News
News
- November 17, 2022
17 Nov'22
Magecart malware menaces Magento merchants
Sansec researchers say as many as 38% of commercial customers running the Adobe Commerce and Magento platforms could be infected with Magecart's TrojanOrders malware.
- November 17, 2022
17 Nov'22
CISA: Iranian APT actors compromised federal network
CISA said Iranian nation-state actors exploited Log4Shell flaws on an unpatched VMware Horizon server before deploying a cryptominer and attempting to gain persistent access.
- November 17, 2022
17 Nov'22
LockBit ransomware activity nose-dived in October
LockBit, the most prolific ransomware group in 2022, had itself a down month as GuidePoint Security researchers reported a 49% decrease in its infections for October.
-
- November 16, 2022
16 Nov'22
Risk & Repeat: Researchers criticize HackerOne
This podcast episode discusses a recent TechTarget Security article about bug bounty platform HackerOne in which researchers aired several complaints about the company.
- November 16, 2022
16 Nov'22
Rapid7 discloses more F5 BIG-IP vulnerabilities
While the severity of the issues is relatively low, F5 devices are commonly targeted by attackers to gain persistence inside a network.
-
Sponsored News
-
Server Security in the Era of ChatGPT
Sponsored by Dell Technologies and Intel - The importance of security and compliance to applications and data environments cannot be overstated. A GenAI platform deployment is different from a typical infrastructure as a service (IaaS) implementation in terms of who holds the keys and who can read the data. Research by TechTarget's Enterprise Strategy Group has found that even cloud-first organizations are deploying some workloads on premises, rather than the cloud, due to concerns related to data governance and sovereignty (cited by 42% of respondents) and security (cited by 34%). These organizations understand the real potential for data leakage associated with GenAI. See More
-
Dell Technologies GenAI-validated Designs and Dell Reference Designs
Sponsored by Dell Technologies and Intel - It's important to have the right infrastructure in place to support generative AI solutions. The intent should be to keep control of both proprietary data and associated GenAI-related business outcomes. See More
-
Sustainability, AI and Dell PowerEdge Servers
Sponsored by Dell Technologies and Intel - When it comes to energy efficiency and sustainability in IT, rightsizing is critical. Optimizing the infrastructure model and the right hardware needed to run it should be the goal. See More
-
A Generative AI Use Case Brought to Life with Solutions from Dell Technologies
Sponsored by Dell Technologies and Intel - Generative AI is not science fiction. It is real. Implementing and using generative AI is a goal within reach of any organization, not just large technology-centric ones. According to research by TechTarget's Enterprise Strategy Group, 92% of organizations will have generative AI in production within the next year. IT vendors such as Dell Technologies are currently working to bring AI to businesses, organizations and institutions in a manner customized to their unique needs. See More
-
- November 15, 2022
15 Nov'22
Twitter users experience apparent SMS 2FA disruption
The 2FA notification disruption occurred after CEO Elon Musk announced plans to shutter a majority of Twitter's microservices, though reasons for the outage are unconfirmed.
- November 14, 2022
14 Nov'22
Moreno Valley school system shores up ransomware defenses
Moreno Valley Unified School District officials discuss the steps they've taken to better protect sensitive data and critical applications against the growing threat of ransomware.
- November 10, 2022
10 Nov'22
DOJ charges accused Lockbit ransomware actor
The U.S. Department of Justice filed criminal charges against a Canadian man with dual Russian citizenship who is accused of being part of the LockBit ransomware crew.
- November 10, 2022
10 Nov'22
Flashpoint launches new 'ransomware prediction model'
Flashpoint's new model assigns a 'ransomware likelihood' rating for vulnerabilities contained in the VulnDB database, which contains more than 300,000 flaws.
- November 10, 2022
10 Nov'22
TrustCor under fire over certificate authority concerns
TrustCor Systems, a certificate authority registered in Panama, is in hot water after a Washington Post report raised questions about its apparent connections to a spyware vendor.
-
- November 07, 2022
07 Nov'22
Microsoft: Nation-state threats, zero-day attacks increasing
Microsoft's Digital Defense Report 2022 pointed the finger at China, which enacted a new vulnerability disclosure law last year, as the source of many zero-day attacks.
