Simply put: reading from RAM in your program could write to RAM in someone else’sRead More Serious Security: Rowhammer is back, but now it’s called SMASH
Security is an undeniable necessity for the survival and success of any company. COVID-19 accelerated digital transformation initiatives across all industries and this shift placed significant pressure on developers to push software to market at unprec…Read More Digital business requires a security-first mindset
McAfee released its new report, examining cybercriminal activity related to malware and the evolution of cyber threats in the third and fourth quarters of 2020. In Q4, there was an average of 648 threats per minute, an increase of 60 threats per minute…Read More COVID-19-themed cyberattack detections continue to surge
Listen now – and have your say on this divisive issue in our comments!Read More S3 Ep28.5: Hacking back – is attack an acceptable form of defence? [Podcast]
As we head into 2021, ransomware is making another resurgence, particularly in targeted attacks from highly organized hacker groups. In fact, cybercrime is surging since the start of the pandemic. When IT and security professionals plan how to respond,…Read More Protecting the human attack surface from the next ransomware attack
The White House is reportedly moving swiftly forward with a plan to harden the security of the US power grid against hacking attacks.
Read more in my article on the Tripwire State of Security blog.Read More White House launches plan to protect US critical infrastructure against cyber attacks
New episode – listen now!Read More S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy [Podcast]
Synopsys released a report that examines the results of more than 1,500 audits of commercial codebases. The report highlights trends in open source usage within commercial applications and provides insights to help commercial and open source developers…Read More Open source security, license compliance, and maintenance issues are pervasive in every industry
According to IDG’s 2020 Cloud Computing Study, 92% of organizations have at least some sort of cloud footprint in regard to their IT environment. Therefore, traditional cloud security approaches must evolve to keep up with the dynamic infrastructure an…Read More Machine learning-powered cybersecurity depends on good data and experience
Hacking for good! A judge said I could!Read More FBI hacks into hundreds of infected US servers (and disinfects them)
Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server software in the United States. Through January and February 2021, certain hacki…Read More FBI removes web shells from hacked Microsoft Exchange servers
Over the past year, 65% of people around the world report spending more time online than ever before, likely a result of the COVID-19 pandemic. As we connected to the internet for everything from work and school to entertainment, social connection and …Read More 330 million people across 10 countries were victims of cybercrime in 2020
Shoppers at Dutch supermarkets may have noticed that some cheeses were in short supply last week, and it was cybercriminals who are to blame.
Read more in my article on the Hot for Security blog.Read More Ransomware attack causes supermarket cheese shortage in the Netherlands
The programmers among us are learning… but not always quickly enough, it seems. Here’s some food for coding thought…Read More IoT bug report claims “at least 100M devices” may be impacted
Forescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, dubbed NAME:WRECK. These vulnerabilities affect four popular TCP/IP stacks – namely FreeBSD, IPnet, Nucleus NET and NetX – which are commonly pre…Read More New DNS vulnerabilities have the potential to impact millions of devices
A practical cybersecurity guide from the National Institute of Standards and Technology (NIST) can help hotel owners reduce the risks to a highly vulnerable and attractive target for hackers: the hotel property management system (PMS), which stores gue…Read More Cybersecurity guide for the hospitality industry
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped SOC is often no match for a simple misconfiguration error. Organizations have …Read More The SOC is blind to the attackable surface
Two lucky winners scooped $200k for just 20 minutes’ work – if you don’t count the days, weeks and months of meticulous effort beforehandRead More Pwn2Own 2021: Zoom, Teams, Exchange, Chrome and Edge “fully owned”
New episode – listen now!Read More S3 Ep27: Census scammers, beg bounties and data breach fines [Podcast]
Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook’s latest data fiasco, and some less-than-brilliant April Fool’s tricks.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” p…Read More Smashing Security podcast #222: Facebook, deepfakes, and April Fools scandals – with Nina Schick
In this era of increasing technological complexity, watering hole attacks build on a model of simplicity. Just like predatory animals that hover near sources of water favored by their prey, attackers systematically infect websites likely to be visited …Read More Cloud-native watering hole attack: Simple and potentially devastating
The COVID-19 pandemic forced businesses to quickly support remote working practices, often without proper security measures in place. Verizon reveals that many businesses may have left themselves vulnerable and open to cybercriminals in the rush to ens…Read More A rush to remote working leaving businesses vulnerable to cybercriminals
The construction industry may not appear to be an obvious target for cybercrime, but it garners unwanted online attention just like other sectors. According to a report by IBM, the average cost of a data breach in the industrial sector was $4.99 millio…Read More 68% of construction executives have no cybersecurity measures in place
Newly provisioned, unprotected SAP applications in cloud environments are getting discovered and compromised in mere hours, Onapsis researchers have found, and vulnerabilities affecting them are being weaponized in less than 72 hours after SAP releases…Read More SAP applications are getting compromised by skilled attackers
Claroty researchers have found and privately disclosed nine vulnerabilities affecting Rockwell Automation’s FactoryTalk AssetCentre, an ICS-specific backup solution. All of the vulnerabilities have been assigned the maximum (10.0) CVSS v3 base score an…Read More Vulnerabilities in ICS-specific backup solution open industrial facilities to attack
Fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019, according to WatchGuard. Q4 2020 also brought a 41% increase in encrypted malware detect…Read More Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT
With an unexpected year of massive change behind us, many organizations have now an extensive remote workforce, new technologies in use, and digital transformation under way across the board. While this has introduced many opportunities for SMBs, it ha…Read More 5 key cybersecurity risks in 2021, and how to address them now
CISA, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 1April 5 to scan their networks for evidence of intrusion by hackers, and report back the results.
