15946 matches found
Connected Home Hubs Open Houses to Full Remote Takeover
Three different connected home hubs – Fibaro Home Center Lite, Homematic Central Control Unit CCU2 and Elko’s eLAN-RF-003 – are vulnerable in their older versions to serious bugs that would allow information disclosure, man-in-the-middle MiTM attacks and unauthenticated remote code execution RCE,...
LA County Hit with DoppelPaymer Ransomware Attack
The DoppelPaymer ransomware operators claim that they’ve hit a Los Angeles county with a ransomware attack – and are now leaking the city’s data online, according to a recent report. Impacted is the city of Torrance, a coastal U.S. city in the South Bay region of LA, which has a population of...
Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D
Microsoft has released an out-of-band security update for Microsoft Office, Office 365 ProPlus and Paint 3D. The applications are affected by multiple Autodesk vulnerabilities that, if exploited, could enable remote code execution. The flaws, all rated “important” in severity, are tied to six CVE...
Small Businesses Tapping COVID-19 Loans Hit with Data Exposure
A data breach at the agency in charge of providing financial relief to small businesses during the COVID-19 crisis may have exposed sensitive information of 8,000 business that applied, and may delay payouts, a government official said. The Small Business Administration SBA, which oversees the...
Banking.BR Android Trojan Emerges in Credential-Stealing Attacks
A recently uncovered banking trojan aims to steal Android victims’ online banking credentials and take over their bank accounts, using “elaborate” overlay attack capabilities. The malware, dubbed “Banker.BR” by researchers with IBM X-Force, was spotted in messages targeting users in countries tha...
NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day
The NFL draft is slated to start Thursday, and thanks to the COVID-19 pandemic, it will be the first virtual version of the event ever presented. This raises a few cybersecurity concerns, according to researchers and the teams themselves — but the NFL is planning on knocking the security ball...
RCE Exploit Released for IBM Data Risk Manager
UPDATED Four serious security vulnerabilities in the IBM Data Risk Manager IDRM have been identified that can lead to unauthenticated remote code execution RCE as root in vulnerable versions, according to analysis – and a proof-of-concept exploit is available. IBM weighed in on the problem this...
Oil and Gas Firms Targeted With Agent Tesla Spyware
Attackers are targeting energy companies with the Agent Tesla spyware, as seen in recent spearphishing emails with malicious attachments. Researchers say that until now, Agent Tesla has not been associated with campaigns targeting the oil-and-gas vertical. The emails leverage the tumultuous natur...
Deepfakes and AI: Fighting Cybersecurity Fire with Fire
Today, the most successful and damaging cyberattacks are executed by highly professional criminal networks rather than “lone-wolf” hackers. These criminal organizations have also become highly adept at leveraging artificial intelligence AI and machine learning ML tools, making it extremely hard f...
Cyberattackers Ramp Up to 1.5M COVID-19 Emails Per Day
Cyberattackers have reached a peak of sending 1.5 million malicious emails per day related to the COVID-19 pandemic over the course of the last three months, according to new research. Research from Forcepoint analyzing coronavirus-themed attacks between Jan. 19 to April 18 found cybercriminals...
Mootbot Botnet Targets Fiber Routers with Dual Zero-Days
The Mootbot botnet has been using a pair of zero-day exploits to compromise multiple types of fiber routers. According to researchers, other botnets have attempted to do the same, but have so far failed. According to researchers at NetLab 360, the operators of the Mootbot botnet in late February...
Maze Ransomware Attack Hits Cognizant
IT services giant Cognizant said that it has been hit by the Maze ransomware group in a cyberattack that has caused service disruptions. Cognizant, a Fortune 500 company that employs close to 300,000 people, said that it is providing customers with indicators of compromise IoCs and other technica...
Foxit PDF Reader, PhantomPDF Open to Remote Code Execution
Foxit Software has released patches for dozens of high-severity flaws impacting its PDF reader and editor platforms. The most severe of the bugs, which exist on Windows versions of the software, enable a remote attacker to execute arbitrary code on vulnerable systems. Overall, Foxit Software...
Bitcoin Stealers Hide in 700+ Ruby Developer Libraries
About 760 malicious libraries, bent on stealing Bitcoin, have been identified so far in the open-source Ruby programming language code base. According to Tomislav Maljic, threat analyst at ReversingLabs, cybercriminals have been using simple typosquatting to carry out their plan – which is the...
DHS Urges Pulse Secure VPN Users To Update Passwords
The Department of Homeland Security DHS is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN. DHS warns that the Pulse Secure VPN patches may have...
Attacks on Linksys Routers Trigger Mass Password Reset
UPDATE Home Linksys router users were targeted in a cyberattack that changed router settings, and redirected requests for specific webpages and domains to malicious Coronavirus-themed landing pages that were booby-trapped with malware. Researchers identified the attack last month, and earlier thi...
Zoom Bombing Attack Hits U.S. Government Meeting
A U.S. House Oversight Committee meeting was the most recent victim of a Zoom bombing attack, after the meeting was disrupted at least three different times by uninvited attendees. The incident was disclosed in a recent internal letter from Jim Jordan R-Ohio to Carolyn Maloney R-NY, chairwoman fo...
