Ubuntu 20.04 LTS : LibreOffice vulnerabilities (USN-5661-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5661-1 advisory. An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only...
8.8CVSS
8.9AI Score
0.002EPSS
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : LibreOffice vulnerabilities (USN-5694-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5694-1 advisory. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice...
8.8CVSS
8.2AI Score
0.003EPSS
Analysis of Storm-0558 techniques for unauthorized email access
**Executive summary ** On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we've detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our...
7.4AI Score
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation
Cisco Talos discovered 12 memory corruption vulnerabilities in MSRPC implementations on Apple macOS and VMWare vCenter. - Seven vulnerabilities affect Apple macOS only. - Two vulnerabilities affect VMWare vCenter. - Three vulnerabilities affect both. For more on these individual vulnerabilities,...
9.8CVSS
9.1AI Score
0.007EPSS
Analysis of Storm-0558 techniques for unauthorized email access
**Executive summary ** On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we've detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we continue our...
7.4AI Score
Introducing passwordless authentication on GitHub.com
Most security breaches are not the product of exotic zero-day attacks but rather involve lower-cost attacks like social engineering, credential theft or leakage, and other avenues that provide attackers with a broad range of access to victim accounts and the resources they have access to. In fact,....
7AI Score
Class-Action Lawsuit for Scraping Data without Permission
I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it "scraped 300 billion words from the internet" without either registering as a data broker or obtaining consent. On the one hand, I want this to be a protected fair use of public data. On the other.....
6.9AI Score
Summary OpenSSL is shipped with IBM Tivoli Network Manager IP Edition version 3.9. Information about a security vulnerability affecting Open SSL has been published here. Vulnerability Details CVE-ID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information,.....
5.9CVSS
0.6AI Score
0.01EPSS
Self-Driving Cars Are Surveillance Cameras on Wheels
Police are already using self-driving car footage as video evidence: While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their...
6.8AI Score
Google plans to scrape everything you post online to train its AI
Additions to Google's Privacy Policy are making some observers worry that all of your content is about to be fed into Google's AI tools. Alterations to the T&Cs now explicitly state that your "publicly available information" will be used to train in-house Google AI models alongside other products.....
6.5AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 3, 2023 to July 9, 2023)
Last week, there were 61 vulnerabilities disclosed in 54 WordPress Plugins and 1 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 28 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in....
9.9CVSS
8.1AI Score
EPSS
Threat Roundup for June 30 to July 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 30 and July 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,.....
6.8AI Score
Who’s Behind the DomainNetworks Snail Mail Scam?
If you've ever owned a domain name, the chances are good that at some point you've received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don't.....
6.9AI Score
DDoS attacks want to make sure you haven’t forgotten about them
Welcome to this week's edition of the Threat Source newsletter. Distributed denial-of-service attacks (DDoS) have been around since before I even knew how to turn a computer on. These types of attacks, I feel, have the same vibe as the term "computer virus" -- something we used to talk about in...
7.1AI Score
"Free" Evil Dead Rise movie scam lurks in Amazon listings
Scammers are using a novel technique with Amazon listings to trick fans of Evil Dead into downloads they may not want, and expensive rolling payments they have no interest in. Evil Dead Rise, the breakout horror film of 2023, started with big cinema numbers and has moved on to a victory lap in...
6.9AI Score
The growth of commercial spyware based intelligence providers without legal or ethical supervision
Attackers have long used commercial products developed by legitimate companies to compromise targeted devices. These products are known as commercial spyware. Commercial spyware operations mainly target mobile platforms with zero- or one-click zero-day exploits to deliver spyware. This threat...
6.9AI Score
Surveillance camera insecurities argument comes to one inevitable conclusion: Always update
Chinese-made surveillance cameras find themselves in a spot of controversy, after a BBC investigation uncovered flaws in devices during several brand tests. Surveillance and webcam vulnerabilities are common, and we've covered them many times on our blog. What's interesting with this story is that....
