News
News
- November 03, 2021
03 Nov'21
CISA requires agencies to patch nearly 300 vulnerabilities
The Cybersecurity and Infrastructure Security Agency issued a directive for government agencies that requires patching for hundreds of known software security vulnerabilities.
- November 02, 2021
02 Nov'21
Trojan Source bugs enable 'invisible' source code poisoning
A pair of flaws in nearly every popular programming language enables attackers to hide malicious code in plain sight without the ability to be detected prior to compiling.
- October 29, 2021
29 Oct'21
Europol 'targets' 12 suspects in ransomware bust
Europol has not said whether the suspected ransomware actors were arrested or detained, but the 12 were allegedly involved in attacks that affected 1,800 victims in 71 countries.
-
- October 28, 2021
28 Oct'21
Hackers upping SSL usage for encrypted attacks, communications
A report from cloud security vendor Zscaler found that cybercriminals are using secure connections to evade detection while carrying out network attacks.
- October 22, 2021
22 Oct'21
Risk & Repeat: Apple bug bounty frustrations boil over
Security researchers criticized the Apple Security Bounty program and claimed the company ignored bug reports, denied bounty payments and silently patched vulnerabilities.
-
Sponsored News
-
Server Security in the Era of ChatGPT
Sponsored by Dell Technologies and Intel - The importance of security and compliance to applications and data environments cannot be overstated. A GenAI platform deployment is different from a typical infrastructure as a service (IaaS) implementation in terms of who holds the keys and who can read the data. Research by TechTarget's Enterprise Strategy Group has found that even cloud-first organizations are deploying some workloads on premises, rather than the cloud, due to concerns related to data governance and sovereignty (cited by 42% of respondents) and security (cited by 34%). These organizations understand the real potential for data leakage associated with GenAI. See More
-
Dell Technologies GenAI-validated Designs and Dell Reference Designs
Sponsored by Dell Technologies and Intel - It's important to have the right infrastructure in place to support generative AI solutions. The intent should be to keep control of both proprietary data and associated GenAI-related business outcomes. See More
-
Sustainability, AI and Dell PowerEdge Servers
Sponsored by Dell Technologies and Intel - When it comes to energy efficiency and sustainability in IT, rightsizing is critical. Optimizing the infrastructure model and the right hardware needed to run it should be the goal. See More
-
A Generative AI Use Case Brought to Life with Solutions from Dell Technologies
Sponsored by Dell Technologies and Intel - Generative AI is not science fiction. It is real. Implementing and using generative AI is a goal within reach of any organization, not just large technology-centric ones. According to research by TechTarget's Enterprise Strategy Group, 92% of organizations will have generative AI in production within the next year. IT vendors such as Dell Technologies are currently working to bring AI to businesses, organizations and institutions in a manner customized to their unique needs. See More
-
- October 15, 2021
15 Oct'21
Accenture sheds more light on August data breach
The IT services giant disclosed in an SEC filing that threat actors stole and leaked proprietary data during a LockBit ransomware attack earlier this year.
- October 14, 2021
14 Oct'21
Google digs into Iran's APT35 hacking group
Covert phishing tactics and cleverly disguised notifications are among the calling cards of the increasingly sophisticated operation aimed at Iran's opponents.
- October 14, 2021
14 Oct'21
Enterprises ask Washington to step up cyber collaboration
During CISA's National Cybersecurity Summit, critical infrastructure companies said they need better information on cyberthreats from the federal government.
- October 13, 2021
13 Oct'21
How hackers exploited RCE vulnerabilities in Atlassian, Azure
Barracuda researchers examined exploitation activity and attack patterns for two remote code execution vulnerabilities affecting Atlassian's Confluence and Microsoft's Azure.
- October 12, 2021
12 Oct'21
Apple patches iOS vulnerability actively exploited in the wild
Apple said in a security advisory that it had received a report that the iOS flaw, which impacts kernel extension IOMobileFrameBuffer, 'may have been actively exploited.'
-
- October 11, 2021
11 Oct'21
Iranian password spraying campaign hits Office 365 accounts
The Iran-backed DEV-0343 threat group has launched a password spraying offensive against Office 365 accounts in the defense, maritime and oil industries.
