15946 matches found
Researchers Bypass Microsoft Fix It for IE Zero Day
Expect amped up pressure aimed in Microsoft’s direction for a patch for the Internet Explorer zero day that surfaced last week, now that researchers at Exodus Intelligence reported today they have developed a bypass for the Fix It that Microsoft released as a temporary mitigation. Their new explo...
Oracle Patch Update to Include 109 Patches
Buckle up Oracle administrators for 109 patches coming your way tomorrow. Oracle’s quarterly Critical Patch Update is due, and the company is releasing fixes for security vulnerabilities across most of its enterprise products, addressing a host of remotely exploitable flaws. This comes a little...
Large-Scale Water Holing Attack Campaigns Hitting Key Targets
A new APT-style espionage campaign launched this summer targeting organizations tied to financial services, government agencies and the defense industry used a technique dubbed water holing to entice victims and silently redirect them to sites hosting zero-day exploits. Researchers at RSA Securit...
New PDF Attack Targets Aviation Defense Industry
FireEye reported today it had detected a new critical PDF attack targeting the aviation defense industry. Malware Page exploits a stack-based buffer overflow vulnerability in Adobe Acrobat and Adobe Reader. An attacker would be able to execute code remotely via a crafted argument to the getIcon...
The Rise of Cross-Platform Malware
For most of the recorded history of malware, viruses, Trojans and other malicious software have been specialists. Each piece of malware typically targeted one platform, be it Windows, OS X or now, one of the mobile platforms. But the last few months have seen the rise of cross-platform malware th...
What Have We Learned: Flame Malware
When the news about the Flame malware first broke several weeks ago, people from all parts of the security community, political world and elsewhere quickly began trying to figure out what the significance of the tool was and whether it represented anything new. That was difficult at the time, giv...
Report: Strategic Web Compromises Behind Recent Hack of Amnesty, Others
A recent string of Web site hacks at Amnesty International and other NGOs are evidence of a campaign of cyber espionage directed against human rights orgnaizations, according to a report from The Shadowserver Foundation. In a report on Tuesday, the Foundation said that its members had witnessed a...
Adobe Issues Emergency Fix For Flash Player Vulnerabilities
Adobe on Monday issued two emergency fixes for critical security vulnerabilities in its Flash Player product. The vulnerabilities, if left unpatched, could allow an attacker to take control of a system running a vulnerable version of Flash Player. Adobe on Monday issued two emergency fixes for...
End of Support for XP SP2 is End of an Era
Microsoft’s announcement this week that it is preparing to end support for machines running Windows XP SP2 not only represents a challenge for the thousands of businesses still running SP2, but also is the end of an era for both Microsoft and its customers. By the time Microsoft drops support for...
'High Risk' Flaw Fixed in Google Chrome
Google has pushed out a new version of its Chrome browser to fix a high-severity security hole that could lead to malicious code execution attacks. The vulnerability could be exploited to run arbitrary code within the Google Chrome sandbox, the company said in an advisory. The raw details: The v8...
Adam Shostack on Privacy and the PETS '09 Workshop
Dennis Fisher talks with Microsoft’s Adam Shostack about the Privacy Enhancing Technologies Symposium, the definition of privacy in today’s world and the role of technology in helping to enhance and protect that privacy. Show notes: Adam’s blog post on “Understanding Privacy” by Dan Solove...
Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics
Zeppelin ransomware is back and employing new compromise and encryption tactics in its recent campaigns against various vertical industries—particularly healthcare—as well as critical infrastructure organizations, the feds are warning. Threat actors deploying the ransomware as a service RaaS are...
Emerging H0lyGh0st Ransomware Tied to North Korea
Microsoft researchers have linked an emerging ransomware threat that already has compromised a number of small-to-mid-sized businesses to financially motivated North Korean state-sponsored actors that have been active since last year. The group has successfully compromised small-to-mid-sized...
Credential Spear-Phishing Uses Spoofed Zix Encrypted Email
Armorblox researchers have spotted an ongoing credential-phishing attack that spoofs an encrypted Zix email – one coming, weirdly enough, from what looks like a legitimate domain associated with the Baptist religion. At least, the threat actor is sending the phishing attack from...
Netgear SOHO Security Bug Allows RCE, Corporate Attacks
A high-severity security bug affecting several Netgear small office/home office SOHO routers could allow remote code execution RCE via a man-in-the-middle MiTM attack. The bug CVE-2021-40847 exists in a third-party component that Netgear includes in its firmware, called Circle – it handles the...
LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files
After Bangkok Airways disclosed that it had been clobbered by a cyberattack last week, the LockBit 2.0 ransomware gang tossed its own countdown clock in the trash and went ahead and published what it claims are the airline’s encrypted files on its leak site. BleepingComputer posted an image shown...