7AI Score
GitHub achieves ISO/IEC 27701:2019, 27018:2019, and CSA STAR certifications
GitHub continues to invest in security, privacy, and compliance as part of our ongoing effort to be the most trusted home for all developers. As a result of that investment, GitHub’s Information Security and Privacy Management System (ISPMS) was assessed against the ISO/IEC 27701:2019 (PII...
6.8AI Score
Why blocking ads is good for your digital health
Online content is largely powered and paid for by advertising. Almost every site you visit, every forum you browse, and even the online stores you buy things from is an advert extravaganza, and they don't just stop at showing cool offers for shirts at 50% off. The scaffolding the adverts sit on...
7.2AI Score
New video provides a behind-the-scenes look at Talos ransomware hunters
Welcome to this week's edition of the Threat Source newsletter. AI-generated art is causing drama across the internet over the past few months, from Marvel TV show opening credits scenes to predatory YouTubers who claim YOU can make millions by having AI tools create children's books for you....
8.8CVSS
6.3AI Score
0.001EPSS
OpenSSH trojan campaign targets Linux systems and IoT devices
Poorly configured Linux and Internet of Things (IoT) devices are at risk of compromise from a cryptojacking campaign, according to researchers at Microsoft. The attacks, which involve brute forcing a way into a system, are designed to profit from mining in illicit fashion for cryptocurrency. Once.....
7.5AI Score
9 basic security tips for seniors
Before we get into the tips: a caveat. We know many seniors who are digitally more up to date than people 20 years younger, but for those who aren't, this guide is for you. If you're offended by the word seniors in the title, feel free to replace it with "computer illiterate people." And keep in...
7AI Score
para-port.com Cross Site Scripting vulnerability OBB-3222686
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
Business Logic Attacks: Why Should You Care?
Imagine this: You've just launched an amazing new application with top-of-the-line API security, reinforced it with client-side protection, and even set up defenses against bot attacks. You're feeling safe and secure, congratulating yourself on a job well done. But, despite all your efforts, your.....
7.2AI Score
oi-para-empresas.com Cross Site Scripting vulnerability OBB-3219760
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
AI Score
5 facts to know about the Royal ransomware gang
When we first introduced the Royal ransomware gang in our November 2022 review, little did we know they'd rapidly evolve into one of the most potent threats in our ongoing monthly threat intelligence briefings. In fact, the Malwarebytes Threat Intelligence team has tracked down a staggering 195...
7.4AI Score
Why businesses need a disinformation defense plan, with Lisa Kaplan: Lock and Code S04E13
When you think about the word "cyberthreat," what first comes to mind? Is it ransomware? Is it spyware? Maybe it's any collection of the infamous viruses, worms, Trojans, and botnets that have crippled countless companies throughout modern history. In the future, though, what many businesses...
10AI Score
SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking Tool
The United Parcel Service (UPS) says fraudsters have been harvesting phone numbers and other information from its online shipment tracking tool in Canada to send highly targeted SMS phishing (a.k.a. "smishing") messages that spoofed UPS and other top brands. The missives addressed recipients by...
6.7AI Score
Threat Roundup for June 16 to June 23
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 16 and June 23. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,....
6.8AI Score
Why Malware Crypting Services Deserve More Scrutiny
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or "crypt" your malware so that it appears benign to antivirus and security products. In fact, the process of "crypting" malware is sufficiently...
7.2AI Score
Anonymous Sudan, MOVEit, and Cl0p
There are three concurrent events of significant concern: An Anonymous Sudan group chat on Telegram has revealed imminent threats from Russia to the US financial system, specifically targeting the SWIFT network. The motive behind this attack is disruption. By attacking SWIFT and inducing...
6.9AI Score
URLs have always been a great hiding place for threat actors
Welcome to this week's edition of the Threat Source newsletter. Talos' recent blog post on the dangers posed by the newly released ".zip" top-level domain (TLD) recently outlined how threat actors could create real URLs that look like file names and trick users into clicking on their links. .Zip...