- October 11, 2021
11 Oct'21
Cyber insurance premiums, costs skyrocket as attacks surge
As cyber attacks and losses have increased, so has demand for cyber insurance. But now premiums are reflecting a harsh new reality.
- October 08, 2021
08 Oct'21
Senators want FTC to enforce a federal data security standard
U.S. Senators debated creating federal data privacy and security standards and providing the FTC with enough resources to enforce them.
- October 08, 2021
08 Oct'21
Admins: Patch management is too complex and cumbersome
A new survey from Ivanti shows a majority of administrators and infosec professionals feel the shift to decentralized workspaces has made patch management an even bigger headache.
- October 06, 2021
06 Oct'21
Apache HTTP Server vulnerability under active attack
Security experts are urging administrators to update their installations of Apache HTTP Server following the disclosure of a zero-day vulnerability that had been under attack.
- October 06, 2021
06 Oct'21
Iranian hackers abusing Dropbox in cyberespionage campaign
A group of hackers believed to be based in Iran is targeting organizations in the U.S. and elsewhere with a campaign that uses cloud storage service Dropbox.
- October 06, 2021
06 Oct'21
Twitch confirms data breach following massive leak
Leakers claim to have stolen almost 6,000 internal Git repositories, including 'the entirety of Twitch.tv' and content creator payouts.
- October 04, 2021
04 Oct'21
2 suspected ransomware operators arrested in Ukraine
A coordinated international law enforcement operation led to the arrest of two alleged ransomware operators, though the ransomware gang has not been identified.
- September 30, 2021
30 Sep'21
FireEye and McAfee Enterprise announce product mashup
Merger-happy investment firm STG has let slip that it will integrate the product lines of McAfee Enterprise and FireEye. Analysts say it will be a challenging road ahead.
- September 30, 2021
30 Sep'21
Researchers hack Apple Pay, Visa 'Express Transit' mode
Academic researchers discover an attack technique that enables them to make fraudulent transactions on locked iPhones when Apple Pay and Visa cards are set up for transit mode.
- September 29, 2021
29 Sep'21
Telegram bots allowing hackers to steal OTP codes
A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds.
- September 29, 2021
29 Sep'21
Group-IB CEO Ilya Sachkov charged with treason in Russia
Group-IB maintains the innocence of CEO and founder Ilya Sachkov and said that co-founder and CTO Dmitry Volkov will assume leadership of the company.
- September 28, 2021
28 Sep'21
Microsoft releases emergency Exchange Server mitigation tool
Microsoft turned its attention to organizations that are slower to patch by releasing an emergency mitigation tool as a temporary fix against current threats.
- September 28, 2021
28 Sep'21
Ransomware: Has the U.S. reached a tipping point?
The ransomware problem has grown more severe in recent years due to a growing number of attacks against large organizations and the standardization of double-extortion tactics.
- September 28, 2021
28 Sep'21
SolarWinds hackers Nobelium spotted using a new backdoor
Microsoft researchers believe Nobelium, the Russian-backed group that breached SolarWinds, has been using a backdoor tool called FoggyWeb since at least April.
- September 24, 2021
24 Sep'21
Spurned researcher posts trio of iOS zero days
An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details on three zero-day vulnerabilities in its iOS mobile platform.
- September 24, 2021
24 Sep'21
Cybersecurity leaders back law for critical infrastructure
In the wake of cyberattacks like Colonial Pipeline, U.S. senators want a national law requiring critical infrastructure companies to report cybersecurity incidents to CISA.
- September 23, 2021
23 Sep'21
Autodiscover flaw in Microsoft Exchange leaking credentials
Guardicore found that exploiting a design flaw in Autodiscover allowed it to capture more than 372,000 Windows domain credentials and nearly 97,000 unique application credentials.
- September 22, 2021
22 Sep'21
Turla deploying 'secondary' backdoor in state-sponsored attacks
Cisco Talos said hackers connected to the Russian APT Turla are using a new piece of malware to get persistent access on infected networks in the U.S., Germany and Afghanistan.
- September 22, 2021
22 Sep'21
Marcus & Millichap hit with possible BlackMatter ransomware
The real estate firm confirmed in a SEC filing this week that it had suffered a recent cyber attack but claimed there was no 'material disruption' to its business.