- November 07, 2022
07 Nov'22
Nozomi Networks CEO talks OT security and 'budget muscle'
Nozomi Networks CEO Edgard Capdevielle sat down with TechTarget Editorial to discuss the evolution of OT security and the challenge of 'budget muscle' many organizations face.
- November 04, 2022
04 Nov'22
Honeywell weighs in on OT cybersecurity challenges, evolution
TechTarget Editorial sat down with Honeywell's Paul Griswold and Jeff Zindel to discuss the rapid growth and evolution of the operational technology cybersecurity industry.
- November 04, 2022
04 Nov'22
Yanluowang ransomware gang goes dark after leaks
The Yanluowang ransomware operation appears to have shut down for the time being after an anonymous individual published a series of internal code and chat leaks.
- November 03, 2022
03 Nov'22
Ransomware on the rise, hitting schools and healthcare
October ransomware disclosures and public reports tracked by TechTarget Editorial increased from previous months, with notable attacks on education and healthcare organizations.
- November 02, 2022
02 Nov'22
U.S. Treasury: Ransomware attacks increased in 2021
A new report from the U.S. Treasury's Financial Crimes Enforcement Network showed an increase in businesses reporting ransomware attacks in the second half of 2021.
- November 01, 2022
01 Nov'22
OpenSSL vulnerabilities get high-priority patches
The OpenSSL Project released version 3.0.7 Tuesday to address a pair of high-severity buffer overflow vulnerabilities in the widely used cryptography library.
- October 28, 2022
28 Oct'22
Risk & Repeat: Microsoft, SOCRadar spar over data leak
This podcast episode discusses threat intelligence vendor SOCRadar's disclosure of a large Microsoft data leak and the contentious exchange between the two companies that followed.
- October 26, 2022
26 Oct'22
Ukraine: Russian cyber attacks aimless and opportunistic
Victor Zhora, a key Ukrainian cybersecurity official, says Russia is acting with "no particular strategy" in its cyber attacks on his country as their military invasion drags on.
- October 26, 2022
26 Oct'22
Cisco, CISA warn 2 AnyConnect flaws are under attack
CISA added two Cisco AnyConnect flaws to its Known Exploited Vulnerabilities catalog, which signals active exploitation and an urgency to patch.
- October 26, 2022
26 Oct'22
Researchers criticize HackerOne over triage, mediation woes
HackerOne researchers told TechTarget Editorial that they regularly encountered months-long wait times for responses and a mediation process that rarely favors researchers.
- October 25, 2022
25 Oct'22
Cryptomining campaign abused free GitHub account trials
Cloud security vendor Sysdig uncovered the largest cryptomining operation it's ever seen as threat actors used free account trials to shift the costs to service providers.
- October 25, 2022
25 Oct'22
Apple patches actively exploited zero-day iOS bug
The iOS zero-day was joined by a slew of other vulnerabilities in Apple's Oct. 24 security update. The iOS 16 update contained patches for 13 arbitrary code execution flaws.
- October 24, 2022
24 Oct'22
CISA warns of ransomware attacks on healthcare providers
A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat.
- October 21, 2022
21 Oct'22
BlackByte ransomware using custom data exfiltration tool
Symantec researchers say BlackByte ransomware may be poised to move into the elite ransomware ranks, as the group has begun developing its own custom malware tools.
- October 20, 2022
20 Oct'22
Brazil arrests alleged Lapsus$ hacker
Federal police in Brazil arrested a person accused of being a key member of the Lapsus$ hacking group on charges related to the takedown of government websites.
- October 19, 2022
19 Oct'22
ProxyLogon researcher details new Exchange Server flaws
After testing Microsoft's mitigations for ProxyLogon, security researcher Orange Tsai discovered new Exchange Server bugs, including one flaw that took more than a year to fix.
- October 19, 2022
19 Oct'22
Mandiant launches Breach Analytics for Google's Chronicle
Mandiant Breach Analytics for Google Cloud's Chronicle marks a new product launch from the security giant after its acquisition by Google was completed last month.
