15946 matches found
Out-of-Band IE Patch Released as More Sites Attacked
Internet Explorer users, exposed to a zero-day vulnerability in the browser and a faulty temporary Fix It from Microsoft, finally got some relief today when the company, as promised, released an out-of-band patch. Meanwhile, a handful of new telco, manufacturing and human rights sites have been...
Google Repairs High-Risk Flaw in Chrome
Google has fixed a couple of security vulnerabilities in its Chrome browser, including a high-risk use-after-free bug and a problem in the way that the Apple OS X driver for some Intel GPUs handles rendering. The biggest fix in Chrome 23 is a patch for the use-after-free vulnerability in the Chro...
Embedded Systems, Critical Infrastructure 'Renovation' Outpacing Security
Scott Tousley, deputy director cybersecurity division at Department of Homeland Security Science & Technology, is an advocate of integrating cybersecurity education into all disciplines of IT and business and risk management. “We don’t want to teach cybersecurity as a stovepipe, but to do it so...
Apple Fixes Flaws, Updates Java 6 for OS X
Apple pushed out a Java update for its Snow Leopard, Lion and Mountain Lion systems Wednesday, fixing vulnerabilities Oracle tackled in last week’s emergency CVE-2012-4681 patch. Both Java for Mac OS X 10.6 Update 10 and Java for OS X 2012-005 update the Java SE 6 plugin and, in what might be a...
Microsoft Patches Critical MS12-060 Office Flaw Being Used in Targeted Attacks
Microsoft on Tuesday fixed a critical vulnerability in a component of Office, SQL Server and other widely deployed applications that attackers already are using in targeted attacks. The flaw in the Microsoft Common Controls component, which was one of the 26 vulnerabilities fixed in nine bulletin...
Nepalese Government Sites Hacked, Serving Zegost Malware
Researchers have uncovered another in an ongoing series of targeted attacks against government agencies and activists, this time an attack that compromised a pair of Nepalese government web sites with code that exploits a Java vulnerability to install a backdoor on vistors’ machines. The attacker...
OpFake, FakeInst Android Malware Variants Continue to Resist Detection
Android devices have remained a constant target of attacks over the last quarter thanks in part to new variants from the FakeInst and OpFake families of malware. According to the latest version of the F-Secure Mobile Threat Report, the firm found 5033 malicious Android application packages APKs, ...
Attackers Go Phishing for Payroll Workers With Java CVE-2012-1723 Exploit
The Java CVE-2012-1723 vulnerability is suddenly the golden child of bugs. The flaw, which Oracle patched in June, has been the target of several pieces of malware and Web-based attacks of late, and now researchers say there is a phishing scam targeting payroll and HR employees that involves and...
Yahoo Sued By User Following Breach of 450,000 Passwords
Internet search conglomerate Yahoo is being sued by one of its users for negligence after the usernames and passwords of approximately 450,000 of its users were leaked by a hacker online last month. According to a complaint .PDF filed earlier this week in a federal court in San Jose, Calif., the...
New Version of Sykipot Trojan Linked To Targeted Attacks On Aerospace Industry
A new version of the Sykipot Trojan is being pushed to unsuspecting users in a wave of online attacks, including targeted attacks on attendees of an international aerospace conference, according to researchers at the security firm AlienVault. The latest edition of the common Trojan Horse program...
New Version of Stoned Bootkit Said to Bypass Windows 8 Secure Boot
A security researcher who has in the past has created low-level rootkits capable of staying resident on an infected machine after reboots, said he has now accomplished the same feat on Windows 8, which hasn’t even hit the shelves yet. Peter Kleissner said he has created a new version of his Stone...
Weaknesses in Webkit Becoming Problematic
Attackers interested in getting the most bang for their buck focus on ubiquitous software. Microsoft’s Office, Adobe’s Acrobat and Oracle’s Java have all become popular platforms exploited by cybercriminals intent on compromising end users’ systems. Another platform has quietly made its way onto...