- September 22, 2021
22 Sep'21
Symantec: Staging activity observed on Exchange servers
Threat actors appear to be targeting Microsoft Exchange servers with pre-ransomware activity, including one attempt to exfiltrate data.
- September 21, 2021
21 Sep'21
Treasury Department sanctions cryptocurrency exchange Suex
In the ongoing battle against ransomware attacks, the Treasury Department sanctioned Suex, a cryptocurrency exchange accused of laundering ransom payments.
- September 20, 2021
20 Sep'21
Italian Mafia implicated in massive cybercrime network
A recent spate of phishing attacks and SMS fraud scams in Spain is being blamed on cybercriminals who were operating from the Canary Islands with backing from the Italian mob.
- September 20, 2021
20 Sep'21
Microsoft details 'OMIGOD' Azure vulnerability fixes, threats
Microsoft fixed the open source OMI software during last week's Patch Tuesday, but the tech giant has struggled to get the updated agents to Azure customers.
- September 16, 2021
16 Sep'21
Bitdefender releases REvil universal ransomware decryptor
The REvil decryptor key helps victims recover their encrypted files, as long as the attacks were made before July 13, which is when REvil went off the grid for two months.
- September 16, 2021
16 Sep'21
ExpressVPN stands behind CIO named in UAE hacking scandal
ExpressVPN said it will not cut ties with CIO Daniel Gericke, who was implicated by the DOJ in state-sponsored hacking on behalf of the United Arab Emirates government.
- September 15, 2021
15 Sep'21
‘OMIGOD’ vulnerabilities put Azure customers at risk
OMI, the software agent at the center of a remote code execution flaw, is "just one example" of silent, pre-installed software in cloud environments, according to one researcher.
- September 15, 2021
15 Sep'21
McAfee discovers Chinese APT campaign 'Operation Harvest'
McAfee Enterprise found the threat actors had not only breached a company's network, but had spent 'multiple years' siphoning data from the victim before getting caught.
- September 14, 2021
14 Sep'21
Google patches actively exploited Chrome zero-days
Two more vulnerabilities in Google's web browser joined a growing list of Chrome zero-days that have been actively exploited in the wild this year.
- September 14, 2021
14 Sep'21
SolarWinds CEO: Breach transparency 'painful' but necessary
SolarWinds CEO Sudhakar Ramakrishna discusses his company's ongoing breach investigation, shares lessons learned from the attack and cautions IT pros on zero trust.
- September 14, 2021
14 Sep'21
Apple patches zero-day, zero-click NSO Group exploit
The Citizen Lab said that it found the Apple zero-day vulnerability when it was 'analyzing the phone of a Saudi activist infected with NSO Group's Pegasus spyware.'
- September 13, 2021
13 Sep'21
Hackers port Cobalt Strike attack tool to Linux
An unknown group of cybercriminals has created a version of the Windows-only Cobalt Strike Beacon tool that works against Linux machines, which has been used in recent attacks.
- September 13, 2021
13 Sep'21
Tenable acquires cloud security startup Accurics for $160M
The acquisition will be Tenable's first expansion into securing infrastructure as code, as it makes a push to identify and fix flaws in cloud-native software.
- September 09, 2021
09 Sep'21
'Azurescape': New Azure vulnerability fixed by Microsoft
The Azure Container Instances vulnerability would have allowed malicious actors to execute code on other customers' containers, but there have been no reports of exploitation.
- September 08, 2021
08 Sep'21
Microsoft zero-day flaw exploited in the wild
Microsoft and the Cybersecurity and Infrastructure Security Agency have issued advisories warning users to mitigate against a zero-day flaw, as no patch has been released.
- September 08, 2021
08 Sep'21
CrowdStrike threat report: Breakout time decreased 67% in 2021
CrowdStrike's latest research shows threat actors have reduced the time it takes for them to move laterally in victim environments, thanks in part to ransomware as a service.
- September 07, 2021
07 Sep'21
ProxyShell attacks ramping up on unpatched Exchange Servers
Security experts say active attacks on the series of Microsoft Exchange Server flaws, which can be chained to take control of servers, are already being launched in the wild.
