Apr 03, 2023Ravie LakshmananArtificial Intelligence / Data Safety The Italian data protection watchdog, Garante per la Protezione dei Dati Personali (aka Garante), has imposed a temporary ban of OpenAI's ChatGPT service in the country, citing data protection concerns. To that end, it has ordered the company to stop processing users' data with immediate effect, stating it intends to investigate … [Read more...]
"It's The Service Accounts, Stupid": Why Do PAM Deployments Take (almost) Forever To Complete
Privileged Access Management (PAM) solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory, the PAM concept makes absolute sense: place admin credentials in a vault, rotate their passwords, and closely monitor their sessions. However, the harsh reality is that the vast majority of PAM projects either become a years-long project, or even come … [Read more...]
Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
Apr 03, 2023Ravie LakshmananUnited States A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker's main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in the clipboard for … [Read more...]
Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps
Apr 01, 2023Ravie LakshmananAzure / Active Directory Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several "high-impact" applications to unauthorized access. "One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch … [Read more...]
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Apr 01, 2023Ravie LakshmananCyber Attack / Vulnerability Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published … [Read more...]
Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!
Apr 01, 2023Ravie LakshmananWeb Security / Cyber Threat Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. "Improved code … [Read more...]
Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability
Mar 31, 2023Ravie LakshmananCyber Espionage / APT The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email … [Read more...]
Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam
Mar 31, 2023Ravie LakshmananCyber Crime / Hacking News The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union. The … [Read more...]
Deep Dive Into 6 Key Steps to Accelerate Your Incident Response
Mar 31, 2023The Hacker NewsWebinar / Incident response Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize damage. They also aim to avoid follow on attacks or future related incidents. The SANS Institute provides research and education on information security. In the upcoming webinar, we'll outline, in detail, … [Read more...]
3CX Supply Chain Attack — Here's What We Know So Far
Mar 31, 2023Ravie LakshmananCyber Threat / Supply Chain Attack Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS. The company said it's engaging the … [Read more...]
Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX
Mar 30, 2023Ravie LakshmananCloud Security / Vulnerability Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed "Super FabriXss" by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) that was fixed by … [Read more...]
Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor
Mar 30, 2023Ravie LakshmananEndpoint Security / Malware A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally," Recorded Future told … [Read more...]
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices
Mar 30, 2023Ravie LakshmananNetwork Security A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, … [Read more...]
Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration
Mar 30, 2023The Hacker NewsData Security / Encryption Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. "Multi-cloud by design," and its companion the supercloud, is an ecosystem in which several cloud systems work together to provide many organizational benefits, including increased scale and overall resiliency.And … [Read more...]
AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services
Mar 30, 2023Ravie LakshmananCloud Security / Cyber Threat A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services, unsuitable for crypto mining, in order to … [Read more...]
3CX Desktop App Targeted in Supply Chain Cyber Attack, Affecting Millions of Users
Mar 30, 2023Ravie LakshmananSupply Chain / Software Security 3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers. "The trojanized 3CX desktop … [Read more...]
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
Mar 29, 2023Ravie LakshmananZero-Day / Mobile Security A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group (TAG) has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap between the release of a fix and when it was … [Read more...]
Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups
Mar 29, 2023Ravie LakshmananLinux / Cyber Threat An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mélofée. One of the artifacts is designed to drop a kernel-mode rootkit that's … [Read more...]
Smart Mobility has a Blindspot When it Comes to API Security
The emergence of smart mobility services and applications has led to a sharp increase in the use of APIs in the automotive industry. However, this increased reliance on APIs has also made them one of the most common attack vectors. According to Gartner, APIs account for 90% of the web application attack surface areas. With no surprise, similar trends are emerging also in the smart mobility space. … [Read more...]
How to Build a Research Lab for Reverse Engineering — 4 Ways
Malware analysis is an essential part of security researcher's work. But working with malicious samples can be dangerous — it requires specialized tools to record their activity, and a secure environment to prevent unintended damage. However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we'll look at 4 ways to create a reverse … [Read more...]
- « Previous Page
- 1
- …
- 91
- 92
- 93
- 94
- 95
- …
- 105
- Next Page »