The U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities Catalog to include a recently disclosed zero-day flaw in the Zimbra email platform citing evidence of active exploitation in the wild. Tracked as CVE-2022-24682 (CVSS score: 6.1), the issue concerns a cross-site scripting (XSS) vulnerability in the Calendar feature in Zimbra
Monday, 28 February 2022
CISA Warns of High-Severity Flaws in Schneider and GE Digital's SCADA Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system (ICS) advisory related to multiple vulnerabilities impacting Schneider Electric's Easergy medium voltage protection relays. "Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to
Reborn of Emotet: New Features of the Botnet and How to Detect it
One of the most dangerous and infamous threats is back again. In January 2021, global officials took down the botnet. Law enforcement sent a destructive update to the Emotet's executables. And it looked like the end of the trojan's story. But the malware never ceased to surprise. November 2021, it was reported that TrickBot no longer works alone and delivers Emotet. And ANY.RUN with colleagues
Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures
Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol. The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security's co-founder Fabian Bräunlein said in a deep-dive
Sunday, 27 February 2022
Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API
An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with "simple" backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021. Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it's tracking under the moniker UNC3313, which it assesses with "moderate
Beware of charity scams exploiting war in Ukraine
Looking to help people in Ukraine? Donate wisely – do your research first so you give without getting scammed
The post Beware of charity scams exploiting war in Ukraine appeared first on WeLiveSecurity
SockDetour Found As A Backup Backdoor In TiltedTemple APT Campaign
Researchers have found a new tactic from threat actors to ensure continued access to compromised…
SockDetour Found As A Backup Backdoor In TiltedTemple APT Campaign on Latest Hacking News.
Microsoft Defender For Cloud Now Supports Google Cloud
Microsoft has recently announced support for securing Google Cloud Projects with its Defender for Cloud.…
Microsoft Defender For Cloud Now Supports Google Cloud on Latest Hacking News.
Saturday, 26 February 2022
Horde Webmail XSS Vulnerability Allows for Account Takeover
A severe vulnerability riddled the free browser-based groupware Horde Webmail allowing account takeovers. Despite the…
Horde Webmail XSS Vulnerability Allows for Account Takeover on Latest Hacking News.
Xenomorph Banking Trojan Garnered 50K Downloads On Play Store
A new banking malware targeted thousands of Android users after appearing on the Google Play…
Xenomorph Banking Trojan Garnered 50K Downloads On Play Store on Latest Hacking News.
Social Media Hijacking Malware Spreading Through Gaming Apps on Microsoft Store
A new malware capable of controlling social media accounts is being distributed through Microsoft's official app store in the form of trojanized gaming apps, infecting more than 5,000 Windows machines in Sweden, Bulgaria, Russia, Bermuda, and Spain. Israeli cybersecurity company Check Point dubbed the malware "Electron Bot," in reference to a command-and-control (C2) domain used in recent
Friday, 25 February 2022
Russia-Ukraine War: Phishing, Malware and Hacker Groups Taking Sides
Ukraine's Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia's military invasion of the country. "Mass phishing emails have recently been observed targeting private 'i.ua' and 'meta.ua' accounts of Ukrainian military personnel and related
Week in security with Tony Anscombe
HermeticWiper takes aim at Ukraine – The climate solutions we need to transform society – Preventing kids from getting involved in cybercrime
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
The past is present: Riffing on a cybersecurityappropriate tune for Black History Month
What can social movements of the past teach you about the future – and about protecting your digital self?
The post The past is present: Riffing on a cybersecurityappropriate tune for Black History Month appeared first on WeLiveSecurity
Thursday, 24 February 2022
Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure
The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its imminent retirement amid a lull in its activity for almost two months, marking an end to one of the most persistent malware campaigns in recent years. "TrickBot is gone... It is official now as of Thursday, February 24, 2022. See you soon... or not," AdvIntel's
New Flaws Discovered in Cisco's Network Operating System for Switches
Cisco has released software updates to address four security vulnerabilities in its software that could be weaponized by malicious actors to take control of affected systems. The most critical of the flaws is CVE-2022-20650 (CVSS score: 8.8), which relates to a command injection flaw in the NX-API feature of Cisco NX-OS Software that stems from a lack of sufficient input validation of
HermeticWiper: New data‑wiping malware hits Ukraine
Hundreds of computers in Ukraine compromised just hours after a wave of DDoS attacks brings down a number of Ukrainian websites
The post HermeticWiper: New data‑wiping malware hits Ukraine appeared first on WeLiveSecurity
Extensis Portfolio Vulnerability Could Allow Remote Code Execution
Researchers have recently disclosed details about multiple security vulnerabilities in Extensis Portfolio software. These include…
Extensis Portfolio Vulnerability Could Allow Remote Code Execution on Latest Hacking News.
Everything You Need to Know About API Security in 2022
Application Programming Interfaces (APIs) are the core of today’s online world. From mobile applications to…
Everything You Need to Know About API Security in 2022 on Latest Hacking News.