Memory Bugs in BlackBerry’s QNX Embedded OS Open Devices to Attacks
The potential danger from a raft of memory-allocation bugs discovered by Microsoft in April has now spread to older versions of multiple BlackBerry QNX products. The Cybersecurity Infrastructure and Security Agency CISA and BlackBerry warned in separate alerts Tuesday that threat actors can take...
Fuzz Off: How to Shake Up Code to Get It Right – Podcast
LAS VEGAS – In 2014, two teams of security researchers independently started fuzz testing OpenSSL. Within days, the advanced black-box software technique led to an exploitable vulnerability in OpenSSL: namely, the Heartbleed vulnerability. What is fuzzing? That’s what the FuzzCon event is all...
Ransomware Giant REvil Disappears
All of REvil’s Dark Web sites slipped offline as of early Tuesday morning, and it’s not clear whether it’s due to the ransomware gang getting busted or whether the threat actors did it on purpose. The REvil ransomware operation, a.k.a. Sodinokibi, uses both clear web and Dark Web sites to negotia...
Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors
Several organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide – the ransomware gang behind the Colonial Pipeline hack. According to researchers at Trend Micro, threat actors are taking advantage of the notoriety around the pipeline...
Supreme Court Limits Scope of Controversial Hacking Law
The United States Supreme Court has ruled that a police officer who received money for obtaining data from a law-enforcement database for an associate did not violate a controversial federal hacking law, marking a victory for the ethical hacking community by limiting the law’s scope. In a landmar...
Securing Privileged Access Within Healthcare Orgs
Healthcare organizations have always been high-value targets for cybercriminals, as their networks store large volumes of personally identifiable information PII including Social Security numbers, dates of birth, addresses and very sensitive personal health data. Since the beginning of the COVID-...
What a Year It’s Been: RSA 2021 Embraces ‘Resilience’
Clearly, the months since the world shut down in March of 2020 fomented a radical shift in how people work and live, and it’s brought a range of crises and challenges to bear across the spectrum of our lives. These profound changes and experiences were also felt in cybersecurity, bringing...
100,000 Google Sites Used to Install SolarMarker RAT
Hackers are using search-engine optimization SEO tactics to lure business users to more than 100,000 malicious Google sites that seem legitimate, but instead install a remote access trojan RAT, used to gain a foothold on a network and later infect systems with ransomware, credential-stealers,...
Facebook Disrupts Spy Effort Aimed at Uyghurs
Facebook has taken on a group of hackers in China that target the Uyghur ethnic group with cyberespionage activity. The hacking group, known as Earth Empusa or Evil Eye, was targeting activists, dissidents and journalists involved in the Uyghur community, primarily those living abroad in Australi...
Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World
The payment processing system has steadily evolved over time. Greatly amplified by the COVID-19 pandemic, the use of electronic payment systems in this economy has soared nearly overnight. With online shopping at an all-time high as consumer behaviors shift toward more convenience and flexibility...
WestRock Ransomware Attack Hinders Packaging Production
WestRock – the second-largest packaging company in the U.S. – continues to restore its systems, two weeks after it discovered it was the victim of a ransomware attack. WestRock, which has more than 320 manufacturing facilities globally, creates packaging supplies for a bevy of high-profile client...
Einstein Healthcare Network Announces August Breach
Einstein Health Network, a Pennsylvania-based company operating medical rehab, outpatient and primary care centers, announced a breach of its employee email system, which exposed patient personal and medical information. The company waited more than five months to make the compromise public...
A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets
The new year started off with a bang, with the SolarWinds hack revealed in late December acting as a jarring reminder to companies and U.S. government departments alike that cybercriminals continue to successfully exploit security lapses in technology. But beyond the SolarWinds supply-chain...
It’s Not the Trump Sex Tape, It’s a RAT
As outgoing President Donald Trump continues to dominate headlines, cybercriminals have decided to horn in on the much-gossiped-about — and yet to materialize — Trump sex tape as a lure for malware delivery. A campaign has been uncovered that labels a malware downloader with the filename...
Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business
Ticketmaster must pay a hefty $10 million fine after several employees utilized unlawfully obtained passwords to hack a rival company’s computer systems – in attempts to “choke off” its business. The American ticket sales and distribution giant, which is owned by Live Nation, in 2013 hired an...
Cryptologists Crack Zodiac Killer's 340 Cipher
A remote team of three hobbyist cryptologists have solved one of the Zodiac Killer’s cipher after a half century. And while the name of the elusive serial killer remains hidden, the breakthrough represents a triumph for cryptology and the basic building blocks of cybersecurity — access control an...
Electronic Medical Records Cracked Open by Unpatched OpenClinic Bugs
Four vulnerabilities have been discovered in the OpenClinic application for sharing electronic medical records. The most concerning of them would allow a remote, unauthenticated attacker to read patients’ personal health information PHI from the application. OpenClinic is an open-source health...
