15946 matches found
Intel Smart Sound Tech Vulnerable to Three High-Severity Bugs
Intel issued three fixes for bugs that could allow a local attacker to execute code on Intel Core and Atom processor-based PCs. The vulnerabilities are tied to versions of its own Intel Smart Sound Technology, used to boost audio processing for tasks such as voice commands and interactions with...
Podcast: The Industrial World is Facing a Security Crisis
As more industrial systems become connected, so follows increased awareness of security issues surrounding industrial control systems, programmable logic controllers and SCADA. These once rare worlds of operational technology OT and IoT have now become part of the mainstream cybersecurity...
Kronos Banking Trojan Surfaces After Years of Silence
The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying code and are actively targeting victims in Germany, Japan and Poland. The latest variant has incorporated a new command-and-control feature designed to work with the Tor...
Google Starts Labeling All HTTP Sites as ‘Not Secure’
Websites that insist on sticking with HTTP will have a public relations issue on their hands, beginning today: All of them, without exception, will be labeled as insecure by Google Chrome from now on. Anyone using the Chrome web browser will be served up a warning message anytime they surf to an...
Emotet Malware Evolves Beyond Banking to Threat Delivery Service
The Emotet trojan has been popping up in the news for years: From widespread malspam infections of banking German targets in 2014, all the way up to the costly infection of a New Hampshire town’s computer network in July. And while the tricky Emotet malware first emerged targeting banking...
Apache, IBM Patch Critical Cloud Vulnerability
Apache and IBM have patched a critical vulnerability that allows attackers to replace a company’s serverless code with their own malicious script. Once running, the bad code could then be used for a range of nefarious tasks, including extracting confidential customer data such as passwords or...
Bluetooth Bug Allows Man-in-the-Middle Attacks on Phones, Laptops
A slew of vendors that have built Bluetooth pairing into their devices without requiring public key validation are issuing fixes for their products. Researchers at the Israel Institute of Technology have identified a cryptography-related security vulnerability CVE-2018-5383 in the Bluetooth...
Oracle Re-Patches Decade-Old Solaris Bug
Oracle has issued three fixes for a critical Solaris vulnerability that could allow kernel-level privilege escalation. Impacted are the Solaris 10 and 11.3 operating environments. Sun Microsystems now owned by Oracle originally patched the vulnerability in 2009. But, a “re-fix” is now required,...
Privacy Questions Raised as Tech Giants Join Forces on Data Portability
A veritable who’s who of tech giants from Google, Facebook, Microsoft and Twitter, went public last week with a partnership on a standards initiative called the Data Transfer Project DTP, built to enable data portability between cloud platforms. But security researchers believe the project’s...
New Spectre-Level Flaw Targets Return Stack Buffer
Researchers have discovered yet another speculative execution side-channel flaw enabling attackers to access sensitive data at the CPU level. The new Spectre-class exploit, dubbed SpectreRSB, was detailed by researchers from the University of California at Riverside in a research paper on Friday...
Spectre Will Haunt Us For a Long Time
During a recent Congressional hearing, Senators voiced concerns about the ongoing Spectre and Meltdown vulnerabilities. While the technical details were predictably glossed over, most of the hearing focused on Intel informing Chinese partners about the flaws six months before they went public...
Leaky Backup Spills 157 GB of Automaker Secrets
An insecure backup protocol used by robotics firm Level One is to blame for leaking 157 gigabytes of sensitive data belonging major automakers, including Ford, Tesla and Toyota. The data included 10 years of assembly-line schematics and control settings for robotics used to build the cars, along...
Facebook Suspends Analytics Firm Over Surveillance Concerns
Online data privacy is again being thrust into the spotlight after Facebook announced Friday it suspended yet another analytics firm due to concerns about the collection and sharing of data. The company is launching an investigation into whether Boston-based Crimson Hexagon’s collection of public...
ThreatList: Supply-Chain Defenses Need Improvement
Although nearly 80 percent of respondents in a recent survey believe software supply-chain attacks have the potential to become one of the biggest cyber threats over the next three years, few organizations are prepared to mitigate the risks. This state of affairs comes as businesses lose millions...
Massive Malspam Campaign Finds a New Vector for FlawedAmmyy RAT
A widespread spam campaign from the well-known financial criminal group TA505 is spreading the FlawedAmmyy RAT using a brand-new vector: Weaponized PDFs containing malicious SettingContent-ms files. The SettingContent-ms file format was introduced in Windows 10; it allows a user to create...
D-Link, Dasan Routers Under Attack In Yet Another Assault
Unpatched D-Link and Dasan GPON router vulnerabilities are being targeted by hackers attempting to build a botnet army, according to research published Friday by eSentire Threat Intelligence. Researchers observed on Thursday a massive uptick in exploit attempts from over 3,000 different source IP...
Newsmaker Interview: Troy Mursch on Why Cryptojacking Isn’t Going Away
Cyber criminals have seen a golden opportunity in the meteoric rise of cryptocurrencies over the past year. They are harnessing devices – from laptops, to desktops, all the way up to servers – to mine cryptocurrencies such as Bitcoin or Monero. This malicious move, dubbed by some researchers as...