US, UK Agencies Warn of New Russian Botnet Built from Hacked Firewall Devices
Intelligence agencies in the U.K. and the U.S. disclosed details of a new botnet malware called Cyclops Blink that's been attributed to the Russian-backed Sandworm hacking group and deployed in attacks dating back to 2019. "Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office (SOHO)
Wednesday, 23 February 2022
New Wiper Malware Targeting Ukraine Amid Russia's Military Operation
Cybersecurity firms ESET and Broadcom's Symantec said they discovered a new data wiper malware used in fresh attacks against hundreds of machines in Ukraine, as Russian forces formally launched a full-scale military operation against the country. The Slovak company dubbed the wiper "HermeticWiper" (aka KillDisk.NCV), with one of the malware samples compiled on December 28, 2021, implying that
Technology, Progress, and Climate
The climate solutions we need to transform every sector are here. The question is: what role will you play in this transformation? You, your community, your business, your government?
The post Technology, Progress, and Climate appeared first on WeLiveSecurity
The 7 critical backup strategy best practices to keep data safe
Globally hacking attempts are rising all over the world with governments having to issue notices…
The 7 critical backup strategy best practices to keep data safe on Latest Hacking News.
The Impact of Cybersecurity Fraud on Different Sectors
In the past few years, we have seen a dramatic increase in cybersecurity fraud and…
The Impact of Cybersecurity Fraud on Different Sectors on Latest Hacking News.
Multiple Vulnerabilities Found In Zabbix IT Monitoring Platform
Researchers have warned users of numerous security vulnerabilities in the Zabbix monitoring platform. Exploiting the…
Multiple Vulnerabilities Found In Zabbix IT Monitoring Platform on Latest Hacking News.
The Best Practices of Security Testing
As of early 2022, there’s one fact that cannot be stressed enough – we live…
The Best Practices of Security Testing on Latest Hacking News.
Tuesday, 22 February 2022
25 Malicious JavaScript Libraries Distributed via Official NPM Package Repository
Another batch of 25 malicious JavaScript libraries have made their way to the official NPM package registry with the goal of stealing Discord tokens and environment variables from compromised systems, more than two months after 17 similar packages were taken down. The libraries in question leveraged typosquatting techniques and masqueraded as other legitimate packages such as colors.js,
Teenage cybercrime: How to stop kids from taking the wrong path
It’s never too late to prevent children from being dragged to the dark side and to ensure their skills are a force for good
The post Teenage cybercrime: How to stop kids from taking the wrong path appeared first on WeLiveSecurity
Microsoft Rolled Out “Enhanced Security” Features With Edge 98
After announcing the “Super Duper Secure Mode” last year, the Redmond giant has now further…
Microsoft Rolled Out “Enhanced Security” Features With Edge 98 on Latest Hacking News.
Hackers Steal $1.7 Million Worth of NFTs from Customers of OpenSea Marketplace
Malicious actors took advantage of a smart contract upgrade process in the OpenSea NFT marketplace to carry out a phishing attack against 17 of its users that resulted in the theft of virtual assets worth about $1.7 million. NFTs, short for non-fungible tokens, are digital tokens that act like certificates of authenticity for, and in some cases represent ownership of, assets that range from
VPN for Streaming – Do You Need One?
When it comes to streaming, it is often suggested that you should use a VPN.…
VPN for Streaming – Do You Need One? on Latest Hacking News.
Chinese Hackers Target Taiwan's Financial Trading Sector with Supply Chain Attack
An advanced persistent threat (APT) group operating with objectives aligned with the Chinese government has been linked to an organized supply chain attack on Taiwan's financial sector. The attacks are said to have first commenced at the end of November 2021, with the intrusions attributed to a threat actor tracked as APT10, also known as Stone Panda, the MenuPass group, and Bronze Riverside,
Monday, 21 February 2022
Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike
Vulnerable internet-facing Microsoft SQL (MS SQL) Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not been patched, brute forcing, and dictionary attack against poorly managed servers," South Korean
Integer overflow: How does it occur and how can it be prevented?
Make no mistake, counting on a computer is not as easy as it may seem. Here’s what happens when a number gets “too big”.
The post Integer overflow: How does it occur and how can it be prevented? appeared first on WeLiveSecurity
A Free Solution to Protect Your Business from 6 Biggest Cyber Threats in 2022
For the last few years, the cybersecurity threat landscape has gotten progressively more complex and dangerous. The online world is now rife with data thieves, extortionists, and even state actors looking to exploit vulnerabilities in businesses' digital defenses. And unfortunately — the bad guys have the upper hand at the moment. Part of the reason for that is the fallout from the rapid
Vulnerability In UpdraftPlus WordPress Plugin Could Expose Backups
A severe vulnerability in the UpdraftPlus WordPress plugin could expose backups to subscribers. Thankfully, the…
Vulnerability In UpdraftPlus WordPress Plugin Could Expose Backups on Latest Hacking News.
Virtualization in Cloud Computing: Features and Benefits
The concept of virtualization took the IT industry by storm. Understanding virtualization in cloud computing…
Virtualization in Cloud Computing: Features and Benefits on Latest Hacking News.
