RSS Security

❌ About FreshRSS
There are new articles available, click to refresh the page.
Before yesterdayThe Hacker News

Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software

23 July 2021 at 12:22
A malware known for targeting macOS operating system has been updated once again to add more features to its toolset that allows it to amass and exfiltrate sensitive data stored in a variety of apps, including apps such as Google Chrome and Telegram, as part of further "refinements in its tactics." XCSSET wasΒ uncoveredΒ in August 2020, when it was found targeting Mac developers using an unusual

Wake up! Identify API Vulnerabilities Proactively, From Production Back to Code

23 July 2021 at 11:47
After more than 20 years in the making, now it's official: APIs are everywhere. In a 2021 survey,Β 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing. APIs have crucial roles to play in virtually every industry today, and their importance is increasing steadily, as they move to the forefront of business strategies. This comes as no

Dutch Police Arrest Two Hackers Tied to "Fraud Family" Cybercrime Ring

23 July 2021 at 11:20
Law enforcement authorities in the Netherlands haveΒ arrestedΒ two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. The apprehended suspects, a 24-year-old software engineer and a 15-year-old boy, are said to have been

Kaseya Gets Universal Decryptor to Help REvil Ransomware Victims

23 July 2021 at 04:40
Nearly three weeks after Florida-based software vendor Kaseya was hit by aΒ widespread supply-chain ransomware attack, the company on Thursday said it obtained a universal decryptor to unlock systems and help customers recover their data. <!--adsense--> "On July 21, Kaseya obtained a decryptor for victims of the REvil ransomware attack, and we're working to remediate customers impacted by the

APT Hackers Distributed Android Trojan via Syrian e-Government Portal

22 July 2021 at 10:38
An advanced persistent threat (APT) actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal, indicating an upgraded arsenal designed to compromise victims. "To the best of our knowledge, this is the first time that the group has been publicly observed using malicious Android applications as part of its attacks," Trend Micro researchers Zhengyu

Reduce End-User Password Change Frustrations

22 July 2021 at 10:12
Organizations today must give attention to their cybersecurity posture, including policies, procedures, and technical solutions for cybersecurity challenges.Β  This often results in a greater burden on the IT service desk staff as end-users encounter issues related to security software, policies, and password restrictions.Β  One of the most common areas where security may cause challenges for

Oracle Warns of Critical Remotely Exploitable Weblogic Server Flaws

22 July 2021 at 08:21
Oracle on Tuesday released its quarterlyΒ Critical Patch Update for July 2021Β with 342 fixes spanning across multiple products, some of which could be exploited by a remote attacker to take control of an affected system. Chief among them isΒ CVE-2019-2729, a critical deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services that's remotely exploitable without

Another Hacker Arrested for 2020 Twitter Hack and Massive Bitcoin Scam

22 July 2021 at 07:34
A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts. Joseph O'Connor, 22, has beenΒ chargedΒ with intentionally accessing a computer without authorization and obtaining information from a protected computer, as well as for making extortive communications. The Spanish

Malicious NPM Package Caught Stealing Users' Saved Passwords From Browsers

21 July 2021 at 13:27
A software package available from the official NPM repository has been revealed to be actually a front for a tool that's designed to steal saved passwords from the Chrome web browser. The package in question, named "nodejs_net_server" and downloaded over 1,283 times since February 2019, was last updated seven months ago (version 1.1.2), with its corresponding repository leading to non-existent

XLoader Windows InfoStealer Malware Now Upgraded to Attack macOS Systems

21 July 2021 at 10:12
A popular malware known for stealing sensitive information from Windows machines has evolved into a new strain capable of also targeting Apple's macOS operating system. The upgraded malware, dubbed "XLoader," is a successor to another well-known Windows-based info stealer called Formbook that's known to vacuum credentials from various web browsers, capture screenshots, record keystrokes, and

Several New Critical Flaws Affect CODESYS Industrial Automation Software

21 July 2021 at 09:59
Cybersecurity researchers on Wednesday disclosed multiple security vulnerabilities impacting CODESYS automation software and the WAGO programmable logic controller (PLC) platform that could be remotely exploited to take control of a company's cloud operational technology (OT) infrastructure. The flaws can be turned "into innovative attacks that could put threat actors in position to remotely

[eBook] A Guide to Stress-Free Cybersecurity for Lean IT Security Teams

21 July 2021 at 09:52
Today’s cybersecurity landscape is enough to make any security team concerned. The rapid evolution and increased danger of attack tactics have put even the largest corporations and governments at heightened risk. If the most elite security teams can’t prevent these attacks from happening, what can lean security teams look forward to?Β  Surprisingly, leaner teams have a much greater chance than

New Windows and Linux Flaws Give Attackers Highest System Privileges

21 July 2021 at 06:37
Microsoft's Windows 10 and the upcoming Windows 11 versions have been found vulnerable to a new local privilege escalation vulnerability that permits users with low-level permissions access Windows system files, in turn, enabling them to unmask the operating system installation password and even decrypt private keys. The vulnerability has been nicknamed "SeriousSAM.""Starting with Windows 10

16-Year-Old Security Bug Affects Millions of HP, Samsung, Xerox Printers

20 July 2021 at 11:35
Details have emerged about a high severity security vulnerability affecting a software driver used in HP, Xerox, and Samsung printers that has remained undetected since 2005. Tracked asΒ CVE-2021-3438Β (CVSS score: 8.8), the issue concerns a buffer overflow in a print driver installer package named "SSPORT.SYS" that can enable remote privilege and arbitrary code execution. Hundreds of millions of

This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection

20 July 2021 at 08:41
Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed "MosaicLoader" that singles out individuals searching for cracked software as part of a global campaign. "The attackers behind MosaicLoader created a piece of malware that can deliver any payload on the system, making it potentially profitable as a delivery service," Bitdefender researchers

US and Global Allies Accuse China of Massive Microsoft Exchange Attack

20 July 2021 at 06:52
The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People's Republic of China's Ministry of State Security (MSS). In aΒ statementΒ issued by the White House on Monday, the administration said, "with a high degree of

Researchers Warn of Linux Cryptojacking Attackers Operating from Romania

19 July 2021 at 13:11
A threat group likely based in Romania and active since at least 2020 has been behind an active cryptojacking campaign targeting Linux-based machines with a previously undocumented SSH brute-forcer written in Golang. Dubbed "Diicot brute," the password cracking tool is alleged to be distributed via a software-as-a-service model, with each threat actor furnishing their own unique API keys to

Turns Out That Low-Risk iOS Wi-Fi Naming Bug Can Hack iPhones Remotely

19 July 2021 at 10:38
The Wi-Fi network name bug that was found to completely disable an iPhone's networking functionality had remote code execution capabilities and was silently fixed by Apple earlier this year, according to new research. The denial-of-service vulnerability,Β which came to light last month, stemmed from the way iOS handled string formats associated with the SSID input, triggering a crashΒ on any

Five Critical Password Security Rules Your Employees Are Ignoring

19 July 2021 at 10:07
According to Keeper Security's Workplace Password Malpractice Report, many remote workers aren't following best practices for password security. Password security was a problem even before the advent of widespread remote work. So, what happened post-pandemic?Β Keeper Security's Workplace Password Malpractice ReportΒ sought to find out. In February 2021, Keeper surveyed 1,000 employees in the U.S.