Read m…Read More Federal agencies given five days to find hacked Exchange servers
Two vulnerabilities (CVE-2021-21975, CVE-2021-21983) recently patched by VMware in its vRealize Operations platform can be chained together to achieve unauthenticated remote code execution (RCE) on the underlying operating system, Positive Technologies…Read More VMware patches critical vRealize Operations flaws that could lead to RCE
Latest episode – listen now!Read More S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor [Podcast]
Before the pandemic, most modern organizations had recognized the need to innovate to support developers’ evolving workflows. Today, rapid digitalization has placed a significant burden on software developers supporting remote business operations. Deve…Read More The growing threat to CI/CD pipelines
Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are among the critical threats to organizations, according to F-Secure. One of the most notable trends highlighted is the evolution of ransomware – attacks that …Read More Nearly 40% of new ransomware families use both data encryption and data theft in attacks
The crooks got in and added a backdoor to PHP, but it looks as though it was caught before any harm was done.Read More PHP web language narrowly avoids “backdoor” supply chain attack
The bug is under active exploitation by unknown attackers and affects a wide range of devices, including iPhones, iPads and Apple Watches
The post Apple rushes to patch zero‑day flaw in iOS, iPadOS appeared first on WeLiveSecurity
Cybercrime isn’t about just one sort of attack, one type of crook, or one method of protection!Read More Naked Security Live – Lessons beyond ransomware
With almost 3 million weekly downloads, netmask has scored more than 238 million total downloads over its lifetime. What’s more, around 279,000 GitHub repositories depend on the component. Yesterday, cybersecurity analysts Sick Codes, Victor Viale, Joh…Read More Critical netmask Networking Flaw Reported by Security Specialists
The bug that broke security when you turned STRICT mode on…Read More Serious Security: OpenSSL fixes two high-severity crypto bugs
It’s just two days since former SNP leader Alex Salmond launched a brand new political party to campaign for an independent Scotland.
And already it has suffered a data breach.Read More Alex Salmond’s Alba party website leaks data in IDOR foul-up
Universal Cross Site Scripting bug means all web browsing is potentially at risk. We explain in plain English.Read More Apple devices get urgent patch for zero-day exploit – update now!