Hackers Exploiting Infected Android Devices to Register Disposable Accounts
An analysis of SMS phone-verified account (PVA) services has led to the discovery of a rogue platform built atop a botnet involving thousands of infected Android phones, once again underscoring the flaws with relying on SMS for account validation. SMS PVA services, since gain prevalence in 2018, provide users with alternative mobile numbers that can be used to register for other online services
Sunday, 20 February 2022
New Unredacter Tool Extracts Text From Pixelized Images
Researchers have again proved why pixelation of images can be a bad idea to hide…
New Unredacter Tool Extracts Text From Pixelized Images on Latest Hacking News.
Squirrelwaffle Malware Loader Exploits Vulnerable Microsoft Exchange Servers
Researchers have found a new malware campaign exploiting vulnerable Microsoft Exchange Servers. The threat actors…
Squirrelwaffle Malware Loader Exploits Vulnerable Microsoft Exchange Servers on Latest Hacking News.
Brakeman – A Code Security Auditing Tool for Ruby
What is a Brakeman? in the 1800s a brakeman was a rail worker responsible for…
Brakeman – A Code Security Auditing Tool for Ruby on Latest Hacking News.
Saturday, 19 February 2022
Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm
Researchers have detailed what they call the "first successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content. "We were able to recover the master key for generating the file encryption key without the attacker's private key, by using a cryptographic vulnerability identified through analysis," a group of academics
Justice Department Appoints First Director of National Cryptocurrency Enforcement Team
The U.S. Department of Justice (DoJ) earlier this week appointed Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team (NCET) it established last year. The NCET was created to tackle the criminal misuse of cryptocurrencies and digital assets," with a focus on illegal activities in virtual currency exchanges, mixing and tumbling services, and money
Friday, 18 February 2022
U.S. Cybersecurity Agency Publishes List of Free Security Tools and Services
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday published a repository of free tools and services to enable organizations to mitigate, detect, and respond effectively to malicious attacks and further improve their security posture. The "Free Cybersecurity Services and Tools" resource hub comprises a mix of services provided by CISA, open-source utilities, and other
Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites
Patches have been issued to contain a "severe" security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site's private data using an account on the vulnerable sites. "All versions of UpdraftPlus from March 2019 onwards have contained a vulnerability caused by a missing permissions-level check, allowing untrusted users
Week in security with Tony Anscombe
What does progress in technology mean? – IRS makes a U-turn on facial recognition but questions remain – What retailers need to know about cyberthreats
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
5 Fail-Safe Ways to Back Up Your Data
When things go wrong, you need a dependable backup to save the day. There are…
5 Fail-Safe Ways to Back Up Your Data on Latest Hacking News.
New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager
Multiple security vulnerabilities have been disclosed in Canonical's Snap software packaging and deployment system, the most critical of which can be exploited to escalate privilege to gain root privileges. Snaps are self-contained application packages that are designed to work on operating systems that use the Linux kernel and can be installed using a tool called snapd. <!--adsense--> Tracked
Thursday, 17 February 2022
Iranian Hackers Targeting VMware Horizon Log4j Flaws to Deploy Ransomware
A "potentially destructive actor" aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware. Cybersecurity firm SentinelOne dubbed the group "TunnelVision" owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker Phosphorus
4 Cloud Data Security Best Practices All Businesses Should Follow Today
These days, businesses all around the world have come to depend on cloud platforms for a variety of mission-critical workflows. They keep their CRM data in the cloud. They process their payrolls in the cloud. They even manage their HR processes through the cloud. And all of that means they're trusting the bulk of their privileged business data to those cloud providers, too. And while most major
Attackers Can Crash Cisco Email Security Appliances by Sending Malicious Emails
Cisco has released security updates to contain three vulnerabilities affecting its products, including one high-severity flaw in its Email Security Appliance (ESA) that could result in a denial-of-service (DoS) condition on an affected device. The weakness, assigned the identifier CVE-2022-20653 (CVSS score: 7.5), stems from a case of insufficient error handling in DNS name resolution that could
Another Critical RCE Discovered in Adobe Commerce and Magento Platforms
Adobe on Thursday updated its advisory for an actively exploited zero-day affecting Adobe Commerce and Magento Open Source to patch a newly discovered flaw that could be weaponized to achieve arbitrary code execution. <!--adsense--> Tracked as CVE-2022-24087, the issue – like CVE-2022-24086 – is rated 9.8 on the CVSS vulnerability scoring system and relates to an "Improper Input Validation" bug
Google Bringing Privacy Sandbox to Android to Limit Sharing of User Data
Google on Wednesday announced plans to bring its Privacy Sandbox initiatives to Android in a bid to expand its privacy-focused, but also less disruptive, advertising technology beyond the desktop web. To that end, the internet giant said it will work towards building solutions that prevent cross-app tracking Ă la Apple's App Tracking Transparency (ATT) framework, effectively limiting sharing of
Getting Your SOC 2 Compliance as a SaaS Company