- September 02, 2021
02 Sep'21
FTC drops the hammer on SpyFone for privacy violations
The FTC has decried SpyFone, a remote tracking app for mobile phones, as stalkerware and ordered it to notify all individuals who were tracked by the app.
- September 02, 2021
02 Sep'21
Accellion-related breach disclosures continue to unfold
Beaumont Health disclosed some patient data was exposed through an attack on Accellion's FTA product, nine months after the attack on the legacy file transfer software occurred.
- September 02, 2021
02 Sep'21
Autodesk targeted in SolarWinds hack
Autodesk said in its 10-Q filing released Wednesday that it believes 'no customer operations or Autodesk products were disrupted' in the SolarWinds supply chain attack.
- September 01, 2021
01 Sep'21
Atlassian Confluence flaw under active attack
Administrators are advised to patch immediately after security experts confirmed mass scanning and exploits against a critical remote code execution vulnerability.
- September 01, 2021
01 Sep'21
Beware of proxyware: Connection-sharing services pose risks
Cisco Talos warns that sharing internet connections with random people via third-party app like Honeygain and Peer2Profit could lead to malware installations and other threats.
- August 31, 2021
31 Aug'21
SEC sanctions financial firms for cybersecurity failures
Three financial services firms were charged with failing to implement proper cybersecurity policies after cyber attacks led to the exposure of customer data.
- August 31, 2021
31 Aug'21
College students targeted by money mule phishing techniques
Back to fool: University students with little security training are being targeted by Nigerian scammers to move fraudulent funds with the lure of quick bucks and flexible hours.
- August 30, 2021
30 Aug'21
New 'ProxyToken' Exchange Server vulnerability disclosed
The Exchange Server vulnerability could allow an attacker 'to copy all emails addressed to a target and account and forward them to an account controlled by the attacker.'
- August 27, 2021
27 Aug'21
Researchers discover critical flaw in Azure Cosmos DB
Wiz security researchers found a new attack vector in Microsoft Azure, which if exploited could allow an attacker to gain access to customers primary keys.
- August 27, 2021
27 Aug'21
T-Mobile offers details of data breach that affected 40M
According to T-Mobile, the hackers who stole its customer database had knowledge of the company's network and testing setup. The hack was a carefully planned network breach.
- August 26, 2021
26 Aug'21
Private sectors pledge big for cyberdefense
Tech giants have invested billions to address cybersecurity threats such as supply chain security and attacks on critical infrastructures.
- August 26, 2021
26 Aug'21
Microsoft finally issues ProxyShell security advisory
The ProxyShell advisory includes a call to patch, as well as details on which Exchange servers are vulnerable. In short: Those without the May security update are unprotected.
- August 26, 2021
26 Aug'21
Risk & Repeat: ProxyShell problems mount
CISA warned threat actors have begun exploiting the dangerous ProxyLogon flaws, but tens of thousands of vulnerable Microsoft Exchange servers remain online.
- August 25, 2021
25 Aug'21
Bugs aplenty as VMware, Cisco and F5 drop security updates
Two critical updates from Cisco, remote code execution flaws in F5's Big-IP, and a half-dozen VMware security holes are among the more pressing issues for admins to address.
- August 25, 2021
25 Aug'21
HackerOne launches AWS certification paths, pen testing service
A select group of penetration testers in HackerOne's community will be able to obtain three AWS certifications, including the Security - Specialty certification.
- August 24, 2021
24 Aug'21
4 emerging ransomware groups take center stage
Four ransomware operations -- AvosLocker, Hive, HelloKitty and LockBit 2.0 -- have popped up on the radar of researchers with Palo Alto Network's Unit 42 team.
- August 23, 2021
23 Aug'21
CISA: ProxyShell flaws being actively exploited, patch now
Security researchers weighed in with evidence of ProxyShell exploitation by threat actors using malicious web shells and a new ransomware variant called 'LockFile.'
- August 19, 2021
19 Aug'21
CISA offers ransomware response guidelines to organizations
In its new ransomware prevention and response guide, CISA 'strongly discourages paying a ransom,' citing the potential to embolden threat actors and fund illicit activity.