Anonymous Shifts Attention to Big Oil, Monsanto
Just days after infiltrating military contractor Booz Allen Hamilton, hacktivist group Anonymous has confirmed they’ve set their next target: Big oil. In a post on the AnonNews website, the group has announced their intent to shift their ongoing Operation Green Rights initiative to “protest...
Google Fixes 15 Bugs in Chrome, Gives Users Ability to Delete Flash Cookies
Google has fixed more than a dozen security bugs in its Chrome browser, including five high-severity vulnerabilities and one that qualified for the company’s highest bug bounty, a $3133.7 reward. The new version of Chrome has fixes for 15 separate security vulnerabilities, the most critical of...
Critical Office Hole Patched In November Release
Microsoft issued its monthly patch on Tuesday, releasing three security bulletins to fix security holes in a range of products, including a critical hole in versions of the Microsoft Office Suite. The three bulletins, MS10-087, 088 and -089 fixed a total of 11 vulnerabilities, five in Microsoft...
China Hardest Hit by Latest IE Malware Attacks
Computer users in China and Korea were the hardest hit by the latest wave of zero-day malware attacks targeting a flaw in the Internet Explorer browser, according to data released by the Microsoft Malware Protection Center MMPC. The attacks, first spotted on March 9, included Trojan downloaders a...
Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs
The U.S. government has slapped sanctions on virtual currency mixer Tornado Cash for laundering more than $7 billion in crypto cash derived from cybercriminal activity. At least $455 million of that was moved for state-sponsored Lazarus Group in part to help fund North Korea’s missile program,...
Linux Malware Deemed ‘Nearly Impossible’ to Detect
A new Linux malware that’s “nearly impossible to detect” can harvest credentials and gives attackers remote access and rootkit functionality by acting in a parasitic way to infect targets, researchers said. Researchers from The BlackBerry Research and Intelligence Team have been tracking the...
Cyber Risk Retainers: Not Another Insurance Policy
The one-two punch of a cyberattack can be devastating. There is the breach and then the related mitigation costs. Implementing a comprehensive Incident Response IR gameplan into a worst-case-scenario should not be a post-breach scramble. And when that IR strategy includes insurance, it also must...
Evil Corp Pivots LockBit to Dodge U.S. Sanctions
Evil Corp has shifted tactics once again, this time pivoting to LockBit ransomware after U.S. sanctions have made it difficult for the cybercriminal group to reap financial gain from its activity, researchers have found. Researchers from Mandiant Intelligence have been tracking a “financially...
TrickBot Crashes Security Researchers’ Browsers in Latest Upgrade
Trojan titan TrickBot has added a striking anti-debugging feature that detects security analysis and crashes researcher browsers before its malicious code can be analyzed. The new anti-debugging feature was discovered by Security Intelligence analysts with IBM, who reported the emergence of a...
‘Dark Herring’ Billing Malware Swims onto 105M Android Devices
Nearly 500 malicious apps lurking on the Google Play Store have successfully installed Dark Herring malware — a cash-stealer intended to add sneaky charges onto mobile carrier bills — on more than 100 million Android devices across the globe. That’s quite a school of fish. Dark Herring malware wa...
20K WordPress Sites Exposed by Insecure Plugin REST-API
More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing scams and more as the result of a high-severity cross-site scripting XSS bug discovered in the WordPress Email Template Designer – WP HTML Mail, a plugin for designing custom emails. The new vulnerability...
Adobe Cloud Abused to Steal Office 365, Gmail Credentials
Attackers are leveraging Adobe Creative Cloud to target Office 365 users with malicious links that appear to be coming legitimately from Cloud users but instead direct victims to a link that steals their credentials, researchers have discovered. Researchers from Avanan, a Check Point company, fir...