If you haven't heard of the term, you will soon enough. SOC 2, meaning System and Organization Controls 2, is an auditing procedure developed by the American Institute of CPAs (AICPA). Having SOC 2 compliance means you have implemented organizational controls and practices that provide assurance for the safeguarding and security of client data. In other words, you have to show (e.g., document
This New Tool Can Retrieve Pixelated Text from Redacted Documents
The practice of blurring out text using a method called pixelation may not be as secure as previously thought. While the most foolproof way of concealing sensitive textual information is to use opaque black bars, other redaction methods like pixelation can achieve the opposite effect, enabling the reversal of pixelized text back into its original form. Dan Petro, a lead researcher at offensive
Researchers Warn of a New Golang-based Botnet Under Continuous Development
Cybersecurity researchers have unpacked a new Golang-based botnet called Kraken that's under active development and features an array of backdoor capabilities to siphon sensitive information from compromised Windows hosts. "Kraken already features the ability to download and execute secondary payloads, run shell commands, and take screenshots of the victim's system," threat intelligence firm
Wednesday, 16 February 2022
Moses Staff Hackers Targeting Israeli Organizations for Cyber Espionage
The politically motivated Moses Staff hacker group has been observed using a custom multi-component toolset with the goal of carrying out espionage against its targets as part of a new campaign that exclusively singles out Israeli organizations. First publicly documented in late 2021, Moses Staff is believed to be sponsored by the Iranian government, with attacks reported against entities in
U.S. Says Russian Hackers Stealing Sensitive Data from Defense Contractors
State-sponsored actors backed by the Russian government regularly targeted the networks of several U.S. cleared defense contractors (CDCs) to acquire proprietary documents and other confidential information pertaining to the country's defense and intelligence programs and capabilities. The sustained espionage campaign is said to have commenced at least two years ago from January 2020, according
Folding the impossible into the reality of normal life
Progress is a driving force of humanity, but what does that word “progress” really mean and what part do we have to play?
The post Folding the impossible into the reality of normal life appeared first on WeLiveSecurity
Best Tech Jobs In the UK
The tech and IT industry in the UK are currently booming, with some of the…
Best Tech Jobs In the UK on Latest Hacking News.
8 Ways to Secure Your Home Wi-Fi Network
With increases in data breaches and online theft, it has become more important than ever…
8 Ways to Secure Your Home Wi-Fi Network on Latest Hacking News.
EU Data Protection Watchdog Calls for Ban on Pegasus-like Commercial Spyware
The European Union's data protection authority on Tuesday called for a ban on the development and the use of Pegasus-like commercial spyware in the region, calling out the technology's "unprecedented level of intrusiveness" that could endanger users' right to privacy. "Pegasus constitutes a paradigm shift in terms of access to private communications and devices, which is able to affect the very
Tuesday, 15 February 2022
High-Severity RCE Security Bug Reported in Apache Cassandra Database Software
Researchers have revealed details of a now-patched high-severity security vulnerability in Apache Cassandra that, if left unaddressed, could be abused to gain remote code execution on affected installations. "This Apache security vulnerability is easy to exploit and has the potential to wreak havoc on systems, but luckily only manifests in non-default configurations of Cassandra," Omer Kaspi,
Facebook Agrees to Pay $90 Million to Settle Decade-Old Privacy Violation Case
Meta Platforms has agreed to pay $90 million to settle a lawsuit over the company's use of cookies to allegedly track Facebook users' internet activity even after they had logged off from the platform. In addition, the social media company will be required to delete all of the data it illegally collected from those users. The development was first reported by Variety. <!--adsense--> The
Questions linger after IRS’s about‑face on facial recognition
Why would a tax agency contractor’s privacy policy mention collecting information about my Facebook friends?
The post Questions linger after IRS’s about‑face on facial recognition appeared first on WeLiveSecurity
Log4j Vulnerabilities: What Are They, and Are You at Risk?
More businesses are concerned about their cybersecurity. It shouldn’t come as a surprise, considering the…
Log4j Vulnerabilities: What Are They, and Are You at Risk? on Latest Hacking News.
SecLists – A Pentester’s BFF
SecLists is a pentesting tool used by security professionals around the globe, it contains various…
SecLists – A Pentester’s BFF on Latest Hacking News.
Latest Kali Linux 2022.1 Version Arrives With “Everything” Flavor And More
Heads up, Kali users! The latest version of Kali Linux has just arrived with lots…
Latest Kali Linux 2022.1 Version Arrives With “Everything” Flavor And More on Latest Hacking News.
Experts Warn of Hacking Group Targeting Aviation and Defense Sectors
Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems. The use of commodity malware such as AsyncRAT and NetWire, among others, has led enterprise security firm
New MyloBot Malware Variant Sends Sextortion Emails Demanding $2,732 in Bitcoin
A new version of the MyloBot malware has been observed to deploy malicious payloads that are being used to send sextortion emails demanding victims to pay $2,732 in digital currency. MyloBot, first detected in 2018, is known to feature an array of sophisticated anti-debugging capabilities and propagation techniques to rope infected machines into a botnet, not to mention remove traces of other
Monday, 14 February 2022
New Chrome 0-Day Bug Under Active Attack – Update Your Browser ASAP!
