High-Severity Flaws Plague Intel Graphics Drivers

Intel has issued security patches for six high-severity vulnerabilities in its Windows graphics drivers which, if exploited, could enable escalation of privilege, denial of service DoS and information disclosure. The graphics driver is software that controls how graphic components work with the...

High-Severity Flaws Plague Intel Graphics Drivers

Intel has issued security patches for six high-severity vulnerabilities in its Windows graphics drivers which, if exploited, could enable escalation of privilege, denial of service DoS and information disclosure. The graphics driver is software that controls how graphic components work with the...

Variant of Paradise Ransomware Targets Office IQY Files

A new variant of the Paradise ransomware attacks rarely-targeted Microsoft Office Excel IQY files, providing a new and relatively inobtrusive way to infiltrate and hijack an organization’s network, researchers have found. Lastline Labs’ James Haughom discovered the variant in December in a spam...

Variant of Paradise Ransomware Targets Office IQY Files

A new variant of the Paradise ransomware attacks rarely-targeted Microsoft Office Excel IQY files, providing a new and relatively inobtrusive way to infiltrate and hijack an organization’s network, researchers have found. Lastline Labs’ James Haughom discovered the variant in December in a spam...

Spear-Phishing Attack Lures Victims With 'HIV Results'

Recently discovered spear-phishing emails are using a unique “scare-factor” lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. Researchers are warning of a recent campaign involving emails claiming to come from Vanderbilt University Medical...

Spear-Phishing Attack Lures Victims With 'HIV Results'

Recently discovered spear-phishing emails are using a unique “scare-factor” lure to convince victims to open attached malicious Microsoft Excel documents: Their HIV test results. Researchers are warning of a recent campaign involving emails claiming to come from Vanderbilt University Medical...

Microsoft Exchange Server Flaw Exploited in APT Attacks

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges. The vulnerability in question CVE-2020-0688 exists in the control panel of...

Microsoft Exchange Server Flaw Exploited in APT Attacks

Multiple threat groups are actively exploiting a vulnerability in Microsoft Exchange servers, researchers warn. If left unpatched, the flaw allows authenticated attackers to execute code remotely with system privileges. The vulnerability in question CVE-2020-0688 exists in the control panel of...

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

AMD is seeking to downplay side-channel attacks that can leak potentially sensitive data from its processors released between 2011 and 2019. The “Take A Way” attack, so-called by researchers with the Graz University of Technology in a new analysis this weekend, is a side-channel attack...

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

AMD is seeking to downplay side-channel attacks that can leak potentially sensitive data from its processors released between 2011 and 2019. The “Take A Way” attack, so-called by researchers with the Graz University of Technology in a new analysis this weekend, is a side-channel attack...

Next-Gen Ransomware Packs a 'Human' Punch, Microsoft Warns

Researchers are warning that “human operated” ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle. Researchers said that “auto-spreading” ransomware – like WannaCry and NotPety...

Next-Gen Ransomware Packs a 'Human' Punch, Microsoft Warns

Researchers are warning that “human operated” ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle. Researchers said that “auto-spreading” ransomware – like WannaCry and NotPety...

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks

As the coronavirus blows up into a worldwide pandemic, threat actors continue to exploit the disease to spread malware. Just this week, cybersecurity professionals identified a bevy of new threats ranging from coronavirus-themed malware attacks, booby-trapped URLs and credential stuffing scams. O...

Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks

As the coronavirus blows up into a worldwide pandemic, threat actors continue to exploit the disease to spread malware. Just this week, cybersecurity professionals identified a bevy of new threats ranging from coronavirus-themed malware attacks, booby-trapped URLs and credential stuffing scams. O...

Critical Zoho Zero-Day Flaw Disclosed

UPDATE A zero-day vulnerability has been disclosed in the IT help desk ManageEngine software made by Zoho Corp. The serious vulnerability enables an unauthenticated, remote attacker to launch attacks on affected systems. Zoho has now released a security update addressing the vulnerability. As of...

Critical Zoho Zero-Day Flaw Disclosed

UPDATE A zero-day vulnerability has been disclosed in the IT help desk ManageEngine software made by Zoho Corp. The serious vulnerability enables an unauthenticated, remote attacker to launch attacks on affected systems. Zoho has now released a security update addressing the vulnerability. As of...

Zynga Faces Lawsuit Over Massive Words with Friends Breach

Mobile game developer Zynga could face a class-action lawsuit stemming from a massive data breach last September, which impacted 218 million users of the Words with Friends mobile app. The news comes as other big names face security incidents: T-Mobile and Carnival Cruise Lines have admitted this...