ThreatList: A Ranking of Airports By Riskiest WiFi Networks
With time to spare at an airport, fliers don’t think twice about cracking open their laptops and taking advantage of one of many free WiFi hotspots. But they should, warns Coronet. Coronet, which sells wireless network security products, recently published its list of best and worst airport WiFi...
Chinese Hackers Mount Espionage Campaign During Trump-Putin Summit
Cyberattackers, unsurprisingly, appear to be interested in Donald Trump as an intelligence target – as evidenced by an uncharacteristic spate of strikes against IoT devices in Finland during the American president’s summit there with Russia’s Vladimir Putin. According to researchers, the uptick w...
Sizing Up The Scourge of Credential Stuffing
Last year, 2.3 billion credentials were stolen from 51 different organizations, including Ancestry.com, Imgur and Virgin America. Where do all those user names go? In Shape Security’s second annual Credential Spill Report, it found that billions of stolen digital IDs are contributing to an epidem...
Stealthy Malware Hidden in Images Takes to GoogleUserContent
Malware that uses Exchangeable Image File Format EXIF data to hide its code has migrated to a new platform: GoogleUserContent sites, such as Google+ and blogger forums. In this technique, previously seen on Pastebin and GitHub, hackers embed malicious code within uploaded images – a stealthy...
IoT Robot Vacuum Vulnerabilities Let Hackers Spy on Victims
UPDATE Researchers have uncovered vulnerabilities in a connected vacuum cleaner lineup that could allow attackers to eavesdrop, perform video surveillance and steal private data from victims. Two vulnerabilities were discovered in Dongguan Diqee 360 vacuum cleaners, which tout Wi-Fi capabilities,...
GangWang GPS Navigation Attack Leads Unsuspecting Drivers Astray
A proof-of-concept attack that uses realistic fake turn-by-turn navigation directions for in-car GPS systems has managed to fool drivers into following them a full 95 percent of the time in testing. Mobile navigation services are used by billions of users around the globe today. While GPS spoofin...
How Cyber Insurance Changes the Conversation Around Risk
Premiums paid for cyber insurance could triple to more than $7.5 billion by 2020, according to consultancy PwC. Companies are waking up to the fact that cyber risk equals business risk. Ask FedEx’s European arm, shipping giant Maersk or any of the other major organizations knocked out of operatio...
Critical Authentication Flaws in Cisco Policy Suite Patched
Cisco has patched four critical security vulnerabilities surrounding a lack of authentication requirements in its Policy Suite for mobile carriers. These would allow remote attackers to potentially exfiltrate information, compromise wireless subscriber account information, meddle with databases o...
Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power
The delicate balancing act between security and privacy is once again being tested. A bill making its way through Congress seeks to allow law enforcement to more easily uncover location data for cell phones from mobile carriers. The Kelsey Smith Act H.R. 5983 and S. 2973 would allow police and...
ThreatList: Popular Apps Get Enterprise Blacklisted
Mobile apps on BYOD handhelds tend to keep enterprise security pros worried. Between apps that are malicious, others that leak data and ones with pushy permissions – it’s hard to determine what’s safe and what might violate company rules. On Wednesday, Appthority released its annual list of the...
Thousands of U.S. Voter Personal Records Leaked by Robocall Firm
Researchers have discovered yet another misconfigured repository bucket – this time leaking the information of U.S. voters. The information was exposed on a public Amazon S3 bucket by a Virginia-based political campaign and robocalling company called Robocent. Kromtech Security researchers, who...
LabCorp Investigates a Potential Breach that Could Affect Millions
U.S. health diagnostics giant LabCorp has revealed that it detected “suspicious activity” on its network this past weekend, which disrupted its ability to process medical tests. Patient access to testing results was also interrupted. In an SEC filing on Monday, the Fortune 500 company said that i...
Oracle Sets All-Time Record with July Critical Patch Update
Oracle has released a massive Critical Patch Update CPU for July, addressing 334 security vulnerabilities covering a vast swathe of its enterprise portfolio. Of the 334 vulnerabilities covered this month, 61 are rated critical, with a CVSS rating between nine and 10. Oracle said in its advisory...
Microsoft Bounty Program Offers Payouts for Identity Service Bugs
Microsoft has lifted the curtain on a new bug-bounty program, offering payouts as high as $100,000 for holes in identity services and implementations of the OpenID standard. The bounty program touches on Microsoft’s array of digital identity solutions, which tout strong authentication, secure...
Smaller Nation State Attacks: A Growing Cyber Menace
Last year, a Qatari state media website was compromised and defaced with false reports of the Emir of that country praising Iran and Hamas. The fake content was blasted on social media and amplified through bots, eventually provoking a regional boycott that persists today. Andrea Little Limbago...
800K Patient Records At Issue in ProCare Health Snafu
Four healthcare IT companies are warning that one of New Zealand’s largest networks of family doctors, nurses and general practice teams has been storing hundreds of thousands of patient records containing personally identifiable information PII – without the knowledge or consent of the data...