Google on Monday rolled out fixes for eight security issues in the Chrome web browser, including a high-severity vulnerability that's being actively exploited in real-world attacks, marking the first zero-day patched by the internet giant in 2022. The shortcoming, tracked CVE-2022-0609, is described as a use-after-free vulnerability in the Animation component that, if successfully exploited,
From the back office to the till: Cybersecurity challenges facing global retailers
How well retailers can manage the surge in cyberthreats may be crucial for their prospects in a post‑pandemic world
The post From the back office to the till: Cybersecurity challenges facing global retailers appeared first on WeLiveSecurity
Zero-Day Bugs Spotted In Nooie Baby Monitors
Researchers have found numerous bugs affecting Nooie baby monitors. Exploiting the zero-day bugs allows an…
Zero-Day Bugs Spotted In Nooie Baby Monitors on Latest Hacking News.
Adobe Warns Users Of A Critical Magento Zero-Day Vulnerability Under Attack
Adobe has just fixed a critical zero-day bug in the Magento platform, alerting users to…
Adobe Warns Users Of A Critical Magento Zero-Day Vulnerability Under Attack on Latest Hacking News.
Apple Patched A Zero-Day Under Attack With iOS 15.3.1
Weeks after releasing the major iOS update 15.3, Apple has released another update. It turns…
Apple Patched A Zero-Day Under Attack With iOS 15.3.1 on Latest Hacking News.
Spanish Police Arrest SIM Swappers Who Stole Money from Victims Bank Accounts
Spain's National Police Agency, the PolicĂa Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing
Critical Security Flaws Reported in Moxa MXview Network Management Software
Technical details have been disclosed regarding a number of security vulnerabilities affecting Moxa's MXview web-based network management system, some of which could be chained by an unauthenticated adversary to achieve remote code execution on unpatched servers. The five security weaknesses "could allow a remote, unauthenticated attacker to execute code on the hosting machine with the highest
Sunday, 13 February 2022
Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released
Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring system and has been characterized as an "improper input validation" issue that could be weaponized to
Critical Code Execution Bugs Found In PHP Everywhere WordPress Plugin
Researchers discovered a number of severe security bugs leading to code execution in the WordPress…
Critical Code Execution Bugs Found In PHP Everywhere WordPress Plugin on Latest Hacking News.
Saturday, 12 February 2022
Signal App Launches Change Number Feature While Retaining Old Data
Continuing their steps towards a better customer experience, the Signal app now brings the “change…
Signal App Launches Change Number Feature While Retaining Old Data on Latest Hacking News.
Friday, 11 February 2022
Week in security with Tony Anscombe
New ESET Threat Report is out – How dark web services are moving to common apps and services – Leave romance scammers high and dry
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
When love hurts: Watch out for romance scams this Valentine’s Day
Don’t be the next victim – spot the signs of a faux romance in time and send that scammer ‘packing’
The post When love hurts: Watch out for romance scams this Valentine’s Day appeared first on WeLiveSecurity
How Does a WAF detect and respond to attacks?
Nowadays a web application firewall should be an essential part of every business’s infrastructure. This…
How Does a WAF detect and respond to attacks? on Latest Hacking News.
Thursday, 10 February 2022
France Rules That Using Google Analytics Violates GDPR Data Protection Law
French data protection regulators on Thursday found the use of Google Analytics a breach of the European Union's General Data Protection Regulation (GDPR) laws in the country, almost a month after a similar decision was reached in Austria. To that end, the National Commission on Informatics and Liberty (CNIL) ruled that the transatlantic movement of Google Analytics data to the U.S. is not "
Hidden in plain sight: How the dark web is spilling onto social media
A trip into the dark corners of Telegram, which has become a magnet for criminals peddling everything from illegal drugs to fake money and COVID-19 vaccine passes
The post Hidden in plain sight: How the dark web is spilling onto social media appeared first on WeLiveSecurity
Malicious QR Codes Flood Twitter To Deliver a Malicious Chrome Extension
A security researcher has discovered an odd malware campaign flooding Twitter. The threat actors have…
Malicious QR Codes Flood Twitter To Deliver a Malicious Chrome Extension on Latest Hacking News.
