15946 matches found
DDoS Attacks Skyrocket as Pandemic Bites
The first half of 2020 saw a significant uptick in the number of distributed denial-of-service DDoS attacks compared to the same period last year — a phenomenon that appears to be directly correlated to the global coronavirus pandemic. Neustar’s Security Operations Center SOC saw a 151 percent...
DoJ Indicts Two Hackers for Defacing Websites with Pro-Iran Messages
The Department of Justice DoJ has indicted two hackers – including one teenager – for allegedly vandalizing more than 50 websites hosted in the U.S. with pro-Iran messages. The indictment, unsealed on Tuesday, indicts Behzad Mohammadzadeh, a national of the Islamic Republic of Iran who is believe...
Report Looks at COVID-19’s Massive Impact on Cybersecurity
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the COVID-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to COVID-19. Of course, malicious downloads would be COVID-19 related...
Bluetooth Spoofing Bug Affects Billions of IoT Devices
A team of academic researchers have discovered a Bluetooth Low Energy BLE vulnerability that allows spoofing attacks that could affect the way humans and machines carry out tasks. It potentially impacts billions of Internet of Things IoT devices, researchers said, and remains unpatched in Android...
Data Breaches Expose Vets, COVID-19 Patients
A pair of healthcare-related data breaches at high-profile government agencies has impacted tens of thousands of people. First, a cyberattack at the U.S. Department of Veterans Affairs VA has impacted about 46,000 veterans, exposing their financial information. And another incident, at the U.K.’s...
QR Codes Serve Up a Menu of Security Concerns
Quick Response QR codes are booming in popularity and hackers are flocking to exploit the trend. Worse, according to a new study, people are mostly ignorant to how QR codes can be easily abused to launch digital attacks. The reason QR code use is skyrocketing is tied to more brick-and-mortar...
IBM Spectrum Protect Plus Security Open to RCE
IBM has issued fixes for vulnerabilities in Spectrum Protect Plus, Big Blue’s security tool found under the umbrella of its Spectrum data storage software branding. The flaws can be exploited by remote attackers to execute code on vulnerable systems. IBM Spectrum Protect Plus is a data-protection...
Windows Exploit Released For Microsoft ‘Zerologon’ Flaw
Proof-of-concept PoC exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies’ Active Directory domain controllers DCs. The vulnerability, dubbed “Zerologon,” is a...
MFA Bypass Bugs Opened Microsoft 365 to Attack
Bugs in the multi-factor authentication system used by Microsoft’s cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint. The flaws exist in the implementation o...
Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs
The U.S. government is warning that Chinese threat actors have successfully compromised several government and private sector entities in recent months, by exploiting vulnerabilities in F5 BIG-IP devices, Citrix and Pulse Secure VPNs and Microsoft Exchange servers. Patches are currently available...
Cloud Leak Exposes 320M Dating-Site Records
Users of 70 different adult dating and e-commerce websites have had their personal information exposed, thanks to a misconfigured, publicly accessible Elasticsearch cloud server. In all, 320 million individual records were leaked online, researchers said. All of the impacted websites have one thi...
TikTok Fixes Flaws That Opened Android App to Compromise
Researchers have disclosed four high-severity flaws in the Android version of TikTok that could have easily been exploited by a seemingly benign third-party Android app. If successful, an attacker could fully compromise the target’s TikTok account. Public disclosure of the vulnerabilities was...
Magecart Attack Impacts More Than 10K Online Shoppers
One of the largest known Magecart campaigns to date took place over the weekend, with nearly 2,000 e-commerce sites hacked in an automated campaign that may be linked to a zero-day exploit. The attacks have impacted tens of thousands of customers, who had their credit-card and other information...
APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins
The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. Microsoft researchers have tied APT28 a.k.a. Strontium, Sofacy or Fancy Bear to this newly uncovered pattern of O365 activity, which began in April and is...
Office 365 Phishing Attack Leverages Real-Time Active Directory Validation
Researchers have uncovered a phishing attack using a new technique: Attackers are making use of authentication APIs to validate victims’ Office 365 credentials – in real time – as they enter them into the landing page. Authentication APIs are used by apps and services running on the users’ behalf...
It's No 'Giggle': Managing Expectations for Vulnerability Disclosure
Sometimes vulnerability disclosure goes well — and sometimes it doesn’t. Security researchers still face legal action for “hacking” when reporting the bugs they find — as is the case with a flaw recently reported to the Giggle social network. However — while the vendor-researcher relationship is...
WordPress Plugin Flaw Allows Attackers to Send Forged Emails
More than 100,000 WordPress websites are affected by a high-severity flaw in a plugin that assists websites in sending out emails and newsletters to subscribers. The vulnerability exists in the Email Subscribers & Newsletters plugin by Icegram, which enables users to collect leads, send automated...