- October 19, 2022
19 Oct'22
Azure vulnerability opens door to remote takeover attacks
Orca Security researchers uncovered a flaw in Azure Service Fabric that was fixed in last week's Patch Tuesday. It allows elevation of privilege and remote takeover of nodes.
- October 18, 2022
18 Oct'22
Python vulnerability highlights open source security woes
A 15-year-old unpatched vulnerability in a tarfile module for the Python programming language prompted researchers from cybersecurity vendor Trellix to take action.
- October 14, 2022
14 Oct'22
Risk & Repeat: Breaking down the Joe Sullivan conviction
This podcast episode discusses conviction of former Uber CSO Joe Sullivan, who was found guilty last week of covering up the company's 2016 data breach.
- October 13, 2022
13 Oct'22
NPM API flaw exposes secret packages
A flaw in the API for NPM could potentially allow a threat actor to see the internal packages for corporate users -- a possible first step for a supply chain attack.
- October 13, 2022
13 Oct'22
Despite LockBit rebound, ransomware attacks down in 2022
LockBit cybercriminals are back in action with new ransomware attacks and publicity pushes. But many other new groups saw lower levels in activity in Q3, according to Cyberint.
- October 11, 2022
11 Oct'22
NPM malware attack goes unnoticed for a year
A cybercriminal crew known as "LofyGang" poisoned software supply chains with bad NPM packages for more than a year, according to Checkmarx researchers.
- October 11, 2022
11 Oct'22
BlackByte ransomware uses new EDR evasion technique
Attackers deploying the BlackByte ransomware strain are using vulnerable drivers to target a part of the operating system that many security products rely on for protection.
- October 11, 2022
11 Oct'22
Critical Fortinet vulnerability under active exploitation
Fortinet said the critical vulnerability affects three of its services -- FortiOS, FortiProxy and FortiSwitch Manager -- and urged customers to take immediate action.
- October 11, 2022
11 Oct'22
LinkedIn scams, fake Instagram accounts hit businesses, execs
Even the most secure business and executive social media accounts that have strong passwords and multifactor authentication are vulnerable to cloning schemes.
- October 11, 2022
11 Oct'22
Google launches new supply chain security offerings
Securing the software supply chain, especially open source libraries, was a major theme behind the new products released at the Google Cloud Next '22 conference.
- October 07, 2022
07 Oct'22
CISA lists top vulnerabilities exploited by Chinese hackers
The U.S. government published a list of the most commonly exploited vulnerabilities exploited by Chinese state-sponsored actors, including Log4Shell and the ProxyLogon bugs.
- October 06, 2022
06 Oct'22
Former Uber CSO Joe Sullivan found guilty in breach cover-up
Sullivan was convicted of obstruction of proceedings of the Federal Trade Commission and misprision of felony in connection with the cover-up of Uber's 2016 data breach.
- October 05, 2022
05 Oct'22
APTs compromised defense contractor with Impacket tools
A CISA alert warned that APT actors compromised a defense contractor's Microsoft Exchange server and used Impacket, an open source Python toolkit, to move laterally in the network.
- October 05, 2022
05 Oct'22
Ransomware attacks ravage schools, municipal governments
Attacks disclosed in September revealed that K-12 schools, universities and local governments continued to suffer at the hands of gangs such as Vice Society and BlackCat/Alphv.
- October 04, 2022
04 Oct'22
Secureworks finds network intruders see little resistance
A report from Secureworks found that in many network intrusions, the attackers only need to employ basic, unsophisticated measures to evade detection.
- October 04, 2022
04 Oct'22
Tenable shifts focus, launches exposure management platform
The company said it's expanding beyond vulnerability management to address the growing attack surface and the challenges customers face to address it.
- October 03, 2022
03 Oct'22
Intermittent encryption attacks: Who's at risk?
Threat analysts have observed some ransomware gangs using a new technique that only partially encrypts victims' files, which could evade some ransomware defenses.
- September 30, 2022
30 Sep'22
Microsoft Exchange Server targeted with zero-day vulnerabilities
Microsoft warned that two unpatched zero-day vulnerabilities are being exploited against Exchange Server, a problem that's causing déjà vu for some researchers.