FritzFrog P2P Botnet Attacking Healthcare, Education and Government Sectors
A peer-to-peer Golang botnet has resurfaced after more than a year to compromise servers belonging to entities in the healthcare, education, and government sectors within a span of a month, infecting a total of 1,500 hosts. Dubbed FritzFrog, "the decentralized botnet targets any device that exposes an SSH server — cloud instances, data center servers, routers, etc. — and is capable of running
COVID Does Not Spread to Computers
"…well, of course!" is what you might think. It's a biological threat, so how could it affect digital assets? But hang on. Among other effects, this pandemic has brought about a massive shift in several technological areas. Not only did it force numerous organizations - that up to now were reluctant - to gear up in cyber to go digital, all at once, oftentimes with hastily pieced together
CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks
Cybersecurity authorities from Australia, the U.K., and the U.S. have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021. The incidents singled out a broad range of sectors, including defense, emergency services, agriculture, government facilities, IT, healthcare, financial
Wednesday, 9 February 2022
Russia Cracks Down on 4 Dark Web Marketplaces for Stolen Credit Cards
A special law enforcement operation undertaken by Russia has led to the seizure and shutdown of four online bazaars that specialized in the theft and sales of stolen credit cards, as the government continues to take active measures against harboring cybercriminals on its territory. To that end, the domains operated by the card fraud forms and marketplaces, Ferum Shop, Sky-Fraud, Trump's Dumps,
Critical RCE Flaws in 'PHP Everywhere' Plugin Affect Thousands of WordPress Sites
Critical security vulnerabilities have been disclosed in a WordPress plugin known as PHP Everywhere that's used by more than 30,000 websites worldwide and could be abused by an attacker to execute arbitrary code on affected systems. PHP Everywhere is used to flip the switch on PHP code across WordPress installations, enabling users to insert and execute PHP-based code in the content management
ESET Threat Report T3 2021
A view of the T3 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The post ESET Threat Report T3 2021 appeared first on WeLiveSecurity
“Merry-Maker” Card Skimmer Scanner Tool Released As Open Source
To contain the rising incidents of web skimming attacks on e-stores, Target has released its…
“Merry-Maker” Card Skimmer Scanner Tool Released As Open Source on Latest Hacking News.
Researchers Found Zimbra Zero-Day XSS Vulnerability Under Attack
Researchers have found active phishing campaigns exploiting a zero-day vulnerability in the Zimbra email platform.…
Researchers Found Zimbra Zero-Day XSS Vulnerability Under Attack on Latest Hacking News.
Microsoft February Patch Tuesday Addresses 51 Bugs Including A Zero-Day
As scheduled, the monthly Patch Tuesday updates from Microsoft have arrived for February containing a…
Microsoft February Patch Tuesday Addresses 51 Bugs Including A Zero-Day on Latest Hacking News.
U.S. Arrests Two and Seizes $3.6 Billion Cryptocurrency Stolen in 2016 Bitfinex Hack
The U.S. Justice Department (DoJ) on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, are alleged to have "stolen funds through a labyrinth of cryptocurrency
Guide: Alert Overload and Handling for Lean IT Security Teams
Alarming research reveals the stress and strains the average cybersecurity team experiences on a daily basis. As many as 70% of teams report feeling emotionally overwhelmed by security alerts. Those alerts come at such high volume, high velocity, and high intensity that they become an extreme source of stress. So extreme, in fact, that people's home lives are negatively affected. Alert overload
Iranian Hackers Using New Marlin Backdoor in 'Out to Sea' Espionage Campaign
An advanced persistent threat (APT) group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part of a long-running espionage campaign that started in April 2018. Slovak cybersecurity company ESET attributed the attacks — code named Out to Sea — to a threat actor called OilRig (aka APT34), while also conclusively connecting its activities to a second
Russian APT Hackers Used COVID-19 Lures to Target European Diplomats
The Russia-linked threat actor known as APT29 targeted European diplomatic missions and Ministries of Foreign Affairs as part of a series of spear-phishing campaigns mounted in October and November 2021. According to ESET's T3 2021 Threat Report shared with The Hacker News, the intrusions paved the way for the deployment of Cobalt Strike Beacon on compromised systems, followed by leveraging the
Tuesday, 8 February 2022
Microsoft and Other Major Software Firms Release February 2022 Patch Updates
Microsoft on Tuesday rolled out its monthly security updates with fixes for 51 vulnerabilities across its software line-up consisting of Windows, Office, Teams, Azure Data Explorer, Visual Studio Code, and other components such as Kernel and Win32k. Among the 51 defects closed, 50 are rated Important and one is rated Moderate in severity, making it one of the rare Patch Tuesday updates without
US: Your AI has to explain its decisions
No more turning a blind eye to algorithmic bias and discrimination if US lawmakers get their way
The post US: Your AI has to explain its decisions appeared first on WeLiveSecurity
Palestinian Hackers Use New NimbleMamba Implant in Recent Attacks
An advanced persistent threat (APT) hacking group operating with motives that likely align with Palestine has embarked on a new campaign that leverages a previously undocumented implant called NimbleMamba. The intrusions leveraged a sophisticated attack chain targeting Middle Eastern governments, foreign policy think tanks, and a state-affiliated airline, enterprise security firm Proofpoint said
Several Malware Families Using Pay-Per-Install Service to Expand Their Targets
A detailed examination of a Pay-per-install (PPI) malware service called PrivateLoader has revealed its crucial role in the delivery of a variety of malware such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner since at least May 2021. Loaders are malicious programs used for loading additional executables onto the infected machine. With PPI malware services such as PrivateLoader,
'Roaming Mantis' Android Malware Targeting Europeans via Smishing Campaigns
A financially motivated campaign that targets Android devices and spreads mobile malware via SMS phishing techniques since at least 2018 has spread its tentacles to strike victims located in France and Germany for the first time. Dubbed Roaming Mantis, the latest spate of activities observed in 2021 involve sending fake shipping-related texts containing a URL to a landing page from where Android
Medusa Android Banking Trojan Spreading Through Flubot's Attacks Network
Two different Android banking Trojans, FluBot and Medusa, are relying on the same delivery vehicle as part of a simultaneous attack campaign, according to new research published by ThreatFabric. The ongoing side-by-side infections, facilitated through the same smishing (SMS phishing) infrastructure, involved the overlapping usage of "app names, package names, and similar icons," the Dutch mobile
How Attack Surface Management Preempts Cyberattacks
The wide-ranging adoption of cloud facilities and the subsequent mushrooming of organizations' networks, combined with the recent migration to remote work, had the direct consequence of a massive expansion of organizations' attack surface and led to a growing number of blind spots in connected architectures. The unforeseen results of this expanded and attack surface with fragmented monitoring
Monday, 7 February 2022
Microsoft Disables Internet Macros in Office Apps by Default to Block Malware Attacks
Microsoft on Monday said it's taking steps to disable Visual Basic for Applications (VBA) macros by default across its products, including Word, Excel, PowerPoint, Access, and Visio, for documents downloaded from the web in an attempt to eliminate an entire class of attack vector. "Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered,
Microsoft Temporarily Disables MSIX App Installers to Prevent Malware Abuse
Microsoft last week announced that it's temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader. MSIX, based on a combination of .msi, .appx, App-V and ClickOnce installation technologies, is a universal Windows
Mind the Password Hack Tool
YES – you read this right. Mind the hack tool, meaning, keep in mind that…
Mind the Password Hack Tool on Latest Hacking News.