- August 18, 2021
18 Aug'21
T-Mobile breach exposes data for more than 40M people
The telecom giant confirmed reports that its network was breached by a threat actor who stole personal data on more than 40 million current, former and prospective customers.
- August 18, 2021
18 Aug'21
Mandiant, CISA warn of critical ThroughTek IoT bug
Mandiant warns the vulnerability, which could affect more than 80 million IoT devices, poses a huge risk to end users' security and privacy and should be mitigated appropriately.
- August 17, 2021
17 Aug'21
Many Exchange servers still vulnerable to ProxyLogon, ProxyShell
Tens of thousands of Exchange servers are still vulnerable to ProxyLogon and ProxyShell, and security researchers estimate honeypots represent only a small slice of those systems.
- August 17, 2021
17 Aug'21
Palo Alto Networks: Personal VPNs pose risks to enterprises
Researchers from Palo Alto Networks published a new report detailing the risks that personal VPNs pose to enterprise networks, including evasion tactics to bypass firewalls.
- August 16, 2021
16 Aug'21
FBI watchlist exposed by misconfigured Elasticsearch cluster
A terrorist watchlist was found in an exposed database, and security researcher Bob Diachenko says there is no way of knowing just how long it was open to the public.
- August 13, 2021
13 Aug'21
New ransomware crew hammers on PrintNightmare bugs
PrintNightmare, the Microsoft print spooler flaws patched in July, is the favorite target for a new ransomware group known as Vice Society, according to Cisco Talos.
- August 12, 2021
12 Aug'21
Months after the Accellion breach, more victims emerge
The Accellion breach occurred last December, but more victims have come to light in recent weeks as investigations, notifications and disclosures stretch on through the summer.
- August 12, 2021
12 Aug'21
Microsoft discloses new print spooler flaw without patch
The latest flaw in Windows print spooler software, which has yet to be patched, comes weeks after the PrintNightmare vulnerability and other related bugs.
- August 11, 2021
11 Aug'21
Accenture responds to LockBit ransomware attack
The LockBit ransomware crew claims to have stolen data from IT services and consulting giant Accenture, but the company said no customer systems were affected in the attack.
- August 11, 2021
11 Aug'21
NortonLifeLock and Avast joining forces in $8 billion merger
The combined company from NortonLifeLock and Avast will be dual-headquartered in Arizona and Prague, and will serve 500 million users, including 40 million direct customers.
- August 11, 2021
11 Aug'21
Hackers selling access to breached networks for $10,000
Network access is a closely-guarded commodity in underground hacker forums, with some sellers not even revealing the names of their victims until money has changed hands.
- August 09, 2021
09 Aug'21
'ProxyShell' Exchange bugs resurface after presentation
A critical vulnerability in Microsoft Exchange is once again making the rounds with attackers, following a Black Hat presentation from the researcher who found it.
- August 09, 2021
09 Aug'21
Transparency after a cyber attack: How much is too much?
Sharing threat intelligence and proof-of-concept exploits can often help other organizations better defend themselves, but such efforts are hampered by obstacles and restrictions.
- August 05, 2021
05 Aug'21
Apple's M1 silicon brings new challenges for malware defenders
Noted security researcher Patrick Wardle told Black Hat 2021 attendees that catching malware attacks on new macOS systems requires learning the subtleties of ARM64 architecture.
- August 05, 2021
05 Aug'21
Researchers argue action bias hinders incident response
A Black Hat 2021 session focused on the human instinct to act immediately after a cyber attack and how that can negatively impact incident response.
- August 05, 2021
05 Aug'21
CISA director announces 'Joint Cyber Defense Collaborative'
The Joint Cyber Defense Collaborative, or JCDC, is a partnership between the public and private sectors to create and implement comprehensive national cybersecurity plans.
- August 05, 2021
05 Aug'21
Hackers build a better timing attack to crack encryption keys
A new technique for cracking encryption keys can overcome the limitations of popular timing attacks by analyzing network packets, according to researchers at Black Hat 2021.
- August 05, 2021
05 Aug'21
Mandiant: Microsoft 365 the 'Holy Grail' for nation-state hackers
Mandiant researchers discussed mailbox compromises, app registration abuse and new extensions of the Golden SAML attack technique against Microsoft 365 at Black Hat 2021.