- September 29, 2022
29 Sep'22
Cobalt Strike malware campaign targets job seekers
Cisco Talos researchers spotted a new wave of phishing attacks that target job seekers in the U.S. and New Zealand, infecting them with Cobalt Strike beacons.
- September 29, 2022
29 Sep'22
Unit 42 finds polyglot files delivering IcedID malware
Palo Alto Networks' Unit 42 says attackers are using decoy Microsoft Compiled HTML Help files containing multiple file formats to infect systems with information-stealing malware.
- September 29, 2022
29 Sep'22
Mandiant spots new malware targeting VMware ESXi hypervisors
Mandiant researchers said the backdoors were installed with a novel technique that used malicious vSphere Installation Bundles, though it's unclear how initial access was achieved.
- September 28, 2022
28 Sep'22
NCC Group: IceFire ransomware gang ramping up attacks
While the ransomware group was first observed in March, IceFire emerged on NCC Group's radar last month when attacks against English-speaking organizations soared.
- September 26, 2022
26 Sep'22
Critical Sophos Firewall bug under active exploitation
Sophos said the exploitation of the critical firewall vulnerability has, at this time, affected "an extremely small subset of organizations" predominantly located in South Asia.
- September 23, 2022
23 Sep'22
Malicious NPM package discovered in supply chain attack
Threat actors are circulating a look-alike version of the Material Tailwind NPM package to infect developers for supply chain malware attacks, according to ReversingLabs.
- September 23, 2022
23 Sep'22
Risk & Repeat: Uber and Rockstar Games hacked
This podcast episode discusses recent hacks against Uber and Rockstar Games, the techniques of the attackers and the possible connection to the Lapsus$ cybercrime group.
- September 22, 2022
22 Sep'22
15-year-old Python vulnerability poses supply chain threat
Trellix researchers issued a call for help to patch a vulnerable software module, which was found in more than 300,000 open source GitHub repositories.
- September 21, 2022
21 Sep'22
Cybercriminals launching more MFA bypass attacks
New research from Okta shows that cybercrime groups have stepped up their attacks on multifactor authentication systems in an effort to thwart account security measures.
- September 21, 2022
21 Sep'22
Cobalt Strike gets emergency patch
The developer of Cobalt Strike issued an out-of-band security update to address a cross-site scripting vulnerability in the popular penetration testing suite.
- September 19, 2022
19 Sep'22
Uber says Lapsus$ hackers behind network breach
Uber said a hacker from the Lapsus$ group used stolen credentials from a contractor to gain access to several important silos within its internal network.
- September 19, 2022
19 Sep'22
Rockstar Games confirms hack after 'Grand Theft Auto' leak
A threat actor this weekend published in-development footage from a forthcoming 'Grand Theft Auto' video game and claimed to have breached its publisher, Rockstar Games.
- September 16, 2022
16 Sep'22
DOJ drops report on cryptocurrency crime efforts
The U.S. Department of Justice issued a report to President Biden on its various enforcement efforts around cybercrime and digital currency, as well as looming challenges.
- September 16, 2022
16 Sep'22
Risk & Repeat: The White House wants secure software
This podcast episode discusses the implications of the Biden administration's new purchasing and usage guidelines for software utilized by U.S. federal agencies.
- September 16, 2022
16 Sep'22
Uber responds to possible breach following hacker taunts
Security researchers spotted suspicious activity on Uber's HackerOne page when the alleged hacker posted messages claiming they had compromised the ride-share company's network.
- September 15, 2022
15 Sep'22
Transparency, disclosure key to fighting ransomware
Current and former CISA members say the best methods for curbing ransomware attacks are organizations reporting attacks and assisting in investigations.
- September 15, 2022
15 Sep'22
Webworm retools old RATs for new cyberespionage threat
Symantec's Threat Hunter Team uncovered a new cyberespionage campaign run by a threat group named Webworm, which uses customized versions of old remote access Trojans.
- September 14, 2022
14 Sep'22
U.S. drops the hammer on Iranian ransomware outfit
The departments of Justice and the Treasury announced criminal charges and sanctions against a group of Iranian nationals accused of running an international ransomware operation.