Security During Virtual Meetings
Since the Coronavirus pandemic, virtual meetings have become increasingly commonplace. People from all walks of…
Security During Virtual Meetings on Latest Hacking News.
New CapraRAT Android Malware Targets Indian Government and Military Personnel
A politically motivated advanced persistent threat (APT) group has expanded its malware arsenal to include a new remote access trojan (RAT) in its espionage attacks aimed at Indian military and diplomatic entities. Called CapraRAT by Trend Micro, the implant is an Android RAT that exhibits a high "degree of crossover" with another Windows malware known as CrimsonRAT that's associated with Earth
Hackers Backdoored Systems at China's National Games Just Before Competition
Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group. Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start of the event on September 3 to drop multiple reverse web shells for remote access and achieve
IoT/connected Device Discovery and Security Auditing in Corporate Networks
Today's enterprise networks are complex environments with different types of wired and wireless devices being connected and disconnected. The current device discovery solutions have been mainly focused on identifying and monitoring servers, workstation PCs, laptops and infrastructure devices such as network firewalls, switches and routers, because the most valuable information assets of
Sunday, 6 February 2022
Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor
A Chinese advanced persistent threat (APT) group has been targeting Taiwanese financial institutions as part of a "persistent campaign" that lasted for at least 18 months. The intrusions, whose primary intent was espionage, resulted in the deployment of a backdoor called xPack, granting the adversary extensive control over compromised machines, Broadcom-owned Symantec said in a report published
CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 (CVSS score: 7.0) to the Known Exploited Vulnerabilities Catalog, necessitating that Federal
Popular VPNs NordVPN And Surfshark Announce Merger
Another major cybersecurity acquisition just happened – this time, involving two VPN giants. Specifically, NordVPN…
Popular VPNs NordVPN And Surfshark Announce Merger on Latest Hacking News.
Saturday, 5 February 2022
New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps
Users of the Argo continuous deployment (CD) tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys. The flaw, tagged as CVE-2022-24348 (CVSS score: 7.7), affects all versions and has been addressed in versions 2.3.0, 2.2.4, and 2.1.9. Cloud security firm
Friday, 4 February 2022
Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine
Microsoft on Friday shared more of the tactics, techniques, and procedures (TTPs) adopted by the Russia-based Gamaredon hacking group to facilitate a barrage of cyber espionage attacks aimed at several entities in Ukraine over the past six months. The attacks are said to have singled out government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit
Week in security with Tony Anscombe
What to know before scanning a QR code – Has your phone been hacked? – Watch your back and keep shoulder surfers at bay
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Think before you scan: How fraudsters can exploit QR codes to steal money
QR codes are all the rage and scammers have taken notice. Look out for dangers lurking behind those little black-and-white squares.