Hackers Update Age-Old Excel 4.0 Macro Attack
Hackers have updated the age-old Excel malware attack technique with a new passwordless twist. Researchers have identified a new method that no longer requires victims to enter a password to open a danger document, more readily exposing them to potential malware infection. Researchers from securi...
Poorly Secured Docker Image Comes Under Rapid Attack
In a vivid example of why cloud infrastructure needs strong security, a simple Docker container honeypot was used for four different criminal campaigns in the span of 24 hours, in a recent lab test. Akamai security researcher Larry Cashdollar set up the Docker image to see what kind of notice it...
New PoetRAT Hits Energy Sector With Data-Stealing Tools
A never-before-seen remote access trojan RAT has been discovered in a set of campaigns targeting the energy sector, with a slew of post-exploitation tools to log keystrokes, record footage from webcams and steal browser credentials. Researchers called the malware “PoetRAT” due to various referenc...
Cisco IP Phone Harbors Critical RCE Flaw
Cisco is warning of a critical flaw in the web server of its IP phones. If exploited, the flaw could allow an unauthenticated, remote attacker to execute code with root privileges or launch a denial-of-service DoS attack. Proof-of-concept PoC exploit code has been posted on GitHub for the...
'ICEBUCKET" Streaming TV Fraudsters Steal Millions of Ad Dollars in 'ICEBUCKET' Attack
A massive television ad fraud campaign that abuses the programmatic advertising ecosystem for connected TV CTV has successfully impersonated more than 2 million people in over 30 countries so far during its run, defrauding more than 300 different brands out of their ad dollars. The recently...
Report: Hackers Selling Zoom Zero-Days for Windows, MacOS
Hackers claim they have discovered two zero-day vulnerabilities for the Zoom video conferencing platform that would allow threat actors to spy on people’s private video conferences and further exploit a target’s system. Flaws target Zoom clients for the Windows and the MacOS operating system,...
'Double Extortion' Ransomware Attacks Spike
Victims of ransomware attacks now face a double whammy of headaches. Cybercriminals are increasingly inflicting more pain on ransomware victims by threatening to leak compromised data or use it in future spam attacks, if ransom demands aren’t met. The ransomware tactic, call “double extortion,”...
Malicious Google Web Extensions Harvest Cryptowallet Secrets
Large campaigns that are spreading malicious browser extensions are abusing Google Ads and well-known cryptocurrency brands to draw in victims. Extensions can be installed to add widgets or other functionality to web browsers; they offer the ability to do everything from setting a special search...
Taxpayers Targeted With Improved NetWire RAT Variant
A new variant of the the NetWire remote access trojan RAT is hitching a ride on IRS-themed phishing ploys targeting taxpayers in hopes of snatching victims’ credentials and tax information. The recently uncovered campaign reveals the RAT’s operators swapping up infection tactics to use a legacy...
Tencent Ups Top Bug-Bounty Award to $15K
The Tencent Security Response Center TSRC is launching an expanded bug-bounty program, via the HackerOne white-hat platform – and the company has increased its top reward to $15,000. Tencent, a China-based global internet service provider, is opening up its existing bug-bounty program to...
Intel Fixes High-Severity Flaws in NUC, Discontinues Buggy Compute Module
Intel has stomped out high-severity flaws in its Next Unit Computing NUC mini PC firmware, and in its Modular Server MFS2600KISPP Compute Module. Overall, Intel addressed nine vulnerabilities across six products in its April security update – two of those being high-severity, and the rest being...
PPE, COVID-19 Medical Supplies Targeted by BEC Scams
Much has been publicized about the shortage of personal protective equipment PPE and other supplies for healthcare facilities in the United States during the COVID-19 pandemic. Now, the FBI is warning that threat actors are taking advantage of efforts to procure PPE and critical equipment such as...
April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit
Microsoft has released its April 2020 Patch Tuesday security updates, its first big patch update released since the work-from-home era truly got underway. It’s a doozie, with the tech giant disclosing 113 vulnerabilities. Out of these, 19 are rated as critical, and 94 are rated as important...
Adobe Fixes 'Important' Flaws in ColdFusion, After Effects and Digital Editions
Adobe released security patches for vulnerabilities in its ColdFusion, After Effects and Digital Editions applications. If exploited, the flaws could enable attackers to view sensitive data, gain escalated privileges, and launch denial-of-service attacks. Each of the bugs were rated...
TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover
The TA505 cybercrime group has ramped up its attacks lately, with a set of campaigns bent on spreading the persistent SDBbot remote-access trojan RAT laterally throughout an entire corporate environment, researchers said. SDBbot RAT is a custom job that has been observed in TA505 attacks since at...
Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines
Recent malware campaigns reveal that cybercriminals aren’t sparing healthcare firms, medical suppliers and hospitals on the frontlines of the coronavirus pandemic. Researchers have shed light on two recently uncovered malware campaigns: one targeting a Canadian government healthcare organization...