Federated Learning: A Therapeutic for what Ails Digital Health
For researchers and physicians the mountains of data hospitals and healthcare systems hold could be a goldmine for artificial intelligence and machine learning, but data privacy concerns and regulations have kept scientists from being able to harness that information to improve outcomes. Now...
Trump Site Alleging AZ Election Fraud Exposes Voter Data
A security flaw on a website set up to gather evidence of in-person voter fraud in Arizona would have opened the door for SQL injection and other attacks. The bug, found on a site set up by Trump campaign called dontpressthegreenbutton.com, was discovered by cybersecurity pro Todd Rossin, almost ...
34M Records from 17 Companies Up for Sale in Cybercrime Forum
A whopping 34 million user records have materialized on an underground sales forum, which cybercriminals claim are gleaned from 17 different corporate data breaches. According to reports, the data appeared late last week, and the theft appears to be the work of a single person or group. The...
Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns
Parked domains, which act as aliases and redirect to other websites, can send visitors to malicious or unwanted landing pages or turn entirely malicious at any point in time – as evidenced by a recent Emotet campaign, a separate effort abusing Comcast and McAfee brands, and an election-themed...
Microsoft Teams Phishing Attack Targets Office 365 Users
Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. In reality, the attack aims to steal Office 365 recipients’ login credentials. Teams is Microsoft’s popular collaboration tool, which has particularly risen in popularity among remote...
Mobile Browser Bugs Open Safari, Opera Users to Malware
A set of address-bar spoofing vulnerabilities that affect a number of mobile browsers open the door for malware delivery, phishing and disinformation campaigns. The bugs, reported by Rapid7 and independent researcher Rafay Baloch, affect six browsers, ranging from the common Apple Safari, Opera...
Garmin Pays Up to Evil Corp After Ransomware Attack — Reports
Garmin, the GPS and aviation tech specialist, reportedly negotiated with Evil Corp for an decryption key to unlock its files in the wake of a WastedLocker ransomware attack. The attack, which started on July 23, knocked out Garmin’s fitness-tracker services, customer-support outlets and commercia...
Microsoft Revamps Windows Insider Preview Bug Bounty Program
Microsoft has revamped its Windows Insider Preview bug bounty program with higher rewards and an improved portal for bounty hunters to report flaws, in an effort to help sniff out more vulnerabilities on its platform. The Microsoft Windows Insider Preview bounty program is part of the Microsoft...
DMARC Adoption Spikes, Higher Ed Remains Behind
Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years — a 2.5 times greater total than in 2018. That’s according to Valimail’s Email Fraud Landscape 2020 report, which also found...
Leaked Details of 142 Million MGM Hotel Guests Found for Sale Online
Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the dark web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. An advertisement on a hacker forum has put 142,479,937 details...
BEC Hotshot with Opulent Social Media Presence to Face U.S. Charges
A Dubai resident with an elaborate lifestyle that he touted on social media – think designer clothes, expensive watches, luxury cars and charter jets – has arrived in the United States to face criminal charges. He is charged with conspiring to engage in money laundering, as part of a business ema...
Encryption Utility Firm Accused of Bundling Malware Functions in Product
An Italian company that sells what it describes as a legitimate encryption utility is being used as malware packer for the cloud-delivered malicious GuLoader dropper, claim researchers. The tool, according a recent investigation, creates GuLoader samples and helps the malware avoid antivirus...
Trump, Biden Campaign Staffers Targeted By APT Phishing Emails
With the U.S. presidential election months away, advanced persistent threat APT groups are targeting the campaign staffers of both Donald Trump and Joe Biden in recent phishing attacks. On Thursday, Shane Huntley with Google’s Threat Analysis Group said on Twitter that two separate phishing...
EasyJet Hackers Take Off with Travel Details for 9M Customers
European budget airline EasyJet has been hacked, with attackers making off with personal details for 9 million customers. It was, the airline said, a “highly sophisticated attack” that exposed the email addresses and travel itineraries of the victims, along with payment-card information for 2,208...
Hackers Dumpster Dive for Taxpayer Data in COVID-19 Relief Money Scams
Threat actors are using a combination of scams to obtain as well as buy and sell credentials for U.S. taxpayers to steal appropriations from the COVID-19 relief package as well as 2020 tax refunds, new research has found. Researchers from Secureworks Counter Threat Unit CTU have observed an...
VPN Concerns with Unplanned Remote Employees
The volume of employees working from home is steadily increasing, especially as local recruiting limits the number of skilled people. This along with the current state of coronavirus means that throughout the world, spikes in work-from-home policies are putting pressure on IT teams to scale virtu...
Building for Billions: Addressing Security Concerns for Platforms at Scale
Security operations once consisted of a multitude of manual operations based around alerts, thresholds and severity levels. As systems scale and platforms continue to grow, how do you keep up with the growing requirements to secure these transactions and the networks they are built upon?...