- September 14, 2022
14 Sep'22
Biden issues cybersecurity guidance for software vendors
The guidance is an extension of President Biden's cybersecurity executive order from 2021 and includes new requirements for software deployed in federal agencies.
- September 13, 2022
13 Sep'22
Secureworks reveals Azure Active Directory flaws
Secureworks published details of what it claims are significant security flaws in Azure's authentication system, but Microsoft has dismissed them as non-issues.
- September 13, 2022
13 Sep'22
CrowdStrike threat report: Intrusions up, breakout time down
According to a new report by CrowdStrike's threat hunting team, Falcon OverWatch, attempted intrusions against the healthcare sector doubled year over year.
- September 08, 2022
08 Sep'22
LockBit gang leads the way for ransomware
New research from Malwarebytes shows LockBit is far and away the most prolific ransomware gang, with hundreds of confirmed attacks across the globe in recent months.
- September 08, 2022
08 Sep'22
Cisco Talos traps new Lazarus Group RAT
The North Korean-backed Lazarus Group has deployed a new type of remote access Trojan that has already been turned against foreign government networks and private energy companies.
- September 07, 2022
07 Sep'22
Google: Former Conti ransomware members attacking Ukraine
Google said former members of the Conti ransomware gang are operating as part of threat group UAC-0098, which is conducting attacks of both political and financial nature.
- September 06, 2022
06 Sep'22
Healthcare and education remain common ransomware targets
August disclosures showed ransomware attacks against education and healthcare entities resulted in slow recovery times and the potential loss of highly sensitive information.
- September 06, 2022
06 Sep'22
Ransomware hits Los Angeles Unified School District
The second-largest public school system in the U.S. confirmed a ransomware attack caused districtwide disruption to various services over the holiday weekend.
- September 01, 2022
01 Sep'22
Researcher unveils smart lock hack for fingerprint theft
An academic researcher demonstrated how IoT smart locks could become tools for attackers to covertly steal fingerprints and potentially access more sensitive personal data.
- September 01, 2022
01 Sep'22
Microsoft discloses 'high-severity' TikTok vulnerability
The flaw in TikTok's Android app is the latest security concern for the social media company, which was criticized last month for having keylogging functionality in its iOS app.
- August 30, 2022
30 Aug'22
Microsoft Excel attacks fall out of fashion with hackers
Hornetsecurity researchers say newly introduced safety measures from Microsoft have driven cybercriminals away from using Excel as a malware infection tool.
- August 30, 2022
30 Aug'22
FBI warns attacks on DeFi platforms are increasing
As cryptocurrency interest soars, cybercriminals are cashing in on the immaturity of some DeFi platforms and stealing hundreds of millions of dollars from investors.
- August 30, 2022
30 Aug'22
VMware aims to improve security visibility with new services
Unveiled at VMware Explore, the company's new security services include Project Trinidad, Project Watch and Project Northstar. All three offer customer visibility enhancements.
- August 26, 2022
26 Aug'22
LastPass discloses data breach
LastPass CEO Karim Toubba said no customer data or password details were compromised, and the company does not recommend an immediate course of action to users.
- August 25, 2022
25 Aug'22
Ransomware defies seasonal trends with increase
The return and rebranding of major crews saw the volume of ransomware attacks in July jump 47%, defying seasonal trends, according to researchers at NCC Group.
- August 25, 2022
25 Aug'22
Mitiga: Attackers evade Microsoft MFA to lurk inside M365
During an incident response investigation, Mitiga discovered attackers were able to create a second authenticator with no multifactor authentication requirements.
- August 25, 2022
25 Aug'22
Twitter whistleblower report holds security lessons
The whistleblower report from Twitter's former security lead should provide companies and boards with lessons on how not to handle internal security concerns.
- August 24, 2022
24 Aug'22
Risk & Repeat: Whistleblower spells trouble for Twitter
A new whistleblower report unveiled troubling accusations against Twitter from the social media company's former head of security, Peiter 'Mudge' Zatko.
- August 22, 2022
22 Aug'22
CEO of spyware vendor NSO Group steps down
Current NSO Group COO Yaron Shohat will replace outgoing CEO Shalev Hulio as part of a reorganization for the vendor, which has come under fire from the U.S. government.