Safe Remote Access to Critical Infrastructure Networks in a Time of Global Crisis
With governments closing down workplaces all over the world, telecommuting presents not just online administrative and capacity challenges for organizations, but also security challenges. As highlighted in a recent article by Andy Greenberg from Wired, when more and more employees are asked to VP...
TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds
A security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to a user’s TikTok feed and swap it out with hacker-generated content. Researchers created a proof-of-concept PoC hack using a technique called a man-in-the-middle MiTM...
Malware Risks Triple on WFH Networks: Experts Offer Advice
Home office networks are 3.5 times more likely than corporate networks to be infected by malware, according a report from BitSight. That statistic comes into sharp focus as the coronavirus pandemic forces companies to shift to a work-from-home workforce. Those home networks that remote workers ar...
Oracle Tackles a Massive 405 Bugs for Its April Quarterly Patch Update
Oracle admins are staring down the barrel of a massive quarterly Critical Patch Update that includes 405 patches. Business software giant Oracle Corp. revealed 286 of those vulnerabilities are remotely exploitable across nearly two dozen product lines. Impacted with multiple critical flaws, rated...
Overlay Malware Exploits Chrome Browser, Targets Banks and Heads to Spain
Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image...
SFO Websites Hacked: Airport Discloses Data Breach
The San Francisco International Airport SFO disclosed this week two of its websites had been hacked and lead to the disclosure of some users’ login credentials at both sites. The attacks occurred in March and compromised were SFOConnect.com and SFOConstruction.com, both relatively low-traffic...
Apple, Google Team on Coronavirus Tracking – Sparking Privacy Fears
Apple and Google are teaming up to launch technology that traces the spread of the coronavirus, via apps for iOS and Android users. Despite the companies’ insistence that privacy will be “of utmost importance,” some in the security space remain wary of data privacy concerns around the newly...
WooCommerce Falls to Fresh Card-Skimmer Malware
Credit-card-stealing criminals have set their sights on the WordPress plugin known as WooCommerce, an e-tailer platform, with a JavaScript-based card-skimming malware. Sucuri researcher Ben Martin recently investigated a skimmer attack lodged against a WooCommerce site and found that it differs...
Critical VMware Bug Opens Up Corporate Treasure to Hackers
A critical information-disclosure bug in VMware’s Directory Service vmdir could lay bare the contents of entire corporate virtual infrastructures, if exploited by cyberattackers. The vmdir is part of VMware’s vCenter Server product, which provides centralized management of virtualized hosts and...
Apple App Store Riddled With Money-Sucking Fleeceware Apps
Researchers are warning iPhone users of fleeceware apps after finding more than 30 examples of them on Apple’s App Store. Fleeceware is jargon for apps that trick users into paying excessive fees for basic applications and functionality that is available free elsewhere. Many of these fleeceware...
Travelex Pays $2.3M in Bitcoin to Hackers Who Hijacked Network in January
Travelex has paid out $2.3 million in Bitcoin to hackers to regain access to its global network after a malware attack at the new year knocked the global currency exchange offline and crippled its business during the month of January. The move—reported by the Wall Street Journal—may seem...
Compromised Zoom Credentials Swapped in Underground Forums
Researchers have uncovered a database shared on an underground forum containing more than 2,300 compromised Zoom credentials. The database contained usernames and passwords for Zoom accounts – including corporate accounts belonging to banks, consultancy companies, educational facilities, healthca...
Cloudflare Axes Google reCAPTCHA Due to Privacy, Price
Cloudflare is nixing Google’s reCAPTCHA tool and replacing it with what the network services company’s CEO calls “a better CAPTCHA” service, hCaptcha. Google’s reCAPTCHA is a type of CAPTCHA an acronym for “Completely Automated Public Turing Test to Tell Computers and Humans Apart” that uses...
Unique P2P Architecture Gives DDG Botnet 'Unstoppable' Status
The coin-mining botnet known as DDG has seen a flurry of activity since the beginning of the year, releasing 16 different updates over the course of the past three months. Most notably, its operators have adopted a proprietary peer-to-peer P2P mechanism that has turned the DDG into a highly...
Copycat Site Serves Up Raccoon Stealer
Someone is targeting web denizens with a malicious, copycat Malwarebytes website, which serves up the Raccoon information stealer malware to unsuspecting visitors. According to the security firm itself, the attackers set up the domain “malwarebytes-free.com” with a domain registrar in Russia in...
Zoom Taps Ex-Facebook CISO Amid Security Snafus, Lawsuit
As it faces a major lawsuit, Zoom is taking a significant step to bolster security and privacy efforts by recruiting an industry heavy-hitter – former Facebook CISO Alex Stamos – to provide special counsel. It has also named third-party expert security advisory teams. The popular videoconferencin...
Cisco ‘Critical Update’ Phishing Attack Steals Webex Credentials
An ongoing phishing campaign is reeling in victims with a recycled Cisco security advisory that warns of a critical vulnerability. The campaign urges victims to “update,” only to steal their credentials for Cisco’s Webex web conferencing platform instead. The campaign is looking to leverage the...