15946 matches found
Researchers Allege 'Systemic' Privacy, Security Flaws in Popular IoT Devices
Researchers are highlighting the insecure nature of Internet of Things devices in a report released Tuesday alleging a bevy of popular consumer connected devices sold at major retailers such as Walmart and Best Buy are riddled with security holes and privacy issues. In analyzing 12 different IoT...
ThreatList: Credential Theft Spikes by Triple Digits in U.S.
Credential theft was substantially up in the United States during the third quarter – even as declines were charted in Europe and Asia. What credentials go for on the Dark Web. Periodic analysis from Blueliv shows a whopping 141 percent increase in compromised credentials from North American...
GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig
UPDATE GoDaddy, the world’s largest domain name registrar, has exposed high-level configuration information for tens of thousands of systems and competitively sensitive pricing options for running those systems in Amazon AWS, thanks to yet another cloud storage misconfiguration. The documents wer...
Sen. Wyden Urges Government Ban on Adobe Flash
Citing security concerns, Sen. Ron Wyden is urging the government to create a plan to transition away from Adobe Flash before the vendor stops supporting it in 2020. To that end, the Oregon Democrat delivered a formal request to the National Security Agency and the National Institute of Standards...
Microsoft Fixes Bad Patch That Left Win7, Server 2008 Open to Attack
Microsoft released an out-of-band fix on Thursday for a Windows vulnerability introduced earlier this year as a patch. If exploited, the bug could allow an authenticated attacker to install programs, access stored data or create new accounts with full user rights on Windows 7 and Server 2008 R2...
Newly Published Exploit Code Used to Spread Mirai Variant
Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in botnet activity associated with a variant of Mirai. Targeted are ports 23 and 2323 on internet-connected devices made by ZyXEL Communications that are using default admin/CenturyL1nk and admin/QwestM0dem telnet...
Siemens Patches Critical Intel AMT Flaw in Industrial Products
Siemens patched two critical vulnerabilities that affected its industrial products this week. One, tied to a recently disclosed flaw in Active Management Technology – a function of certain Intel processors – could have allowed an attacker to gain system privileges. Another vulnerability could hav...
Exploit Code Released for NTP Vulnerability
A researcher has released a proof-of-concept exploit for a vulnerability in the Network Time Protocol daemon that could crash a server with a single, malformed packet. The Network Time Foundation’s NTP Project on Monday patched the bug and nine others with the release of NTP 4.2.8p9. The...
Adobe Patches Nine Code Execution Flaws in Flash Player
Two weeks after rushing out an emergency patch for a zero-day vulnerability, Adobe today released another Flash Player security update. The new release patched nine vulnerabilities, all of which expose the host system to remote code execution. Adobe said it is not aware of public exploits against...
Patched libarchive Vulnerabilities Have Big Reach
The libarchive programming library was recently patched against three critical memory-related vulnerabilities that could be abused to execute code on computers running the vulnerable software. As is the case with most open source software packages, patching the core library is only half the battl...
Juniper ScreenOS Backdoor Password
Researchers from two security firms have uncovered the password guarding one of the backdoors discovered in Juniper Networks’ ScreenOS, the operating system behind its NetScreen enterprise-grade firewalls. Fox-IT and Rapid7 found the secret code, which was disguised to look like debug code, said...
Emergency Adobe Flash Zero Day Patch Arrives Ahead of Schedule
Adobe has decided to patch the zero day vulnerability that was disclosed in Flash Player earlier this week today — instead of next week as originally scheduled. According to a security bulletin Adobe posted this morning the update actually fixes three vulnerabilities in the software, but the most...
Control Flow Guard Mitigation Bypass
Introduced in Windows 8.1 Update 3 and Windows 10, Control Flow Guard was Microsoft’s latest antidote to memory-corruption attacks. The technology was meant to stand up to attacks that had long ago figured out how to bypass previous-generation protections such as Address Space Layout Randomizatio...
Android Stagefright Exploit Code Released to Public
Joshua Drake, the researcher who found the so-called Stagefright vulnerability in Android, today released exploit code to the public, which he hopes will be used to test systems’ exposure to the flaw. The move comes more than a month after vulnerability details were released in August during...
Edward Snowden Effect on Privacy Attitudes
Serious concessions have been made about privacy post-Snowden, in particular about how personal information is processed and consumed online. Results from a survey conducted by the Pew Research Center of Washington, D.C., show that the Snowden leaks have raised consumers’ consciousness about not...
VMware Patches Apache Struts Flaws in vCOPS
VMware has patched several serious security vulnerabilities in its vCenter Operations Center Management suite, one of which could lead to remote code execution on vulnerable machines. All of the vulnerabilities that the company patched lie in the Apache Struts Java application framework, and the...
AskMen Purportedly Compromised by Nuclear Pack Kit
Users who visit AskMen.com, a men’s entertainment and lifestyle portal, are being hit with malicious code, potentially stemming from the Nuclear Pack exploit kit, researchers announced today. When a user stumbles across the site – or a localized version aus.askmen.com, etc. of it – malicious code...