- August 18, 2022
18 Aug'22
Shunned researcher Hadnagy sues DEF CON over ban
Researcher Christopher Hadnagy is seeking damages from DEF CON and founder Jeff Moss over their decision to ban him citing multiple claims of conduct violations.
- August 18, 2022
18 Aug'22
Russian cyber attacks on Ukraine driven by government groups
Researchers with Trustwave say the cyber attacks against Ukraine are not the work of enlisted private hacking groups but Russian government intelligence agencies.
- August 17, 2022
17 Aug'22
Google patches yet another Chrome zero-day vulnerability
Google issued an update Wednesday to address a potentially serious security vulnerability in its Chrome browser, and the company urged users to patch their browsers immediately.
- August 17, 2022
17 Aug'22
Risk & Repeat: Black Hat 2022 recap
This Risk & Repeat podcast episode discusses the Black Hat 2022 conference in Las Vegas and the notable sessions, major themes and hot topics from the show.
- August 17, 2022
17 Aug'22
CISA: Threat actors exploiting multiple Zimbra flaws
Cybersecurity vendor Volexity found earlier this month that one flaw, CVE-2022-27925, had compromised more than 1,000 Zimbra Collaboration Suite instances.
- August 16, 2022
16 Aug'22
Mailchimp suffers second breach in 4 months
While the source of the breach has not been confirmed, an attacker got into Mailchimp and gained access to the customer account of cloud hosting provider DigitalOcean.
- August 16, 2022
16 Aug'22
For cyber insurance, some technology leads to higher premiums
Though cyber insurance demand is exceeding supply and companies might receive less coverage with higher premiums, experts say there are ways enterprises can reduce risk.
- August 16, 2022
16 Aug'22
Zero Day Initiative seeing an increase in failed patches
In a Q&A with TechTarget Editorial, Trend Micro Zero Day Initiative's Brian Gorenc and Dustin Childs discuss incomplete patches and the value of personal researcher relations.
- August 12, 2022
12 Aug'22
Eclypsium calls out Microsoft over bootloader security woes
At DEF CON 30, Eclypsium researchers detailed three new vulnerabilities in third-party Windows bootloaders that were signed with Microsoft's UEFI certificates.
- August 11, 2022
11 Aug'22
Rapid7: Cisco ASA and ASDM flaws went unpatched for months
While several of the vulnerabilities were reported to Cisco in February, they remained unpatched until Thursday when Rapid7's Jake Baines discussed the flaws at Black Hat USA 2022.
- August 11, 2022
11 Aug'22
Researchers reveal Kubernetes security holes, prevention
Researchers with Palo Alto Networks took the stage at Black Hat to explain how configurations and system privileges in Kubernetes clusters can allow container escape and takeover.
- August 11, 2022
11 Aug'22
Cisco hacked by access broker with Lapsus$ ties
No Cisco employee or customer personal information was stolen in the hack, though some data did make it onto the dark web.
- August 11, 2022
11 Aug'22
SentinelOne discusses the rise of data-wiping malware
During a Black Hat 2022 session, researchers showed how expectations of cyber war may differ from the reality.
- August 11, 2022
11 Aug'22
Zero Day Initiative launches new bug disclosure timelines
The Trend Micro Zero Day Initiative's vulnerability disclosure policy will now mandate shorter disclosure windows for flaws believed to result from bypassed security patches.
- August 11, 2022
11 Aug'22
How CI/CD pipelines are putting enterprise networks at risk
At Black Hat USA 2022, NCC Group researchers demonstrated how threat actors can compromise CI/CD pipelines and break out into enterprise networks and cloud environments.
- August 11, 2022
11 Aug'22
Google researchers dissect Android spyware, zero days
Researchers with Google's Threat Analysis Group say the ecosystem of surveillance vendors is far larger than just NSO Group, and some vendors are sharing or trading exploits.
- August 10, 2022
10 Aug'22
Ermetic addresses IAM weaknesses in multi-cloud environments
Researchers at the cloud security vendor discussed the importance of understanding the different identity and access management features among the major cloud providers.