Facebook Bans Spy-for-Hire Firms for Targeting 50K People
Meta, Facebook’s parent company, has kicked six alleged spy-for-hire “cyber-mercenaries” to the curb, along with a mysterious Chinese law-enforcement supplier. It accused the entities of collectively targeting about 50,000 people for surveillance. In a report PDF entitled “Threat Report on the...
Malicious npm Code Packages Built for Hijacking Discord Servers
A series of malicious packages in the Node.js package manager npm code repository are looking to harvest Discord tokens, which can be used to take over unsuspecting users’ accounts and servers. The npm repository is an open-source home for JavaScript developers to share and reuse code blocks. The...
Finland Faces Blizzard of Flubot-Spreading Text Messages
The Flubot banking trojan is blanketing Finland, spreading via Android phones that are sending millions of malicious text messages. On Friday, the National Cyber Security Centre NCSC-FI at the Finnish Transport and Communications Agency posted a “severe” alert about the malware blizzard, which it...
Proofpoint Phish Harvests Microsoft O365, Google Logins
Phishers are impersonating Proofpoint, the cybersecurity firm, in an attempt to make off with victims’ Microsoft Office 365 and Google email credentials. According to researchers at Armorblox, they spotted one such campaign lobbed at an unnamed global communications company, with nearly a thousan...
Mekotio Banking Trojan Resurges with Tweaked Code, Stealthy Campaign
The Mekotio Latin American banking trojan is bouncing back after several of the gang that operates it were arrested in Spain. More than 100 attacks in recent weeks have featured a new infection routine, indicating that the group continues to actively retool. “The new campaign started right after...
TikTok Serves Up Fresh Gamer Targets
TikTok has made people do all sorts of wild things — eat frozen honey, work on their choreography and even fall for malicious malvertising campaigns. The latest TikTok attacks are getting served to gamers on the platform disguised as “free” or “hacked” versions of games like Among Us, free Steam...
Facebook Blames Outage on Faulty Router Configuration
As of Monday night, Facebook had crawled back from what may have been its longest blackout ever and apologized for the mass outage that left billions of users locked out of Facebook, Instagram, WhatsApp, Messenger and Oculus VR for about six hours. \Sincere\ apologies to everyone impacted by...
Military’s RFID Tracking of Guns May Endanger Troops
Reports that the military has started outfitting firearms with RFID tags for tracking have raised security alarms. The concern: What if the enemy uses the tags to track soldiers on the battlefield? The Department of Defense, the Marines and the Navy have already rejected the RFID tagging tech for...
Conti Ransomware Expands Ability to Blow Up Backups
Good at identifying and obliterating backups? Speak Russian? The notorious Conti ransomware group may find you a fine hiring prospect. That’s according to a report published on Wednesday by cyber-risk prevention firm Advanced Intelligence, which details how Conti has honed its backup destruction ...
Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN
Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The flaws impact Cisco’s wireless controllers, SD-WAN offering and configuration mechanisms in use for scads of products. The...
FamousSparrow APT Spies on Hotels, Governments
A cyberespionage group dubbed “FamousSparrow” by researchers has taken flight, targeting hotels, governments and private organizations around the world with a custom backdoor called, appropriately, “SparrowDoor.” It’s one of the advanced persistent threats APTs that targeted the ProxyLogon...
Large-Scale Phishing-as-a-Service Operation Exposed
Microsoft uncovered a large-scale, well-organization and sophisticated phishing-as-a-service PhaaS operation. The turnkey platform allows users to customize campaigns and develop their own phishing ploys so they can then use the PhaaS platform to help with phishing kits, email templates and hosti...
HP Omen Hub Exposes Millions of Gamers to Cyberattack
Millions of devices running the HP Omen Gaming Hub were using on a driver with a bug that could give attackers kernel-mode access without administrator privileges. HP has since released a patch, but a new report on the flaw CVE-2021-3437 from researchers from SentinelLabs details how the gaming...
WooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce Pricing
A security vulnerability in the WooCommerce Multi Currency plugin could allow any customer to change the pricing for products in online stores. WooCommerce is a popular eCommerce plugin for WordPress-powered websites; the Multi Currency plugin from Envato meanwhile allows e-tailers using...
Tooling Network Detection & Response for Ransomware
Everywhere you look, there are new reports coming out about ransomware. And cybercriminals are becoming more aggressive, demanding even more in ransom payments than ever before. According to Palo Alto Networks’ Unit 42, ransom payments are up 82 percent in the first half of 2021, with an average...
Microsoft Spills 38 Million Sensitive Data Records Via Careless Power App Configs
For months, Microsoft’s Power Apps portals exposed personal data tied to 38 million records ranging from COVID-19 vaccination status, Social Security numbers and email addresses. Consumers most affected by what is being called a “platform issue” are those doing business with American Airlines,...
Users Clueless About Cybersecurity Risks: Study
Organizations are facing yet another unprecedented threat to their cybersecurity now that employees are headed back into offices with their personal devices, lax security hygiene and no clue about some of the most catastrophic attacks in history, such as the Colonial Pipeline shutdown. A new surv...
Avaddon Ransomware Gang Evaporates Amid Global Crackdowns
Ransomware group Avaddon has decided to shutter its criminal enterprise after landing in the crosshairs of law-enforcement agencies in the U.S. and Australia. Avaddon, a prolific ransomware-as-a-service RaaS provider, released its decryption keys to BleepingComputer — 2,934 in total — with each k...
CopperStealer Malware Targets Facebook and Instagram Business Accounts
A malware that until now has gone undocumented has been quietly hijacking online accounts of advertisers and users of Facebook, Apple, Amazon, Google and other web giants since July 2019 and then using them for nefarious activity, researchers have found. Dubbed CopperStealer, the malware acts...
Industrial Networks See Sharp Uptick in Hackable Security Holes
It’s on: Adversaries, CISOs and researchers are all simultaneously involved in a frantic race to find cybersecurity vulnerabilities hiding within industrial networks, according to the latest Biannual ICS Risk and Vulnerability report from Claroty. The report analyzed all publicly disclosed...
Feds Issue Recommendations for Maritime Cybersecurity
The White House has released cybersecurity guidance for securing the Maritime Transportation System MTS, which operates along 25,000 miles of coastal and inland waterways in the United States. The document points out that the MTS encompasses “361 ports, 124 shipyards, more than 3,500 maritime...
Holiday Puppy Swindle Has Consumers Howling
Puppy photos are undeniably irresistible but beware; researchers have uncovered a scheme selling fake German Shepherd puppies for Bitcoin, leaving buyers crushed and without a tiny fuzzy friend to cuddle on Christmas morning. The scam was discovered by an intrepid researcher at Anomali, who got...
Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks
A recently uncovered zer0-click Apple zero-day flaw, used in a spyware campaign against Al Jazeera journalists, shed light this week on the impact of Apple security issues being abused by bad actors. In 2020, the security research community saw an array of “powerful” Apple bugs afflicting iOS,...
Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor
Commodity malware backdoor SystemBC has evolved to now automate a number of key activities, as well as use the anonymizing Tor platform. These overarching changes make it both easier for cybercriminals to deploy the backdoor, as well as cloak the destination of the command-and-control C2 traffic...
Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic
German divers for the environmental group World Wildlife Fund were searching the ocean floor for abandoned nets threatening marine wildlife. What they found instead is a treasured piece of computing history, a World War II-era German Enigma crypto machine, sunk to the bottom of the Baltic Sea to...
Chinese Breakthrough in Quantum Computing a Warning for Security Teams
China’s top quantum-computer researchers have reported that they have achieved quantum supremacy, i.e., the ability to perform tasks a traditional supercomputer cannot. And while it’s a thrilling development, the inevitable rise of quantum computing means security teams are one step closer to...