Zynga Faces Lawsuit Over Massive Words with Friends Breach

Mobile game developer Zynga could face a class-action lawsuit stemming from a massive data breach last September, which impacted 218 million users of the Words with Friends mobile app. The news comes as other big names face security incidents: T-Mobile and Carnival Cruise Lines have admitted this...

Chris Eng: Patch Management Challenges Drive 'Security Debt'

Companies are lagging when it comes to keeping up with software security patches – causing them to fall into “security debt,” Chris Eng, chief research officer with Veracode said. Today, challenges around patch management are being worsened by applications using third-party code and open source...

Chris Eng: Patch Management Challenges Drive 'Security Debt'

Companies are lagging when it comes to keeping up with software security patches – causing them to fall into “security debt,” Chris Eng, chief research officer with Veracode said. Today, challenges around patch management are being worsened by applications using third-party code and open source...

High-Severity Cisco Webex Flaws Fixed

Cisco Systems has patched two high-severity vulnerabilities in its popular Webex video conferencing platform, which if exploited could allow an attacker to execute code on affected systems. Two multimedia players tied to the Webex platform are impacted. First is the Cisco Webex Network Recording...

High-Severity Cisco Webex Flaws Fixed

Cisco Systems has patched two high-severity vulnerabilities in its popular Webex video conferencing platform, which if exploited could allow an attacker to execute code on affected systems. Two multimedia players tied to the Webex platform are impacted. First is the Cisco Webex Network Recording...

Trump, Sanders Are the Top Brands for Cybercriminals

Unwanted and malicious emails using political-themed lures has spiked as the presidential primary season cranks into high gear – with Donald Trump and Bernie Sanders representing the lion’s share of subject line themes. Since the beginning of the year, Proofpoint researchers have tracked subject...

Trump, Sanders Are the Top Brands for Cybercriminals

Unwanted and malicious emails using political-themed lures has spiked as the presidential primary season cranks into high gear – with Donald Trump and Bernie Sanders representing the lion’s share of subject line themes. Since the beginning of the year, Proofpoint researchers have tracked subject...

Let’s Encrypt Pushes Back Deadline to Revoke Some TLS Certificates

Let’s Encrypt said it will give users of its Transport Layer Security TLS certificates more time to replace 1 million certificates that are still active and potentially affected by a Certificate Authority Authorization CAA bug before it revokes them. The popular free certificate authority had giv...

Critical Netgear Bug Impacts Flagship Nighthawk Router

Netgear is warning users of a critical remote code execution bug that could allow an unauthenticated attacker to take control of its Wireless AC Router Nighthawk R7800 hardware running firmware versions prior to 1.0.2.68. The warnings, posted Tuesday, also include two high-severity bugs impacting...

Microsoft OneNote Used To Sidestep Phishing Detection

A phishing campaign was recently discovered leveraging OneNote, Microsoft’s digital notebook that automatically saves and syncs notes, to bypass detection tools and download malware onto victims’ systems. The attacker was utilizing OneNote as a way to easily experiment with various lures that...

Loyalty Cards Targeted in Tesco Clubcard Attack

U.K. supermarket giant Tesco is warning on a credential-stuffing attack that potentially affects 600,000 members of its Clubcard loyalty program. It said that it detected cybercriminals trying out different name and password combos, gleaned from a database of stolen usernames and passwords for...

Cobalt Ulster Strikes Again With New ForeLord Malware

A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat APT group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between...

Let's Encrypt to Revoke Millions of TLS Certs

UPDATE Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security TLS certificates Wednesday, because of a Certificate Authority Authorization CAA bug. The move could mean that millions of websites and machine identities that rely on those certificates...

MediaTek Bug Actively Exploited, Affects Millions of Android Devices

Google has addressed a high-severity flaw in MediaTek’s Command Queue driver that developers said affects millions of devices – and which has an exploit already circulating in the wild. Also in its March 2020 Android Security bulletin, issued this week, Google disclosed and patched a critical...

Have I Been Pwned No Longer For Sale

After announcing last year that he was looking to sell Have I Been Pwned HIPB, Troy Hunt said this week that the popular service has been pulled off the market and will instead continue to be run independently. HIBP offers a free service for consumers to check if their usernames and passwords hav...

Download Guide: Advanced Threat Protection Beyond the AV

At a certain point, almost every organization reaches the conclusion that there is a need to move past just the standard AV and firewall stack in order to soundly protect their environment. The common practice in recent years is to gain extra protection through implementing either EDR\EPP solutio...

DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla

A company that provides custom parts to aerospace giants Lockheed Martin, SpaceX and Boeing, has been the target of an attack by an emerging type of ransomware that can both encrypt files and exfiltrate data. Colorado-based Visser Precision said it was targeted by a “cyber incident” that involved...

NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs

The legitimate remote access tool RAT called NetSupport Manager, used for troubleshooting and tech support, is being converted into a malicious weapon by cybercriminals. Researchers at Palo Alto Networks’ Unit 42 division have spotted a spam campaign attempting to deliver a malicious Microsoft Wo...

Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver

Nvidia issued patches for high-severity vulnerabilities in its graphics driver, which can be exploited by a local attacker to launch denial-of-service DoS or code-execution attacks. Nvidia’s graphics processing unit GPU display driver is used in devices targeted for enthusiast gamers; it’s the...

Forrester: Keeping Smart Cities Safe From Hacks

SAN FRANCISCO – Municipalities today are dealing with an unanticipated number of cyberthreats, Merritt Maxim, an analyst at Forrester, said last week at the RSA Conference 2020. Local and state governments are increasingly being targeted by ransomware attacks, phishing emails and business email...

TrickBot Adds ActiveX Control, Hides Dropper in Images

The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. Michael Gorelik, researcher at Morphisec Labs, said that at least two dozen documents have come to light in the last few weeks that use ActiveX...

Walgreens Mobile App Leaks Prescription Data

Popular pharmacy chain Walgreens is warning that a bug in its official mobile app may have exposed sensitive data, including customers’ full names and information on prescriptions for medications they are taking. The security issue stemmed from an “error” in the personal secure messaging feature ...

Bruce Schneier Proposes 'Hacking Society' for a Better Tomorrow

SAN FRANCISCO – Cybersecurity experts have long stayed in their problem-solving lane when it comes to finding vulnerabilities, patching bugs and keeping networks safe. But maybe it is time they applied their defensive skillsets and adversarial understanding of cyberthreats to help solve some of...

RSAC 2020: Ransomware a 'National Crisis,' CISA Says, Ramps ICS Focus

Industrial control systems ICS and critical infrastructure will be a main focus for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency CISA this year – especially as ransomware looms as a main threat to the sector going forward. That’s according to Christopher...

Patrick Wardle: Apple Devices Hit With Recycled macOS Malware

SAN FRANCISCO – Advanced persistent threat APT groups are hitting Apple devices with malware that has been reverse engineered and redeployed for malicious acts. This technique is complicating attribution efforts, Patrick Wardle, security researcher with Jamf, said this week during RSA Conference...

Google’s War on Android App Permissions, 60 Percent Successful

Overzealous Android apps that needlessly ask for permissions to handset resources such as contact lists and location data are not only obnoxious, but also potential privacy threats. To address this hot-button issue with Android users Google implemented a strict permission policy designed to curb...

RSAC 2020: GM's Transportation Future Hinges on Cybersecurity

SAN FRANCISCO — General Motors is working on self-driving cars, cars that monitor heart rates and other vital functions, zero-emission vehicles and more – all underpinned by exceedingly complex coding and relying on ubiquitous connectivity. But there’s a problem. The cyber-talent gap is hitting t...

IoT Insecurity: When Your Vacuum Turns on You

SAN FRANCISCO – Hackable Internet of Things IoT devices are on full display this week at the RSA Conference 2020. They include everything from baby monitors to Wi-Fi chips. One such device is a connected vacuum cleaner, the Trifo Ironpie M6. According to researchers with Checkmarx, the vacuum has...

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

SAN FRANCISCO — A serious vulnerability in Wi-Fi chips has been discovered that affects billions of devices worldwide, according to researchers. It allows attackers to eavesdrop on Wi-Fi communications. The bug CVE-2019-15126 stems from the use of an all-zero encryption key in chips made by...

RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers

SAN FRANCISCO – Researchers have discovered a slew of security vulnerabilities in a popular baby monitor, which if exploited allows attackers to remotely access the camera’s video footage. The vulnerabilities were discovered in the iBaby Monitor M6S connected baby camera by researchers with...

RSAC 2020: Lack of Machine Learning Laws Open Doors To Attacks

SAN FRANCISCO – As companies quickly adopt machine learning systems, cybercriminals are close behind scheming to compromise them. That worries legal experts who say a lack of laws swing open the door for bad guys to attack systems. During a panel session at RSA Conference 2020 this week, Cristin...

Hackers Cashing In On Healthcare Industry Security Weaknesses

SAN FRANCISCO – Cybercriminals are pushing boundaries in looking for new ways to cash in on the healthcare space – whether it is persuading desperate patients to download health information apps that actually infect their devices with malware, attacking hospitals with ransomware attacks or even...

Iranian APT Targets Govs With New Malware

SAN FRANCISCO – A never before seen credential-stealing malware, dubbed ForeLord, has been uncovered in recent spear phishing emails. Researchers have attributed the campaign to a known Iranian advanced persistence threat APT group. The emails distributing ForeLord were uncovered as part of a...