9.8CVSS
8.7AI Score
0.969EPSS
Fake security researchers push malware files on GitHub
Researchers from VulnCheck have observed a campaign using real security researchers as bait for malware. The campaign goes to some lengths to appear genuine, using fake profiles, downloads, websites, and bogus GitHub profiles, to paint a convincing picture of security professionals offering up...
7.2AI Score
Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency
Introduction Stealing cryptocurrencies is nothing new. For example, the Mt. Gox exchange was robbed of many bitcoins back in the beginning of 2010s. Attackers such as those behind the Coinvault ransomware were after your Bitcoin wallets, too. Since then, stealing cryptocurrencies has continued to.....
7.2AI Score
Threat Roundup for June 9 to June 16
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 9 and June 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,.....
7.3AI Score
Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages libreoffice - Office productivity suite Details It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into...
7.8CVSS
7.1AI Score
0.001EPSS
Rooting with root cause: finding a variant of a Project Zero bug
In this blog, I'll look at CVE-2022-46395, a variant of Project Zero issue 2327 (CVE-2022-36449) and show how it can be used to gain arbitrary kernel code execution and root privileges from the untrusted app domain on an Android phone that uses the Arm Mali GPU. I used a Pixel 6 device for testing....
8.8CVSS
7.6AI Score
0.01EPSS
K000130240 : Intel BIOS vulnerability CVE-2022-26006
Security Advisory Description Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2022-26006) Impact A local attacker logged in as a privileged user can exploit the...
6.7CVSS
7AI Score
0.0004EPSS
In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to.....
7.1AI Score
5 unusual cybersecurity tips that actually work
So, you're on top of your software updates, you use a password manager, you've enabled two-factor authentication wherever you can, you've got BrowserGuard installed, and you're running Malwarebytes Premium. If you're doing all of that you're already winning at security. But you want more, because.....
7AI Score
Joe Marshall was a security practitioner before he even knew it. Marshall started his career in information technology as a systems administrator. On the surface, he jokes that he was a "white-collar plumber" -- fixing IT issues as they arose, handing out new credentials and asking users if they...
7.1AI Score
Holistic API Security Strategy for 2023
In the digital landscape of 2023, Application Programming Interfaces (APIs) have taken center stage in business operations. APIs act as the backbone of many digital services, enabling software applications to communicate and exchange data with each other. As businesses increasingly rely on APIs...
7.2AI Score
Service Rents Email Addresses for Account Signups
One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying...
7.2AI Score
Threat Roundup for June 2 to June 9
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 2 and June 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
6.4AI Score
Discord Admins Hacked by Malicious Bookmarks
A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. This attack involves malicious Javascript that is added to one's browser by dragging a...
7.2AI Score
IT threat evolution in Q1 2023 IT threat evolution in Q1 2023. Non-mobile statistics IT threat evolution in Q1 2023. Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff, a financially motivated...
7.3AI Score
Debian DLA-3368-1 : libreoffice - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3368 advisory. LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred...
8.2AI Score
0.002EPSS
Debian DSA-5252-1 : libreoffice - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5252 advisory. LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific...
6.3CVSS
6.7AI Score
0.002EPSS
Financial services company OneMain fined $4.25 million for security lapses
A series of security errors and mishaps has cost personal loan provider OneMain $4.25m in penalties, issued by the New York State department of financial services. The fines, coming at the end of a detailed investigation into how security practices at the company were determined to be below-par,...
6.6AI Score
[SECURITY] [DSA 5415-1] libreoffice security update
Debian Security Advisory DSA-5415-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 28, 2023 https://www.debian.org/security/faq Package : libreoffice CVE ID : CVE-2023-0950 CVE-2023-2255...
7.8CVSS
7.8AI Score
0.001EPSS