The post Think before you scan: How fraudsters can exploit QR codes to steal money appeared first on WeLiveSecurity
Another Israeli Firm, QuaDream, Caught Weaponizing iPhone Bug for Spyware
A now-patched security vulnerability in Apple iOS that was previously found to be exploited by Israeli company NSO Group was also separately weaponized by a different surveillance vendor named QuaDream to hack into the company's devices. The development was reported by Reuters, citing unnamed sources, noting that "the two rival businesses gained the same ability last year to remotely break into
U.S. Authorities Charge 6 Indian Call Centers Scamming Thousands of Americans
A number of India-based call centers and their directors have been indicted for their alleged role in placing tens of millions of scam calls aimed at defrauding thousands of American consumers. The indictment charged Manu Chawla, Sushil Sachdeva, Nitin Kumar Wadwani, Swarndeep Singh, Dinesh Manohar Sachdev, Gaje Singh Rathore, Sanket Modi, Rajiv Solanki and their respective call centers for
Russian Gamaredon Hackers Targeted 'Western Government Entity' in Ukraine
The Russia-linked Gamaredon hacking group attempted to compromise an unnamed Western government entity operating in Ukraine last month amidst ongoing geopolitical tensions between the two countries. Palo Alto Networks' Unit 42 threat intelligence team, in a new report publicized on February 3, said that the phishing attack took place on January 19, adding it "mapped out three large clusters of
Cynet Log4Shell Webinar: A Thorough - And Clear - Explanation
Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache Log4j, a Java library widely used to log error messages in applications. Beyond patching, it's helpful
Thursday, 3 February 2022
CISA Warns of Critical Vulnerabilities Discovered in Airspan Networks Mimosa
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday published an Industrial Controls Systems Advisory (ICSA) warning of multiple vulnerabilities in the Airspan Networks Mimosa equipment that could be abused to gain remote code execution, create a denial-of-service (DoS) condition, and obtain sensitive information. "Successful exploitation of these vulnerabilities could
Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users
A threat actor, likely Chinese in origin, is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform as part of spear-phishing campaigns that commenced in December 2021. The espionage operation — codenamed "EmailThief" — was detailed by cybersecurity company Volexity in a technical report published Thursday, noting that successful exploitation of the
Critical Flaws Discovered in Cisco Small Business RV Series Routers
Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept (PoC) exploit code targeting some of these bugs. Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the highest
New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software
An ongoing search engine optimization (SEO) poisoning attack campaign has been observed abusing trust in legitimate software utilities to trick users into downloading BATLOADER malware on compromised machines. "The threat actor used 'free productivity apps installation' or 'free software development tools installation' themes as SEO keywords to lure victims to a compromised website and to
How SSPM Simplifies Your SOC2 SaaS Security Posture Audit
An accountant and a security expert walk into a bar… SOC2 is no joke. Whether you're a publicly held or private company, you are probably considering going through a Service Organization Controls (SOC) audit. For publicly held companies, these reports are required by the Securities and Exchange Commission (SEC) and executed by a Certified Public Accountant (CPA). However, customers often ask
New Variant of UpdateAgent Malware Infects Mac Computers with Adware
Microsoft on Wednesday shed light on a previously undocumented Mac trojan that it said has underwent several iterations since its first appearance in September 2020, effectively granting it an "increasing progression of sophisticated capabilities." The company's Microsoft 365 Defender Threat Intelligence Team dubbed the new malware family "UpdateAgent," charting its evolution from a barebones
New Wave of Cyber Attacks Target Palestine with Political Bait and Malware
Cybersecurity researchers have turned the spotlight on a new wave of offensive cyberattacks targeting Palestinian activists and entities starting around October 2021 using politically-themed phishing emails and decoy documents. The intrusions are part of what Cisco Talos calls a longstanding espionage and information theft campaign undertaken by the Arid Viper hacking group using a Delphi-based
Wednesday, 2 February 2022
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone
Some fraudsters may use low-tech tactics to steal your sensitive information – peering over your shoulder as you enter that data is one of them
The post Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone appeared first on WeLiveSecurity
New Malware Used by SolarWinds Attackers Went Undetected for Years
The threat actor behind the supply chain compromise of SolarWinds has continued to expand its malware arsenal with new tools and techniques that were deployed in attacks as early as 2019, once indicative of the elusive nature of the campaigns and the adversary's ability to maintain persistent access for years. According to cybersecurity firm CrowdStrike, which detailed the novel tactics adopted
Cynet's Keys to Extend Threat Visibility
We hear about the need for better visibility in the cybersecurity space – detecting threats earlier and more accurately. We often hear about the dwell time and the time to identify and contain a data breach. Many of us are familiar with IBM’s Cost of a Data Breach Report that has been tracking this statistic for years. In the 2021 report, IBM found that, on average, it takes an average of 212
Tuesday, 1 February 2022
Dozens of Security Flaws Discovered in UEFI Firmware Used by Several Vendors
As many as 23 new high severity security vulnerabilities have been disclosed in different implementations of Unified Extensible Firmware Interface (UEFI) firmware used by numerous vendors, including Bull Atos, Fujitsu, HP, Juniper Networks, Lenovo, among others. The vulnerabilities reside in Insyde Software's InsydeH2O UEFI firmware, according to enterprise firmware security company Binarly,
Hacker Group 'Moses Staff' Using New StrifeWater RAT in Ransomware Attacks
A politically motivated hacker group tied to a series of espionage and sabotage attacks on Israeli entities in 2021 incorporated a previously undocumented remote access trojan (RAT) that masquerades as the Windows Calculator app as part of a conscious effort to stay under the radar. Cybersecurity company Cybereason, which has been tracking the operations of the Iranian actor known as Moses Staff
Critical Bug Found in WordPress Plugin for Elementor with Over a Million Installations
A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites. The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts. "This vulnerability allows
Researchers Devise “DrawnApart” – A GPU Fingerprinting Technique
A team of academic researchers has devised a new user tracking strategy. Dubbed “DrawnApart”, this…
Researchers Devise “DrawnApart” – A GPU Fingerprinting Technique on Latest Hacking News.
Subscribe to:
Posts (Atom)