PHP Updated to Fix Heartbleed, Other Bugs
The maintainers of PHP have released two new versions of the scripting language that fix a number of bugs, including a pair of vulnerabilities related to OpenSSL. Versions 5.4.28 and 5.5.12 both contain that important patch, as well as fixes for more than a dozen other vulnerabilities. The fix fo...
Google Patches 31 Flaws in Chrome
Google has patched a long list of serious security vulnerabilities in Chrome, including at least 19 highly rated flaws. The company patched a total of 31 vulnerabilities in Chrome 34 and paid out more than $28,000 in rewards to researchers who reported bugs to Google. Among the security fixes in...
Google Fixes 28 Security Flaws in Chrome 33
Google Chrome 33 is out, and the new version of the browser includes fixes for 28 security vulnerabilities, including a number of high-severity bugs. The company paid out more than $13,000 in rewards to researchers who reported vulnerabilities that were fixed in this release. One of the...
New IE Zero Day Found Targeting Military Intelligence
Attackers were able to compromise the U.S. Veterans of Foreign Wars’ website this week and serve up a previously unknown zero day exploit in Internet Explorer 10, and while motivation behind the campaign is still unclear, experts are speculating its aim was to procure military intelligence...
Exploit Kit Adds Vector for Silverlight Vulnerability
Developers behind the Angler Exploit Kit have apparently added a new exploit over the last week that leverages a known vulnerability in Microsoft’s Silverlight browser framework. Silverlight, similar to Adobe Flash, is Microsoft’s plug-in for streaming media on browsers and is perhaps most known...
Apple Releases iOS 6.1 With Fixes for More Than 20 Vulnerabilities
Apple has fixed dozens of security vulnerabilities in iOS with the release of version 6.1, including a serious flaw in the kernel and a number of bugs in the WebKit framework. The company also revoked trust in the bad TurkTrust certificates that were discovered late last year. One of the key...
Password Cracker Targets Siemens S7 PLCs
Siemens S7 programmable logic controllers, the same PLC family exploited by the Stuxnet malware, are in the crosshairs of a password-cracking tool that is capable of stealing credentials from industrial control systems. PLCs are microprocessors that automate mechanical processes inside factories,...
U.S. Cyber Command Using Classified Intel To Scare CEOs To Action
The U.S.’s Cyber Command is using special, classified briefings with private sector CEOs to scare them into greater vigilance about the threat of cyber attacks, according to an NPR report. The report, quoting unnamed participants in the classified, 2010 briefings said that government officials...
Mobile, Android Threats Continued Sharp Growth in 2011
The occurrence of mobile malware increased by 155 percent across all platforms in 2011, and, according to Juniper Network’s 2011 Mobile Threat Report, malware specifically targeting the Android operating system saw its own increase of more than 3,000 percent. Juniper Networks attributes Android’s...
Google Fixes Three High-Priority Bugs in Chrome
Google has released a new version of its Chrome browser, fixing just a small handful of vulnerabilities in the process. All three of the bugs fixed in Chrome were rated high. The release by Google is a pretty small one by the company’s standards. Often, new versions of Chrome will include fixes f...
New Java Vulnerability Coming Bundled With Exploit Kits
A recently discovered Java vulnerability that’s been circulating throughout the hacking underground has begun to show up alongside the BlackHole exploit kit, according to a post on Brian Krebs’ KrebsonSecurity blog. The National Vulnerability Database claims the vulnerability is found in the Java...
Anatomy of the Duqu Attacks
Stuxnet has become the bogeyman of Internt security and cyberwar, showing up in marketing pitches, PowerPoint presentations and press releases from Washington to Silicon Valley to Tehran. But while Stuxnet has been garnering headlines for more than a year now, the far more serious threat in terms...
U.S. Says Cybercrime a Major National Security Threat
A new report from the National Security Council warns that international cybercrime has reached the upper echelon of threats of to the security of the United States and is responsible for as much as $1 billion in losses in just one year in the U.S. The report, which focuses on a number of broad...
Adobe Flash Bug Being Used in Attacks Via Word Documents
Adobe on Monday warned its customers about a new unpatched vulnerability in its Flash Player application. Officials say that the bug is being used in targeted attacks involving a malicious Flash file embedded in a Microsoft Word document. The Flash vulnerability affects users on Windows, Apple OS...
Apple Plugs 48 Security Holes in Safari Browser
Apple has shipped new versions of its Safari browser with patches for at least 48 security vulnerabilities. The Safari 4.1 and 5.0 updates, considered “highly critical,” is available for both Windows and Mac OS X. Exploitation of some of these vulnerabilities could lead to drive-by download remot...