New episode – listen now!Read More S3 Ep25: Drained accounts, ransomware attacks and Linux badware [Podcast]
There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc earlier this month – in a nutshell, they showed how the Spectre vulnerabi…Read More Using memory encryption in web applications to help reduce the risk of Spectre attacks
AdaptiveMobile Security today publicly disclosed details of a major security flaw in the architecture of 5G network slicing and virtualized network functions. The fundamental vulnerability has the potential to allow data access and denial of service at…Read More 5G network slicing vulnerability leaves enterprises exposed to cyberattacks
Things don’t get much worse than having to admit to your employees that a gang of cybercriminals have broken into your infrastructure, stolen the private details (social security numbers, names and home addresses) of your staff, and are demanding that …Read More Bank loses customers’ social security numbers after ransomware attack
The pandemic has changed how many companies operate in a short period of time. Over the last year we’ve witnessed most organizations with office-based workforces having to transition to remote working. Now, with the UK government’s roadmap out of lockd…Read More Hidden areas of security and the future of hybrid working
While total combined fraud losses climbed to $56 billion in 2020, identity fraud scams accounted for $43 billion of that cost. Traditional identity fraud losses totaled $13 billion, Javelin Strategy & Research reveals. With traditional fraud, cons…Read More Total combined fraud losses climbed to $56 billion in 2020
Remember Hafnium? Here’s the bad news – it’s not over yet! Learn why and what to do…Read More BlackKingdom ransomware still exploiting insecure Exchange servers
There are major gaps in API security based on insights from over 100 senior security leaders at large enterprises in the United States and Europe, an Imvision report reveals. With 9 out of 10 security leaders naming API security as a priority, survey r…Read More 80% of security leaders would like more control over their API security
While banks have been successful in reducing card fraud in recent years, a new and rising threat has emerged: synthetic identity fraud. By combining real and falsified information on digital platforms, financial criminals have been able to commit this …Read More How to stay ahead of the rise of synthetic fraud
Cybersecurity vulnerabilities among credit unions and their vendors create the potential for large financial impacts to the credit union industry, according to a Black Kite report. The research analyzed the cybersecurity posture of 250 NCUA credit unio…Read More The financial impact of cybersecurity vulnerabilities on credit unions
Microsoft has updated its Defender Antivirus to mitigate the ProxyLogon flaw on vulnerable Exchange Servers automatically, while the Cybersecurity and Infrastructure Security Agency (CISA) has released CHIRP, a forensic tool that can help defenders fin…Read More Automatically mitigate ProxyLogon, detect IoCs associated with SolarWinds attackers’ activities
It looks like a third zero-day flaw has been found in Google Chrome and it could affect Mac, Windows and Linux users. This would be the third Google Chrome zero-day vulnerability to be disclosed in the past three months. On the 2nd of March, Chrome rel…Read More Google Is Announcing Another Chrome Zero-Day Flaw
Anyone could have found these bugs, but everyone assumed someone would, and in the end, no one did. (Until now.)Read More Serious Security: The Linux kernel bugs that surfaced after 15 years
Another year, another new set of cybersecurity threats to overcome, outwit and mitigate against. At the beginning of 2021, the cybersecurity world was informed by CISA (the USA Cybersecurity and Infrastructure Security Agency) of a spate of attacks tar…Read More 4 Strategies to Mitigate Pass-the-Cookie Attacks
The latest update patches a total of five vulnerabilities affecting the browser’s desktop versions
The post Google fixes Chrome zero‑day bug exploited in the wild appeared first on WeLiveSecurity
Latest episode – watch now!Read More Naked Security Live – HAFNIUM explained in plain English
A hacking group has gained access to the feeds of 150,000 surveillance cameras used inside businesses, schools, police departments, hospitals, and well-known companies.
Read more in my article on the Bitdefender BOX blog.Read More 150,000 security cameras are hacked exposing jails, hospitals, and well-known firms
New episode – listen now! (And find out what HAFNIUM really stands for.)Read More S3 Ep23: Hafnium happenings, I see you, and Pythonic poison [Podcast]
Is it the end of the road for John McAfee? Is PornHub more legitimate than Facebook? And do you know as much as you think you do about the Microsoft Exchange Server mega-hack?
All this and much much more is discussed in the latest edition of the “Sm…Read More Smashing Security podcast #218: Microsoft, McAfee, and mayhem
Platform engineer and open source enthusiast Rob Dyke says that he’s found himself in a sticky pickle.
You see, in late February he discovered two public repositories on Github which contained code for an application, API keys, usernames nad passwor…Read More Told your organisation is leaking data? Here’s how not to respond
As system administrators and security teams around the world are working on ascertaining whether they’ve been breached and compromised via vulnerable Microsoft Exchange Server installations, on this March 2021 Patch Tuesday: Microsoft has fixed 8…Read More March 2021 Patch Tuesday: Microsoft fixes yet another actively exploited IE zero-day
Webshells explained, with some (safe) examples you can try at home if you want to learn more.Read More Serious Security: Webshells explained in the aftermath of HAFNIUM attacks
In case you’ve missed the news – hundreds of thousands of Microsoft Exchange Server systems worldwide are thought to have been compromised by hackers, who exploited zero-day vulnerabilities to steal emails.