Microsoft Warns of Cyberattacks on Trump, Biden Election Campaigns
The U.S. election campaigns of both Donald Trump and Joe Biden have been targeted in a slew of recent cyberattacks, Microsoft said on Thursday. With the U.S. presidential election a mere two months away, in recent weeks cyberattacks targeting people and organizations involved in it have ramped up...
Razer Gaming Fans Caught Up in Data Leak
An estimated 100,000 customers of Razer, a purveyor of high-end gaming gear ranging from laptops to apparel, have had their private info exposed, according to a researcher. Click to register. Security consultant Bob Diachenko ran across a misconfigured Elasticsearch cloud cluster that exposed a...
Bluetooth Bug Opens Devices to Man-in-the-Middle Attacks
A high-severity Bluetooth vulnerability has been uncovered, which could enable an unauthenticated attacker within wireless range to eavesdrop or alter communications between paired devices. The flaw CVE-2020-15802, discovered independently by researchers at the École Polytechnique Fédérale de...
Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans
UPDATE A slew of ransomware attacks and other cyberthreats have plagued back-to-school plans — as if dealing with the pandemic weren’t stressful enough for administrators. Just this week, attacks in Hartford, Conn. and Clark County, Nev. forced public schools to postpone the first day of school, ...
Govt.-Backed Contact-Tracing Apps Raise Privacy Hackles
The Electronic Frontier Foundation is echoing lawmaker concerns that California is not taking privacy seriously enough, as state legislators mull launching a COVID-19 exposure-notification app based on Apple and Google’s smartphone technology. The U.S. nonprofit, which is aimed at protecting...
Product Overview: Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine
We have all heard of the “cybersecurity skills gap” – the inability of firms to hire and retain high-level cybersecurity talent. This gap has been manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, compani...
CDRThief Malware Targets VoIP Gear in Carrier Networks
A malware dubbed CDRThief is targeting voice over IP VoIP softswitches inside the networks of large telecom carriers. According to ESET researchers, the malware was custom-developed to attack the Linknat VOS2009 and VOS3000 softswitches, which run on standard Linux servers. The code is capable of...
Zeppelin Ransomware Returns with New Trojan on Board
The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. A wave of attacks were spotted in August by Juniper Threatlab researchers, making use of a new trojan downloader. These, like an initial Zeppelin wave observed in late 2019, start with phishing emails with...
Google Squashes Critical Android Media Framework Bug
Google patched a critical vulnerability in the Media Framework of its Android operating system, which if exploited could lead to remote code execution attacks on vulnerable devices. Overall, Google fixed flaws tied to 53 CVEs as part of its September security updates for the Android operating...
TeamTNT Gains Full Remote Takeover of Cloud Instances
The TeamTNT cybercrime gang is back, attacking Docker and Kubernetes cloud instances by abusing a legitimate cloud-monitoring tool called Weave Scope, according to researchers. The open-source Weave Scope “provides a top down view into your app as well as your entire infrastructure, and allows yo...
Critical Flaws in 3rd-Party Code Allow Takeover of Industrial Control Systems
Six critical vulnerabilities have been discovered in a third-party software component powering various industrial systems. Remote, unauthenticated attackers can exploit the flaws to launch various malicious attacks – including deploying ransomware, and shutting down or even taking over critical...
Spyware Labeled 'TikTok Pro' Exploits Fears of U.S. Ban
Researchers have discovered a new Android spyware campaign pushing a “Pro” version of the TikTok app that is exploiting fears among its young and gullible users that the popular social media app is on the cusp of being banned in the United States. The malware can take over basic device...
Microsoft's Patch Tuesday Packed with Critical RCE Bugs
Microsoft has released patches for 129 security bugs in its September Patch Tuesday update. These include 23 critical flaws, 105 that are important in severity and one moderate bug. Fortunately, none are publicly known or under active exploitation, Microsoft said. The most severe issue in the bun...
Critical Intel Active Management Technology Flaw Allows Privilege Escalation
Intel patched a critical privilege escalation vulnerability in its Active Management Technology AMT, which is used for remote out-of-band management of PCs. AMT is part of the Intel vPro platform Intel’s umbrella marketing term for its collection of computer hardware technologies and is primarily...
Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
UPDATE Adobe has released fixes addressing five critical flaws in its popular Experience Manager content-management solution for building websites, mobile apps and forms. The cross-site scripting XSS flaws could allow attackers to execute JavaScript in targets’ browsers. Including Adobe Experienc...
Cryptobugs Found in Numerous Google Play Store Apps
Researchers have discovered more than 300 apps on the Google Play Store breaking basic cryptography code using a new tool they developed to dynamically analyze it. Academics from Columbia University developed a custom tool, CRYLOGGER, that analyzes Android applications for unsafe use of...
Bug in Google Maps Opened Door to Cross-Site Scripting Attacks
A researcher earned a double-payment totaling $10,000 for a cross-site scripting XSS bug he found in Google Maps. He earned $5,000 initially. But when Google’s patch fell short, the researcher earned a second $5,000 for discovering the bypass to the fix. Zohar Shachar, head of application securit...
