortly before noo...
OpenSSL Update Fixes High Severity DoS Vulnerability
The OpenSSL Software Foundation released an update to the OpenSSL crypto library that patches a vulnerability rated high severity that could allow a remote attacker to cause a denial-of-service condition. OpenSSL released the version 1.1.0e update that fixes flaws found in OpenSSL 1.1.0, accordin...
Google Patches 29 Critical Android Vulnerabilities Including Holes in Mediaserver, Qualcomm
Google has patched ten critical vulnerabilities tied to problem-plagued Android components like Mediaserver, NVIDIA’s GPU driver, and Qualcomm’s driver. The most serious bug, according to Google’s January Android Security Bulletin, is the Mediaserver vulnerability. “The most severe of these issue...
PLC Blaster Worm Targets Industrial Control PLCs
LAS VEGAS – Security researchers at Black Hat USA described a proof-of-concept worm that targets weaknesses within automated industrial control systems used to manage critical infrastructure and manufacturing. The worm, according to OpenSource Security, has the capability to autonomously search f...
July 2015 Microsoft Patch Tuesday Security Bulletins
Microsoft has patched a zero-day vulnerability in the Windows kernel uncovered and exploited by Hacking Team. The zero day was found among the 400 GB of data stolen from the Italian surveillance software maker and posted online July 5. A trio of Adobe Flash Player zero days were also uncovered...
OPM Hack Expands to Include Data of 21.5M People
UPDATE–The ever-expanding data breach at the Office of Personnel Management has now spread to include the Social Security numbers and other personal data of a total of 21.5 million people, and the toll also now includes the agency’s director, Katherine Archuleta, who resigned Friday morning...
IBM Outs Dyre Wolf Campaign Steals $1 Million
The Dyre banking Trojan‘s ascension to the top of the financial malware food chain took a massive leap forward in the first three months of 2015. Already spreading a damaging piece of malware that targets corporate bank accounts, the Eastern European keepers of Dyre recently upped their social...
Chrome 40 Patches 62 Security Vulnerabilities
Google pushed out on Wednesday a new version of its Chrome browser 40.0.2214.91 and along with it paid out more than two dozen bounties, including 16 for memory corruption vulnerabilities. In all, 62 security vulnerabilities were patched, 17 of those considered high severity bugs by Google. Most ...
Malvertising Campaign Hits AOL Ad Network, Leads to Exploit Kit
Researchers have detected a malvertising campaign running on a pair of sites owned by Huffington Post that is using ads distributed through an AOL ad network. The attack is sending victims through a series of redirects that eventually brings them to a landing page that is running an exploit kit...
OpenSSL Releases Patch for POODLE Attack
The OpenSSL Project has released a new version of the encryption software, which patches several security flaws, including the bug that is exploited by the POODLE attack on SSLv3. The updated versions of OpenSSL come just a couple of days after a trio of researchers at Google revealed the POODLE...
Fake AV Defru Puts New Spin on Rogue AV
Rogue antivirus was once the scourge of the Internet, and while this sort of malware is not entirely extinct, it’s fallen out of favor among criminals as users have become more aware and security products have gotten better at blocking the threat. Image via TechNet However, Daniel Chipiristeanu, ...
SSL Pulse Scans Quantify Vulnerable OpenSSL Servers
Certain mitigating factors made the recent OpenSSL man-in-the-middle vulnerability a notch or two below Heartbleed in terms of criticality. With that in consideration, it’s probably no surprise that patching levels for CVE-2014-0224 aren’t as high out of the gate as they were for Heartbleed. Ivan...
counterfeit merchandise domains seized
In an attempt to curb the rampancy of fraud throughout the holiday shopping season, a coalition of international law enforcement agencies seized 706 Internet domains allegedly involved in the sale of counterfeit merchandise. The United States Homeland Security Investigations’ HSI National...
Nearly 2000 Sites Vulnerable to Ruby on Rails Cookie Problem
A lingering security issue in Ruby on Rails that stems from a setting in the framework’s cookie-based storage mechanism is still present in almost 2,000 websites. Sites using an old version of Ruby on Rails that relies on CookieStore, the framework’s default cookie storage mechanism, are at risk...
Metasploit Module Adds Sudo Vulnerability for OS X
Attackers looking to exploit a previously disclosed and apparently still unpatched bug in sudo, a Unix-based Linux command found in most Apple OS X builds have gotten a little more help this week. As Threatpost reported in March, the vulnerability CVE-2013-1775 can essentially set back the...
TrueType Font Flaws in July 2013 Microsoft Patch Tuesday
Going all the way back to the Duqu attacks, font-parsing vulnerabilities and exploits have been symptomatic of some high-end espionage attacks targeting the Windows kernel. As a result, with hackers paying more attention to the core of the Windows OS, this year Microsoft has had to address a numb...
Google Fixes Security Vulnerabilities with Chrome Update
Google released a stable channel update for its Chrome browser yesterday, resolving 12 vulnerabilities, one of which was considered ‘critical’, Google’s most severe rating, ten of which received second most severe ‘high’ ratings, and one receiving a third-in-line ‘medium’ rating. Google paid out ...
Ruby on Rails Patches DoS, XSS Vulnerabilities
The developers of Ruby on Rails, the popular web app framework, released four new versions of the product yesterday, complete with fixes for a series of vulnerabilities that could have lead to denial of service attacks and XSS injections. Four vulnerabilities in total are addressed in versions...
Adobe ColdFusion Exploits in Wild; Patch Remains Week Away
Adobe is recommending ColdFusion users apply a series of mitigations to counter active exploits against vulnerabilities in the application server. An advisory was released late Friday night that the trio of flaws are being targeted by attackers, and that the company would not have a patch availab...
Kelihos Update Includes New TLD and USB Infection Capabilities
There’s a little Michael Myers in the Kelihos botnet; maim it, kill it and it keeps on coming back to wreak more havoc. The 2011 takedown of the Kelihos botnet was one of Microsoft’s high-profile success stories against spambots and the like, yet Kelihos was back for more at the start of 2012 usi...
How SQL Injection Attacks Work
SQL injection attacks have been going on for years, and the vulnerabilities and exploitation techniques are well-understood and widely discussed. However, they’re still quite prevalent and are used in a variety of scenarios. One recent example is the attack on a Yahoo site that resulted in a brea...
Attackers Target CVE-2012-0754 Adobe Flash Bug
An Adobe Flash vulnerability fixed last month is being used in targeted attacks right now, with attackers attempting to persuade victims to open a malicious Word document that contains the payload for the Flash bug. The vulnerability has been patched for nearly a month, but history has shown that...