RSS Security

❌ About FreshRSS
There are new articles available, click to refresh the page.
Today β€” 17 May 2021The Hacker News

Apple's Find My Network Can be Abused to Exfiltrate Data From Nearby Devices

17 May 2021 at 14:12
Latest research has demonstrated a new exploit that enables arbitrary data to be uploaded from devices that are not connected to the Internet by simply sending "Find My Bluetooth" broadcasts to nearby Apple devices. "It's possible to upload arbitrary data from non-internet-connected devices by sending Find My [Bluetooth Low Energy] broadcasts to nearby Apple devices that then upload the data for

Why Password Hygiene Needs a Reboot

17 May 2021 at 11:35
In today's digital world, password security is more important than ever. While biometrics, one-time passwords (OTP), and other emerging forms of authentication are often touted as replacements to the traditional password, today, this concept is more marketing hype than anything else. But just becauseΒ passwords aren't going anywhere anytime soonΒ doesn't mean that organizations don’t need to

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks

17 May 2021 at 11:19
Cybersecurity researchers have uncovered an ongoing malware campaign that heavily relies on AutoHotkey (AHK) scripting language to deliver multiple remote access trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm on target Windows systems. At least four different versions of the campaign have been spotted starting February 2021, according to researchers from Morphisec Labs

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized

17 May 2021 at 07:26
Just as Colonial PipelineΒ restoredΒ all of its systems to operational status in the wake of a crippling ransomware incident a week ago, DarkSide, the cybercrime syndicate behind the attack, claimed it lost control of its infrastructure, citing a law enforcement seizure. All the dark web sites operated by the gang, including its DarkSide Leaks blog, ransom collection site, and breach data content
Before yesterdayThe Hacker News

Hackers Using Microsoft Build Engine to Deliver Malware Filelessly

14 May 2021 at 16:01
Threat actors are abusing Microsoft Build Engine (MSBuild) to filelessly deliver remote access trojans and password-stealing malware on targeted Windows systems. The actively ongoing campaign is said to have emerged last month, researchers from cybersecurity firm AnomaliΒ saidΒ on Thursday, adding the malicious build files came embedded with encoded executables and shellcode that deployΒ backdoors,

Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template

14 May 2021 at 13:14
Security incidents occur. It's not a matter of 'if' but of 'when.' There are security products and procedures that were implemented to optimize the IR process, so from the 'security-professional' angle, things are taken care of. However, many security pros who are doing an excellent job in handling incidents find effectively communicating the ongoing process with their management a much more

Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal

14 May 2021 at 12:04
Cybercriminals with suspected ties to Pakistan continue to rely on social engineering as a crucial component of its operations as part of an evolving espionage campaign against Indian targets, according to new research. The attacks have been linked to a group calledΒ Transparent Tribe, also known as Operation C-Major, APT36, and Mythic Leopard, which has created fraudulent domains mimicking

Magecart Hackers Now hide PHP-Based Backdoor In Website Favicons

14 May 2021 at 10:17
Cybercrime groups are distributing malicious PHP web shells disguised as a favicon to maintain remote access to the compromised servers and inject JavaScript skimmers into online shopping platforms with an aim to steal financial information from their users. "These web shells known as Smilodon or Megalodon are used to dynamically load JavaScript skimming code via server-side requests into online

Big Cybersecurity Tips For Remote Workers Who Use Their Own Tech

14 May 2021 at 09:00
As the total number of people working from home has grown dramatically in the last year or two, so has the number of individuals who use all of their own technology for their jobs. If you're a remote worker who relies on your own PC to get your work done, then you may be at a heightened risk for some of the major threats that are impacting the computer industry as a whole. Relatively few people

Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals

14 May 2021 at 07:57
Colonial Pipeline on Thursday restored operations to its entire pipeline system nearly a week following a ransomware infection targeting its IT systems, forcing it to reportedly shell out nearly $5 million to regain control of its computer networks. "Following this restart, it will take several days for the product delivery supply chain to return to normal," the company said in a statement on

Rapid7 Source Code Breached in Codecov Supply-Chain Attack

14 May 2021 at 07:02
Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. "A small subset of our source code repositories for internal tooling for our [Managed Detection and Response] service was accessed by an

Can Data Protection Systems Prevent Data At Rest Leakage?

13 May 2021 at 11:47
Protection against insider risks works when the process involves controlling the data transfer channels or examining data sources. One approach involves preventing USB flash drives from being copied or sending them over email. The second one concerns preventing leakage or fraud in which an insider accesses files or databases with harmful intentions. What's the best way to protect your data? It

Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged Cards

13 May 2021 at 10:54
Bogus COVID-19 test results, fraudulent vaccination cards, and questionable vaccines are emerging a hot commodity on the dark web in what's the latest in a long list of cybercrimesΒ capitalizingΒ on theΒ coronavirusΒ pandemic. "A new and troubling phenomenon is that consumers are buying COVID-19 vaccines on the black market due to the increased demand around the world,"Β saidΒ Anne An, a senior

Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks

12 May 2021 at 13:07
Three design and multiple implementation flaws have been disclosed in IEEE 802.11 technical standard that undergirds Wi-Fi, potentially enabling an adversary to take control over a system and plunder confidential data. CalledΒ FragAttacksΒ (short for FRgmentation and AGgregation Attacks), the weaknesses impact all Wi-Fi security protocols, from Wired Equivalent Privacy (WEP) all the way to Wi-Fi

Latest Microsoft Windows Updates Patch Dozens of Security Flaws

12 May 2021 at 09:15
Microsoft on Tuesday rolled out its scheduledΒ monthly security updateΒ with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. Of these 55 bugs, four are rated as Critical, 50 are rated as Important, and one is listed as Moderate in severity. Three of the vulnerabilities are publicly known, although, unlikeΒ 

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations

12 May 2021 at 07:16
The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department (MPD) after negotiations with the DC Police broke down, warning that theyΒ intend to publish all data if their ransom demands are not met. "The negotiations reached a dead end, the amount we were offered does not suit us, we are posting 20 more personal files on officers

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild

12 May 2021 at 05:41
Adobe has releasedΒ Patch Tuesday updatesΒ for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild. The list of updated applications includes Adobe Experience Manager, Adobe InDesign, Adobe Illustrator, Adobe InCopy, Adobe Genuine Service, Adobe Acrobat and Reader, Magento,

LIVE Webinar β€” The Rabbit Hole of Automation

11 May 2021 at 13:24
The concept of automation has taken on a life of its own in recent years. The idea is nothing new, but the current interest in automation is a mix of both hype and innovation. On the one hand, it's much easier today to automate everything from small processes to massive-scale tasks than it's ever been before. On the other hand, are we really prepared to hand the reins over to completely

U.S. Intelligence Agencies Warn About 5G Network Weaknesses

11 May 2021 at 12:54
Inadequate implementation of telecom standards, supply chain threats, and weaknesses in systems architecture could pose major cybersecurity risks to 5G networks, potentially making them a lucrative target for cybercriminals and nation-state adversaries to exploit for valuable intelligence. The analysis, which aims to identify and assess risks and vulnerabilities introduced by 5G adoption, was