How Zero Trust and SASE Can Redefine Network Defenses for Remote Workforces
Zero Trust has been touted for years as the future of network security. But, only recently has it started to gain traction as a practical enterprise security framework. The implementation of digital transformation initiatives has thrust Zero Trust into the spotlight as network applications and...
CEOs Could Be Held Personally Liable for Cyberattacks that Kill
A full 75 percent of top brass at companies will be personally on the hook for cyber-physical security CSP incidents by 2024 – especially those that involve fatalities. That’s according to the Gartner research firm, which predicted this week that CEOs soon will no longer be able to hide behind...
Social Media: Thwarting The Phishing-Data Goldmine
Phishing attacks are on the rise and are more widespread — and successful — than ever before. They’ve gone way beyond mocked-up bank emails littered with malicious links although those are still around, too. Today’s hackers now target mobile users across multiple vectors, such as text and SMS...
Vulnerability Disclosure: Ethical Hackers Seek Best Practices
The process of vulnerability disclosure has improved over the years, but still too many security researchers face threats when trying to report bugs. Disclosure policies that give ethical hackers clear guidelines are vast and varied and are seldom universally followed, which adds to the friction...
Facebook Debuts Third-Party Vulnerability Disclosure Policy
Facebook has implemented a fresh security vulnerability disclosure policy VDP this week – in an effort to explain how it decides when and how to roll out details on various bugs that its team finds in third-party software and open-source projects. Generally speaking, companies will have 21 days t...
Attackers Steal Outlook Credentials Via Overlay Screens on Legitimate Sites
Attackers are on the prowl for enterprise Microsoft Outlook credentials, with a new phishing campaign that leverages email-quarantine policies and uses an overlay screen tactic — on top of legitimate company webpages — to lure in victims. The campaign was discovered after successfully targeting a...
WhatsApp Discloses 6 Bugs via Dedicated Security Site
Facebook-owned WhatsApp has fixed six previously undisclosed vulnerabilities in its chat platform, revealing the move on a new dedicated security advisory site aimed at informing its more than 2 million users about bugs and keeping them updated on app security. The site is part of an effort by...
Attackers Can Exploit Critical Cisco Jabber Flaw With One Message
Researchers are warning of a critical remote code-execution RCE flaw in the Windows version of Cisco Jabber, the networking company’s video-conferencing and instant-messaging application. Attackers can exploit the flaw merely by sending targets specially crafted messages – no user interaction...
Google Ups Product-Abuse Bug Bounties
Google is increasing the reward amounts in its bug-bounty program for reports focusing on potential attacks in the product-abuse space, to top out at $13,337 per report. Product abuse is when a threat actor uses a legitimate service in a way that enables social-engineering or other cyberattacks...
Python-based Spy RAT Emerges to Target FinTech
The Evilnum group, which specializes in targeting financial technology companies, has debuted a new tool: A Python-based remote access trojan RAT, dubbed PyVil. The malware’s emergence dovetails with a change in the chain of infection and an expansion of infrastructure for the APT. According to...
NSA Mass Surveillance Program Illegal, U.S. Court Rules
A U.S. federal appeals court ruled that the controversial National Security Agency NSA mass surveillance program exposed in 2013 was illegal – and may have even been unconstitutional. The call comes seven years after former NSA contractor and whistleblower Edward Snowden outed the mass surveillan...
India Blocks High-Profile Chinese Apps on Political, Privacy Concerns
India has blocked 118 more mobile apps in its continued crackdown on the use mobile apps from China, citing concerns that they transmit user data out of the country and threaten its “sovereignty and integrity” as political tensions between the two countries rise. Though not all of the apps banned...
U.S. Agencies Must Adopt Vulnerability-Disclosure Policies by March 2021
The U.S. government’s cybersecurity agency is now requiring federal agencies to implement vulnerability-disclosure policies VDPs, which would give ethical hackers clear guidelines for submitting bugs found in government systems, by next March. Currently, most federal agencies lack a formal...
BEC Wire Transfers Average $80K Per Attack
The average wire-transfer loss from business email compromise BEC attacks is significantly on the rise: In the second quarter of 2020 the average was $80,183, up from $54,000 in the first quarter. That’s according to the recently released Anti-Phishing Working Group APWG’s Phishing Activity Trend...
Triple-Threat Cryptocurrency RAT Mines, Steals and Harvests
A previously undocumented malware family called KryptoCibule is mounting a three-pronged cryptocurrency-related attack, while also deploying remote-access trojan RAT functionality to establish backdoors to its victims. According to researchers at ESET, the malware has been seen targeting victims...
Joker Spyware Plagues More Google Play Apps
Google has deleted six apps from its Google Play marketplace that were infecting users with the Joker malware a.k.a. Bread. Together, the apps – which tout functionalities ranging from text messaging to emoji wallpaper – account for nearly 200,000 installs, researchers with Pradeo said in a post...