Read more in my article on the Hot for Sec…Read More The Microsoft Exchange Server mega-hack – what you need to know
At least one vulnerability is being exploited by multiple cyberespionage groups to attacks targets mainly in the US, per ESET telemetry
The post Microsoft rushes out fixes for four zero‑day flaws in Exchange Server appeared first on WeLiveSecurity
The battle against hackers and threats is an arms race against highly motivated opponents, and with the number of attacks and threats continually growing, it’s impossible to achieve security by simply patching up a broken architecture with single…Read More Security starts with architecture
It’s déjà vu all over again! New month, new Chrome zero-day bug being exploited in the wild.Read More Another Chrome zero-day exploit – so get that update done!
Actor, presenter and writer Robert Llewellyn, famous for playing the part of Kryten in the science-fiction comedy “Red Dwarf,” joins us as we discuss robots gone rogue, electric vehicle nightmares, and creepy companions. All this and much m…Read More Smashing Security podcast #217: Would you cuddle this revolting robot? – with Robert Llewellyn
Microsoft has released emergency security patches for four zero-day vulnerabilities in its Exchange email server software, widely used by businesses.Read More Patch your Exchange email server now! flaws exploited by hackers to download corporate email
Security researcher Alexander Popov has discovered and fixed five similar issues in the virtual socket implementation of the Linux kernel. The vulnerabilities could be exploited for local privilege escalation, as confirmed in experiments on Fedora 33 S…Read More Now-fixed Linux kernel vulnerabilities enabled local privilege escalation (CVE-2021-26708)
Microsoft has released out-of-band security updates for seven bugs affecting Microsoft Exchange Servers, four of which are zero-day vulnerabilities being exploited by attackers in the wild to plunder on-premises machines. According to Volexity, the attacks have been going on for nearly two months, possibly even longer. Our team has been tirelessly working several intrusions since January involving multiple 0-day exploits in Microsoft Exchange. We’ve released the details of this threat activity alongside Microsoft’s Out of … More
The post Exchange Servers targeted via zero-day exploits, have yours been hit? appeared first on Help Net Security.Read More Exchange Servers targeted via zero-day exploits, have yours been hit?
Tanium released a report to evaluate the primary IT operations and security challenges organizations have faced amid the large-scale shift to remote work in the COVID-19 era, and how businesses plan to adapt moving forward. The report was conducted by …Read More Enterprises observing uptick in risky behaviors since shift to remote work
Tripwire’s February 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Apache, VWware and Microsoft. First on the patch priority list this month is a patch for Apache Tomcat. The Apache Tomcat “Ghostcat” vu…Read More Tripwire Patch Priority Index for February 2021
Gab, the Twitter-like social networking service known for its far-right userbase, has reportedly been hacked – putting more than 40 million public and private posts, messages, as well as user profiles and hashed passwords, at risk of exposure.
Read …Read More “Mentally ill demon hackers” blamed for massive Gab data leak
A critical, easy to exploit vulnerability (CVE-2021-22681) may allow attackers to remotely connect to a number of Rockwell Automation’s programmable logic controllers (PLCs) and to install new (malicious) firmware, alter the device’s config…Read More Critical flaw in Rockwell PLCs allows attackers to fiddle with them (CVE-2021-22681)
In a recent report, Trend Micro announced it detected 119,000 cyber threats per minute in 2020 as home workers and infrastructure came under new pressure from attacks. Attacks on homes surged The report also shows that home networks were a major draw l…Read More Insights for navigating a drastically changing threat landscape
There was a massive increase in cyber threats globally year-over-year fueled by both the pandemic and expanding attack surfaces, Skybox Security reveals. Expanding attack surfaces New malware samples nearly doubled: New ransomware samples increased 106…Read More Massive rise in threats across expanding attack surfaces
Dragos releases annual analysis of ICS/OT focused cyber threats, vulnerabilities, assessments, and incident response insights. “In 2020, the industrial community performed amazing feats to keep civilization running under challenging circumstances throu…Read More ICS threat landscape highlights
The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. We’ve detected mass scanning activity targeting vulnerable VMware vCenter servers (https://t.co/t3Gv2ZgTdt). Query our API for “tags=CVE-2021-21972” for relevant indicators and source IP addresses. #threatintel https://t.co/AcSZ40U5Gp — Bad Packets (@bad_packets) February 24, 2021 “In our opinion, the RCE vulnerability in the vCenter Server can pose no less a … More
The post Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP! appeared first on Help Net Security.Read More Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!