Microsoft to unveil patch management metrics project
Microsoft on Wednesday plans to launch a new research effort to determine the total cost of the patch-management cycle, from testing and distributing a fix to user deployment of the patch. The end result of the project, which will be completely open and transparent to outsiders, will be a full...
Rethinking Vulnerability Management in a Heightened Threat Landscape
Mariano Nunez, CEO, Onapsis Repeated warnings from CISA and the Biden Administration on the Russian cyber threat over the last several months have heightened the state of alertness for U.S. agencies and businesses across industries, which are expecting ‘tit-for-tat’ cyberattacks from Russia in...
FBI: Rise in Business Email-based Attacks a $43B Headache
The FBI warned the global cost of business email compromise BEC attacks is $43 billion for the time period of June 2016 and December 2021. According to FBI report, 241,206 complaints were lodged by the agency’s Internet Crime Center IC3. BEC or email account compromise EAC are an advanced scammin...
Thousands of Malicious npm Packages Threaten Web Apps
More than 1,300 malicious packages have been identified in the most oft-downloaded JavaScript package repository used by developers, npm, in the last six months — a rapid increase that showcases how npm has become a launchpad for a range of nefarious activities. New research from open-source...
Apple iPhone Malware Tactic Causes Fake Shutdowns to Enable Spying
In the world of mobile malware, simply shutting down a device can often wipe out any bad code, given that persistence after rebooting is a challenge for traditional malicious activity. But a new iPhone technique can hijack and prevent any shut-down process that a user initiates, simulating a real...
Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. TL; DR ------ Analysis of...
3 Top Tools for Defending Against Phishing Attacks
Even with the most sophisticated email scanning and phishing detection system available, phishing emails are still a very common intrusion vector for cybercriminals to use to introduce malware, including ransomware, to a business’ network. That’s because 1 increasingly, legitimate systems are use...
Lazarus Attackers Turn to the IT Supply Chain
Lazarus – a North Korean advanced persistent threat APT group – is working on launching cyberespionage-focused attacks on supply chains with its multi-platform MATA framework. The MATA malware framework can target three operating systems: Windows, Linux and macOS. MATA has historically been used ...
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
The criminal threat group known as TA551 has added the Sliver red-teaming tool to its bag of tracks – a move that may signal ramped up ransomware attacks ahead, researchers said. According to Proofpoint researchers, TA551 aka Shathak has been mounting cyberattacks that start with email thread...
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
Vulnerabilities in the Brizy Page Builder plugin for WordPress sites could be chained together to allow attackers to completely take over a website, according to researchers. Brizy or Brizy – Page Builder has been installed on more than 90,000 sites. It’s billed as an intuitive website builder fo...
MyRepublic Data Breach Raises Data-Protection Questions
Almost 79,400 MyRepublic mobile subscribers have been caught up in a data breach that exposed a range of personal information, the company has confirmed. The Singapore-based ISP and mobile provider said that an “unauthorized data access incident” took place on August 29. The intrusion in question...
Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports
Three weeks after an independent researcher found a critical bug in the Services Australia COVID-19 digital vaccine certificate that would allow an attacker to falsify someone’s vaccine status, it still hasn’t been fixed. Researcher Richard Nelson looked into the security behind a new digital...
XSS Bug in SEOPress WordPress Plugin Allows Site Takeover
A stored cross-site scripting XSS vulnerability in the SEOPress WordPress plugin could allow attackers to inject arbitrary web scripts into websites, researchers said. SEOPress is a search engine optimization SEO tool that lets site owners manage SEO metadata, social-media cards, Google Ad settin...
Apps Built Better: DevSecOps, a Security Silver Bullet
Security should never be an afterthought when developing software and applications. However, as technological advances continue to take hold, the security tools many rely on are changing in real-time, and combatting potential breaches or hacks of your wares before they arise now requires new...
Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing
A Moroccan man suspected of being “Dr HeX” – the prolific threat actor behind a nine-year cyber-blitz on thousands of victims through phishing, website defacing, malware development, fraud and carding – has been arrested. Interpol announced the bust – which took place in Morocco in May – on...
Microsoft Disrupts Large, Cloud-Based BEC Campaign
Threat hunters at Microsoft recently uncovered and disrupted infrastructure that powered a large-scale business email compromise BEC campaign. The infrastructure was hosted on multiple cloud platforms, which allowed it to stay under the radar for quite some time. “The attackers performed discrete...
Bad Apple: App Store Rife with Fraud, Fleeceware
A new analysis from the Washington Post reveals just how widespread fraud is across the Apple App Store, while also offering glimpse into the revenue flowing into Cupertino generated by those malicious activities. The Apple App Store has been under heightened scrutiny for maintaining its iron gri...
Fake Chrome App Anchors Rapidly Worming ‘Smish’ Cyberattack
A new Android malware that impersonates the Google Chrome app has spread to hundreds of thousands of people in the last few weeks, according to researchers. The fake app is being used as part of a sophisticated hybrid cyberattack campaign that also uses mobile phishing to steal credentials. Join...