Peer-to-Peer Crypto-Exchanges: A Haven for Money Laundering
The need to launder money is omnipresent in the criminal world, and lately, a new way of doing it has come to the fore: peer-to-peer cryptocurrency exchanges. These exchanges offer one-to-one relationships and transactions; buyers and sellers of virtual currency sign-up with their location...
Recent Andariel Group ActiveX Attacks Point to Future Targets
Researchers say that the North Korea-linked Andariel hacking group may be looking to switch up its targets, based on key changes in its script found on recently compromised websites. The Andariel group is associated with the infamous Lazarus Group, North Korea’s cyber-espionage unit. Andariel has...
DDoS Attacks Get Bigger, Smarter and More Diverse
Distributed denial of service attacks, bent on taking websites offline by overwhelming domains or specific application infrastructure with massive traffic flows, continue to pose a major challenge to businesses of all stripes. Being knocked offline impacts revenue, customer service and basic...
No Evidence of GandCrab Leveraging SMB Exploit – Yet
A new version of the evolving ransomware threat GandCrab has been identified by researchers – but evidence of the new malware self-propagating via the Windows transport protocol Server Message Block SMB exploit still remains to be seen. Security researchers at Fortinet said that they have spotted...
Newsmaker Interview: Bruce Schneier on ‘Going Dark’ and the Crypto Arms Race
Bruce Schneier is a computer security expert who, for decades, has been a leading voice for cryptography and all things security. In this question-and-answer formatted interview, Schneier describes the disjunction of today’s abundance of encryption tools and a dearth of personal security. Schneie...
DanaBot Trojan Targets Bank Customers In Phishing Scam
The recently-discovered DanaBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB. The emails purport to be invoices from MYOB, an Australian multinational corporation that provides tax, accounting and other...
Justice Department Indicts 12 Russian Nationals Tied to 2016 Election Hacking
The United States Justice Department on Friday announced 12 indictments against Russian nationals, accusing them of engaging in a “sustained effort” to hack Democrats’ emails and computer networks. According to Rod Rosenstein, United States deputy Attorney General, all 12 defendants are members o...
Indian iPhone Spy Campaign Used Fake MDM Platform
Cyberattackers have used a bogus mobile device management MDM system to target a small – but presumably high-value – set of iPhones in India, in a cyberespionage campaign that has some unusual hallmarks. Researchers said Thursday that attackers deployed an open-source MDM – which is typically use...
ThreatList: Bug Bounty Payouts Increase Six Percent for Critical Vulnerabilities
The average payout price for critical vulnerabilities are up six percent and now average $2,041 compared to the prior year. The numbers are from HackerOne’s 2018 Hacker-Powered Security Report, published Wednesday. The study looked at data derived from the HackerOne community between May 2017 and...
Sextortionists Shift Scare Tactics to Include Legit Passwords
A fresh take on the classic sextortion scam is making the rounds, with several reports confirming a new wrinkle in approach: The inclusion of a legitimate password in the email for the campaign. Multiple end users have received scam email messages from actors claiming to have taken over the...
Unsanctioned Apps Invite Fox into Cybersecurity Hen House
Conventional wisdom has shown there’s a short line between a company’s highest point of risk – its employees and a compromise. Unsanctioned, or shadow applications, are apps that haven’t been cleared by a company’s information security team. These apps, on employee machines, have long been a...
Hacker Compromises Air Force Captain to Steal Sensitive Drone Info
A hacker has penetrated an Air Force captain’s computer to steal sensitive information about U.S. military drones and other state secrets, according to a cybersecurity firm’s investigation of dark web activities. On June 1, Recorded Future’s Insikt Group was monitoring underground criminal activi...
Cisco Patches High-Severity Bug in VoIP Phones
A range of business customers could be impacted by a high-severity security flaw discovered in Cisco VoIP phones. The vendor issued a patch on Wednesday. Cisco also patched two medium-security flaws today in its FireSIGHT management platform for network security; and one medium-severity issue in...
ThreatList: 6-Year-Old Dorkbot Banking Malware Resurfaces as Big Threat
The banking malware called Dorkbot is back. Samples of the 6-year-old malware are now ranked the second biggest banking malware headache in 2018 so far, according to new data from Check Point. “Dorkbot, known malware that dates back to 2012, has entered back the top ranks, starring in the APAC as...
Chrome Now Features Site Isolation to Defend Against Spectre
Google introduced new security mitigations for its Chrome browser to defend against recently discovered Spectre variants. The new security feature, called site isolation, essentially isolates different browser work processes between various browser tabs. That means one tab’s webpage rendering and...
Ticketmaster Breach: Just One Part of a Wide-Ranging Campaign
Ticketmaster’s announcement back on June 28 that it was the victim of a payment-card breach ‘turns out to be part of a much larger card-skimming campaign by the threat group Magecart. A whopping 800 e-commerce sites around the world have been targeted by the crooks so far, according to RiskIQ...
Multiple Bugs Found in QNAP Q’Center Web Console
Researchers found an array of high severity vulnerabilities in network storage vendor QNAP’s web console, which could enable an authenticated attacker to gain privileges and execute arbitrary commands on the system. The web-based platform, Q’center, allows users to manage network attached storage...