'EmoCrash' Exploit Stoppered Emotet For 6 Months

A researcher was able to exploit a vulnerability in Emotet – effectively causing the infamous malware to crash and preventing it from infecting systems for six months. Emotet, which first emerged in 2014 and has since then evolved into a full fledged botnet that’s designed to steal account...

Jack Daniels, Ritz London Face Cyberattacks

A pair of cyberattacks on high-profile targets – the owner of the Jack Daniels distillery and the iconic Ritz London hotel – have resulted in the exposure of sensitive information. The maker behind Jack Daniels and other alcoholic beverages, Brown-Forman Corp., has suffered a recent cyberattack b...

Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts

Canadian authorities said almost 15,000 online accounts for various government services have been targeted in three recent waves of credential-stuffing attacks. These accounts could give attackers access to Canadians’ tax-related and benefits information, coronavirus relief fund money and more...

PoC Exploit Targeting Apache Struts Surfaces on GitHub

Proof-of-concept exploit code surfaced on GitHub on Friday, raising the stakes on two existing Apache Struts 2 bugs that allow for remote code-execution and denial-of-service attacks on vulnerable installations. The Cybersecurity and Infrastructure Security Agency CISA issued an alert regarding t...

Mac Users Targeted by Spyware Spreading via Xcode Projects

A campaign aimed at Mac users is spreading the XCSSET suite of malware, which has the capability to hijack the Safari web browser and inject various JavaScript payloads that can steal passwords, financial data and personal information, deploy ransomware and more. Infections are propagating via...

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

A plugin that is designed to add quizzes and surveys to WordPress websites has patched two critical vulnerabilities. The flaws can be exploited by remote, unauthenticated attackers to launch varying attacks – including fully taking over vulnerable websites. The plugin, Quiz and Survey Master, is...

UPDATE: Canon Ransomware Attack Results in Leaked Data, Report

UPDATE The Maze ransomware gang has reportedly leaked Canon U.S.A. data online. Researchers said in April that the Maze gang had created a dedicated web page, which lists the identities of its non-cooperative victims who don’t pay ransoms and regularly publishes samples of the stolen data. This s...

Instagram Retained Deleted User Data Despite GDPR Rules

Instagram kept copies of deleted pictures and private direct messages on its servers even after someone removed them from their account. The Facebook-owned service acknowledged the slipup and awarded a security researcher $6,000 for finding the bug. Researcher Saugat Pokharel discovered the...

NSA, FBI Warn of Linux Malware Used in Espionage Attacks

UPDATE The U.S. government is warning of new malware, dubbed Drovorub, that targets Linux systems. It also claims the malware was developed for a Russian military unit in order to carry out cyber-espionage operations. The malware, Drovorub, comes with a multitude of espionage capabilities,...

CactusPete APT Hones Toolset, Resurfaces with New Espionage Targets

The China-based APT known as CactusPete has returned with a new campaign aimed at military and financial targets in Eastern Europe, which is a new geography for the group’s victimology, according to researchers. The group also used a fresh variant of the Bisonal backdoor, which allows the attacke...

Zoom Faces More Legal Challenges Over End-to-End Encryption

Video-conferencing behemoth Zoom has been hit with yet another lawsuit stemming from its claim to offer end-to-end encryption for sessions. The suit, filed in a Washington D.C. court PDF this week by a nonprofit advocacy group called Consumer Watchdog, alleges that the company falsely told users...

New Global Threat Landscape Report Reveals 'Unprecedented' Cyberattacks

A newly released threat report, tracking the biggest trends in the cybercriminal landscape, shows that attackers have been capitalizing on the global pandemic in various ways – from ransomware to web-based malware. Derek Manky Derek Manky, Chief, Security Insights & Global Threat Alliances at...

ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls

Researchers have discovered an attack on the Voice over LTE VoLTE mobile communications protocol that can break its encryption and allow attackers to listen in on phone calls. Dubbed ReVoLTE, the attack — detailed by a group of academic researchers from Ruhr University Bochum and New York...

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

A high-severity flaw has been disclosed in TinyMCE, an open-source text editor used in the content management systems CMS of websites. The recently patched flaw could have been potentially exploited remotely by attackers to gain administrative privileges to websites. TinyMCE, developed by Tiny...

Amazon Fixes Alexa Glitch That Could Have Divulged Personal Data

UPDATE Vulnerabilities in Amazon’s Alexa virtual assistant platform could allow attackers to access users’ personal information, like home addresses – simply by persuading them to click on a malicious link. Researchers with Check Point found several web application flaws on Amazon Alexa subdomain...

Citrix Warns of Critical Flaws in XenMobile Server

Citrix is urging users to immediately patch a pair of critical flaws in its flagship mobile device management software. If exploited, the flaws could allow remote, unauthorized attackers to access domain account credentials – ultimately opening the door to a treasure trove of corporate data,...