- August 04, 2021
04 Aug'21
Researchers crack new Let's Encrypt validation feature
Multiperspective validation can be thwarted with a traffic-throttling technique that could lead to attackers obtaining digital certificates for domains they don't own.
- August 04, 2021
04 Aug'21
Matt Tait warns of 'stolen' zero-day vulnerabilities
During Black Hat 2021, the COO of Corellium discussed three main threats that have ramped up: stolen zero days, zero days being exploited in the wild and supply chain attacks.
- August 04, 2021
04 Aug'21
Supply chain attacks, IoT threats on tap for Black Hat 2021
Industry analysts say that evolving threats, real-world impacts and supply chain attacks will be among their hot topics at this year's Black Hat 2021 conference.
- August 04, 2021
04 Aug'21
14 flaws in NicheStack put critical infrastructure at risk
The vulnerability disclosure process for Infra:Halt, a set of flaws impacting critical infrastructure, took nearly a year, due to the nature of supply chain vulnerabilities.
- August 02, 2021
02 Aug'21
Hospitals at risk from security flaws in pneumatic tube systems
Researchers at IoT security vendor Armis said the nine critical vulnerabilities affect the pneumatic tube systems used by many hospitals in North America.
- July 29, 2021
29 Jul'21
Kaspersky tracks Windows zero days to 'Moses' exploit author
In its second-quarter threat report, Kaspersky Lab found a rise in the use of exploits and zero-day vulnerabilities, several of which were traced to a single threat actor.
- July 28, 2021
28 Jul'21
CISA unveils list of most targeted vulnerabilities in 2020
Attackers chased the headlines in 2020, going after the most publicized vulnerabilities in Citrix, Pulse Secure and Fortinet products, according to the U.S. government.
- July 28, 2021
28 Jul'21
New 'BlackMatter' ransomware gang has echoes of REvil
Although connections are being made between ransomware groups REvil and BlackMatter, the jury is still out on whether they have threat actors in common.
- July 27, 2021
27 Jul'21
Open source web app projects hailed for quickly patching bugs
Nine vulnerabilities in three popular open source SMB tools were cleaned up within 24 hours after Rapid7 reported the flaws to their development teams.
- July 27, 2021
27 Jul'21
Cybersecurity investments surge in 2021 as VCs go all in
Venture capital firms have flooded the cybersecurity market this year with investment dollars for young startups and established vendors alike. What's behind this surge?
- July 26, 2021
26 Jul'21
Coveware: Median ransomware payment down 40% in Q2 2021
Coveware CEO Bill Siegel said that the efficacy of using data leak threats to obtain ransomware payments has gone down because 'you don't get anything in return when you pay.'
- July 26, 2021
26 Jul'21
Gartner: 'Weaponized' operational tech poses grave danger
New research by Gartner analyst Wam Voster warns that while attacks in the IT world can lead to loss of information, attacks in the OT world can lead to loss of life.
- July 22, 2021
22 Jul'21
US Senate mulling bill on data breach notifications
The Senate Intelligence Committee introduced a bill that would require federal agencies and companies providing critical infrastructure to report network breaches to DHS.
- July 22, 2021
22 Jul'21
Risk & Repeat: Vulnerability patching still falling short
Many organizations still fail to patch critical vulnerabilities, even when they're under exploitation in the wild. What are the best ways to improve patching rates?
- July 22, 2021
22 Jul'21
Kaseya obtained ransomware decryptor from 'trusted third party'
Kaseya told SearchSecurity that for 'confidentiality reasons' it could only confirm that the ransomware decryptor came from a trusted third party and that it was helping customers.
- July 21, 2021
21 Jul'21
U.K. man arrested in connection with 2020 Twitter breach
A 22-year-old U.K. resident was arrested in Spain and will face extradition on charges related to a social engineering operation that netted big-name Twitter accounts.
- July 21, 2021
21 Jul'21
Hackers embrace 5-day workweeks, unpatched vulnerabilities
Bad guys are taking the weekends off too, according to Barracuda Networks, and old bugs that should have been patched months ago continue to be the most-targeted vulnerabilities.