Cyberattacks evolved in 2020 as threat actors sought to profit from the unprecedented socioeconomic, business and political challenges brought on by the COVID-19 pandemic, IBM Security reveals. In 2020 attackers were observed pivoting their attacks to …Read More Attackers disrupting COVID-19 efforts and critical supply chains
As browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which not only evades anti-tracking measures on most widely-used browsers but, acc…Read More CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses
On Feb 5th, 2021, a hacker gained remote access to a water treatment plant in Oldsmar, Florida, and was able to adjust the amount of sodium hydroxide in the water from 100 parts per million to 11,100. Thanks to the physical fail-safes and alarm systems…Read More U.S. municipalities are the perfect target for cybercriminals in 2021
For public health officials, contact tracing remains critical to managing the spread of the coronavirus — particularly as it appears that variants of the virus could be more transmissible. The need for widespread contact tracing at the start of t…Read More Researchers propose more secure and private mobile contact tracing
It’s a bit like Snapchat all over again – but this bug was quickly fixed.Read More Keybase secure messaging fixes photo-leaking bug – patch now!
Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted organizations. Accellion has also confirmed on Monday that “out of approximately 30…Read More Accellion FTA attacks, extortion attempts might be the work of FIN11
A CCTV service designed to let parents remotely watch their children playing at nursery has suffered a data breach after it disputed concerns about its security.Read More NurseryCam suffers data breach after security concerns raised
In 2020, we experienced wave after wave of COVID-19 surges and watched failure after failure at practicing what we knew were effective preventative measures. Similarly, in December 2020, the Russia-backed SolarWinds malware attack resulted in the compr…Read More 10 COVID-19-related lessons for future-ready cybersecurity
Bottomline and Strategic Treasurer released the results of a survey that gathered details about corporate and banking experiences, actions and plans regarding fraud. Results show that the pandemic accelerated both the threat of fraud and the response t…Read More Business email compromise is a top concern for banks
Stay away from popup surveys that want personal data. Tell your friends…Read More “ScamClub” gang outed for exploiting iPhone browser bug to spew ads
NIST logged more than 18,000 vulnerabilities in 2020, over 10,000 of which were critical or high severity – an all-time high. Redscan’s analysis looks beyond severity scores, detailing the rise of low complexity vulnerabilities as well as those which r…Read More 57% of vulnerabilities in 2020 were classified as critical or high severity
By removing the most common cause of traffic accidents – the human driver – autonomous vehicles are expected to reduce traffic accidents and fatalities. However, they may pose a completely different type of risk to drivers, passengers and pedestrians. …Read More Cybersecurity risks connected to AI in autonomous vehicles
Seismic monitoring devices linked to the internet are vulnerable to cyberattacks that could disrupt data collection and processing, say researchers who have probed the devices for weak points. Common security issues such as non-encrypted data, insecure…Read More The cybersecurity issues of seismic monitoring devices
Ever counted how many external source code dependencies your fancy new software product has? Be prepared for a surprise!Read More How one man silently infiltrated dozens of high-tech networks
A researcher has uncovered disturbing security holes in a widely-used CCTV service designed to let parents remotely watch their children playing at nursery.
Read more in my article on the Bitdefender BOX blog.Read More NurseryCam has serious security issues, claims researcher
Latest episode – watch now!Read More Naked Security Live – When is a bug bounty not a bug bounty?
High-severity and critical bugs disclosed in 2020 outnumber the sum total of vulnerabilities reported 10 years prior
The post Record‑breaking number of vulnerabilities reported in 2020 appeared first on WeLiveSecurity
U.S.-based cloud solutions company Accellion will soon retire FTA, its legacy enterprise file-sharing solution, vulnerabilities in which have recently been exploited by attackers to breach a variety of organizations, including the Australian Securities…Read More Accellion to retire enterprise file-sharing product targeted in recent attacks
All of the 30 popular mHealth apps that were tested are vulnerable to API attacks that can allow unauthorized access to full patient records including protected health information (PHI) and personally identifiable information (PII), Approov reveals. Th…Read More mHealth apps consistently expose PII and PHI through APIs
2020 vulnerability disclosures are on track to exceed 2019 despite a sharp decrease of 19.2% observed earlier in the year, according to Risk Based Security. The team aggregated 23,269 vulnerabilities disclosed during 2020. Despite the initial disruptio…Read More 2020 vulnerability disclosures on track to exceed those from 2019
Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak Initial Sequence Number (ISN) generation, and could be exploited to mount limited D…Read More Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack
Latest episode (includes 111,848 “free” cups of coffee) – listen now!Read More S3 Ep19: Chrome zero-day, coffee hacking and Perl.com stolen [Podcast]
Patch early, patch often. In fact, patch now if you haven’t already. Here’s why.Read More Patch now to stop hackers blindly crashing your Windows computers