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic

TikTok has been collecting unique identifiers from millions of Android devices without their users’ knowledge using a tactic previously prohibited by Google because it violated people’s privacy, new research has found. Click to register! The app concealed the practice, which can track users onlin...

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal

Since COVID-19 cast its pall in March, the Agent Tesla remote-access trojan RAT has exploited the pandemic and added a raft of functionality that has helped it dominate the enterprise threat scene. Though Agent Tesla first made a splash six years ago, it hasn’t lost any momentum – in fact, it is...

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

Two Microsoft vulnerabilities are under active attack, according the software giant’s August Patch Tuesday Security Updates. Patches for the flaws are available for the bugs, bringing this month’s total number of vulnerabilities to 120. One of the flaws being exploited in the wild is CVE-2020-146...

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

Intel is warning of a rare critical-severity vulnerability affecting several of its motherboards, server systems and compute modules. The flaw could allow an unauthenticated, remote attacker to achieve escalated privileges. The recently patched flaw CVE-2020-8708 ranks 9.6 out of 10 on the CVSS...

Critical Adobe Acrobat and Reader Bugs Allow RCE

Adobe has plugged 11 critical security holes in Acrobat and Reader, which if exploited could allow attackers to remotely execute code or sidestep security features in the app. As part of its regularly scheduled security updates, Tuesday, Adobe fixed critical- and important-severity flaws tied to ...

Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development

Much has been made of the cybersecurity skills shortage: It has long been an issue that many companies can’t effectively source the in-house talent they need, even as threats accelerate in both volume and sophistication. A recent survey however shows that the situation doesn’t appear to be...

Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping

Researchers have disclosed a slew of critical-severity, patched flaws in flagship Samsung smartphones – including the Galaxy S7, S8 and S9 models. The vulnerabilities specifically stem from Samsung’s “Find My Mobile” service, a feature built into the smartphones allowing users to locate their...

Researcher Publishes Patch Bypass for vBulletin 0-Day

A security researcher has published proof-of-concept code to outsmart a patch issued last year for a zero-day vulnerability discovered in vBulletin, a popular software for building online community forums. Calling a patch for the flaw a “fail” and “inadequate in blocking exploitation,” Austin-bas...

Google Fixes Mysterious Audio Recording Blip in Smart Speakers

After Google Home users started receiving mysterious alerts when their fire alarms went off or their plates smashed in their homes, Google acknowledged that it accidentally rolled out a feature causing the smart devices to record sounds without the voice prompt. Reports of the privacy faux pas...

Google Chrome Browser Bug Exposes Billions of Users to Data Theft

A vulnerability in Google’s Chromium-based browsers would allow attackers to bypass the Content Security Policy CSP on websites, in order to steal data and execute rogue code. The bug CVE-2020-6519 is found in Chrome, Opera and Edge, on Windows, Mac and Android – potentially affecting billions of...

DDoS Attacks Cresting Amid Pandemic

The number of distributed denial-of-service DDoS attacks spiked in the second quarter of 2020, researchers said. According to the latest Kaspersky quarterly DDoS attacks report, DDoS events were three times more frequent in comparison to the second quarter last year up 217 percent, and were up 30...

TeamViewer Flaw in Windows App Allows Password-Cracking

Popular remote-support software TeamViewer has patched a high-severity flaw in its desktop app for Windows. If exploited, the flaw could allow remote, unauthenticated attackers to execute code on users’ systems or crack their TeamViewer passwords. TeamViewer is a proprietary software application...

Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

Six serious bugs in Qualcomm’s Snapdragon mobile chipset impact up to 40 percent of Android phones in use, according research released at the DEF CON Safe Mode security conference Friday. The flaws open up handsets made by Google, Samsung, LG, Xiaomi and OnePlus to DoS and escalation-of-privilege...

Attackers Horn in on MFA Bypass Options for Account Takeovers

An uptick in business email compromise attacks is being attributed to successful compromises of multi-factor authentication MFA and conditional access controls, according to researchers. While brute-forcing and password spraying techniques are the most common way to mount account takeovers, more...

Have I Been Pwned Set to Go Open-Source

Have I Been Pwned, the service that logs data breaches and lets individuals search to see if they’ve been affected by one, is about to go open-source. The result of that, according to its founder, will be additional transparency and security-enhancing features. HIBP, which was kicked off in 2013,...

Hackers Dump 20GB of Intel's Confidential Data Online

More than 20 gigabytes of proprietary data and source code from chipmaker Intel Corp. was dumped online by a third party, likely the result of a data breach from earlier this year. The announcement of the “first 20gb release in a series of large Intel leaks” was made by user and IT consultant...

Augmenting AWS Security Controls

Has the onslaught of lackluster webinars over the past few months left you wanting more? Are you seeking practical, relevant, and usable information and advice on how to stay secure in the cloud? Well, you’re in luck! DivvyCloud, the leading provider of cloud and container security and compliance...

Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem

Social media used as a cudgel for nation-states to sway opinion is a cybersecurity threat CISOs can’t ignore — and need to understand better and mitigate against. That’s the message from Renée DiResta, research manager at the Stanford Internet Observatory, who said she is seeing a steady growth a...

Black Hat 2020: Mercedes-Benz E-Series Rife with 19 Bugs

The Mercedes-Benz E-Class went to market riddled with 19 vulnerabilities, which, among other things, could enable attackers to remotely unlock the car door and start its engine. Researchers say the flaws, detailed at Black Hat USA on Thursday, potentially impacted over 2 million Mercedes-Benz...

Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack

Satellite internet communications are susceptible to eavesdropping and signal interception by far-flung attackers located in a different continent or country from their victims. And all they need is $300 worth of off-the-shelf equipment to pull it off. That’s the word from James Pavur, an academi...

High-Severity Cisco DoS Flaw Plagues Small-Business Switches

Cisco is warning of a high-severity flaw that could allow remote, unauthenticated attackers to cripple several of its popular small-business switches with denial of service DoS attacks. The vulnerability stems from the IPv6 packet processing engine in the switches. IPv6 also known as Internet...

Black Hat 2020: 'Zero-Click' MacOS Exploit Chain Uses Microsoft Office Macros

A new “zero-click” MacOS exploit chain could allow attackers to deliver malware to MacOS users using a Microsoft Office document with macros. The attack bypasses security measures that both Microsoft and Apple have put in place to protect MacOS users from malicious macros. The exploit chain,...

Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

Researchers are warning that a new class of botnets could be marshaled and used to manipulate energy markets via zombie armies of power-hungry connected devices such as air conditioners, heaters, dryers and digital thermostats. A coordinated attack could cause an energy stock index to predictably...

U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling

The U.S. government is concerned about foreign interference in the 2020 election, so much so that it will offer a reward of up to $10 million for anyone providing information that could lead to tracking down potential cybercriminals aiming to sabotage the November vote. The U.S. Department of...

Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs

A stack of Linux backdoor malware used for espionage, compiled dynamically and customizable to specific targets, is being used as a shared resource by five different Chinese-language APT groups, according to researchers. According to an analysis from BlackBerry released at Black Hat 2020 on...

Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers

Voting machine-maker Election Systems & Software ES&S has formally announced a vulnerability disclosure policy, Wednesday, during a Black Hat USA 2020 session. The move, which comes with the U.S. presidential elections looming in November, shows that voting-machine vendors are beginning to take t...

Twitter Fixes High-Severity Flaw Affecting Android Users

Twitter has fixed a vulnerability in its Android app, which could have enabled attackers to access private Twitter data, like direct messages DMs on Android devices. The flaw is related to an underlying Android operating system OS security issue CVE-2018-9492, which affects operating system...

Black Hat 2020: Scaling Mail-In Voting Spawns Broad Challenges

Security researcher Matt Blaze opened Black Hat 2020 with a call-to-arms for cybersecurity experts, asking them during his keynote to leverage their passion for election security to help secure the upcoming U.S. presidential elections, which will likely be a mostly vote-by-mail affair. “This...

Black Hat 2020: Open-Source AI to Spur Wave of 'Synthetic Media' Attacks

An abundance of deep-learning and open-source technologies are making it easy for cybercriminals to generate fake images, text and audio called “synthetic media”. This type of media can be easily leveraged on Facebook, Twitter and other social media platforms to launch disinformation campaigns wi...

High-Severity Android RCE Flaw Fixed in August Security Update

Google has released patches addressing a high-severity issue in its Framework component, which if exploited could enable remote code execution RCE on Android mobile devices. Overall, 54 high-severity flaws were patched as part of Google’s August security updates for the Android operating system,...

Microsoft Teams Patch Bypass Allows RCE

COVID-19 has spurred the use of videoconferencing for businesses worldwide – and this expanded threat surface has lured attackers like moths to a flame. Adding insult to injury, researchers have recently discovered a workaround for a previous patch issued for Microsoft Teams, that would allow a...

NSA Warns Smartphones Leak Location Data

Mobile devices expose location data in more ways than most people know, and turning off services such as Find My Phone, Wi-Fi and Bluetooth can help mitigate tracking, but are no silver bullet that prevents a third party from tracking users. That’s advice shared by U.S. top spy division, the...

A Cyber 'Vigilante' is Sabotaging Emotet's Return

The banking trojan Emotet has returned after a five-month hiatus. But, in an amusing twist, one cyber vigilante is thwarting the malware’s comeback. Researchers say a mysterious vigilante is fighting the threat actors behind the malware’s comeback by replacing malicious Emotet payloads with...

NetWalker Ransomware Rakes in $29M Since March

The NetWalker ransomware has been around for about a year, but it has really made a name for itself in 2020, racking up around $29 million in extortion gains just since March. First detected in August 2019, NetWalker lingered around before surging in use in March through June, according to an...