RSS Security

❌ About FreshRSS
There are new articles available, click to refresh the page.
Today β€” 5 August 2021The Hacker News

Salesforce Release Updates β€” A Cautionary Tale for Security Teams

5 August 2021 at 10:30
On the surface, Salesforce seems like a classic Software-as-a-Service (SaaS) platform. Someone might even argue that Salesforce invented the SaaS market. However, the more people work with the full offering of Salesforce, the more they realize that it goes beyond a traditional SaaS platform's capabilities. For example, few people talk about managing the security aspects ofΒ Salesforce Release

A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service

5 August 2021 at 10:12
Multiple cybercriminal groups are leveraging a malware-as-a-service (MaaS) solution to distribute a wide range of malicious software distribution campaigns that result in the deployment of payloads such asΒ Campo Loader,Β Hancitor,Β IcedID,Β QBot,Β Buer Loader, andΒ SocGholishΒ against individuals in Belgium as well as government agencies, companies, and corporations in the U.S. <!--adsense-->Dubbed "

Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks

5 August 2021 at 09:33
Multiple unpatched security vulnerabilities have been disclosed in Mitsubishi safety programmable logic controllers (PLCs) that could be exploited by an adversary to acquire legitimate user names registered in the module via a brute-force attack, unauthorizedly login to the CPU module, and even cause a denial-of-service (DoS) condition. The security weaknesses, disclosed byΒ Nozomi Networks,

Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs

5 August 2021 at 06:02
Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition. The issues, tracked as CVE-2021-1609 (CVSS score: 9.8) and CVE-2021-1610 (CVSS score: 7.2), reside in the web-based management interface of the
Yesterday β€” 4 August 2021The Hacker News

Several Malware Families Targeting IIS Web Servers With Malicious Modules

4 August 2021 at 20:30
A systematic analysis of attacks against Microsoft's Internet Information Services (IIS) servers has revealed as many as 14 malware families, 10 of them newly documented, indicating that the Windows-based web server software continues to be a hotbed forΒ natively developed malwareΒ for close to eight years. The findings were presented today by ESET malware researcher Zuzana Hromcova at theΒ Black

Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus

4 August 2021 at 12:49
An amalgam of multiple state-sponsored threat groups from China may have been behind a string of targeted attacks against Russian federal executive authorities in 2020. The latest research, published by Singapore-headquartered company Group-IB, delves into a piece of computer virus called "Webdav-O" that was detected in the intrusions, with the cybersecurity firm observing similarities between

New Chinese Spyware Being Used in Widespread Cyber Espionage Attacks

4 August 2021 at 10:28
A threat actor presumed to be of Chinese origin has been linked to a series of 10 attacks targeting Mongolia, Russia, Belarus, Canada, and the U.S. from January to July 2021 that involve the deployment of a remote access trojan (RAT) on infected systems, according to new research. The intrusions have been attributed to an advanced persistent threat namedΒ APT31Β (FireEye), which is tracked by the

Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices

4 August 2021 at 06:46
Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology (OT) devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical infrastructure sectors. The shortcomings, collectively dubbed "INFRA:HALT," target NicheStack, potentially
Before yesterdayThe Hacker News

Chinese Hackers Target Major Southeast Asian Telecom Companies

3 August 2021 at 11:27
Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017. "The goal of the attackers behind these intrusions was to gain and maintain continuous access to telecommunication providers and to

Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs

3 August 2021 at 10:33
As cyber incidents increase in scope and impact, more and more organizations come to realize that outsourcing their defenses is the best practiceβ€”significantly increasing the Managed Security Service Provider (MSSP) market opportunities. Until recently, IT integrators, VARs, and MSPs haven't participated in the growing and profitable MSSP market as it entailed massive investments in

PwnedPiper PTS Security Flaws Threaten 80% of Hospitals in the U.S.

2 August 2021 at 12:03
Cybersecurity researchers on Monday disclosed a set of nine vulnerabilities known as "PwnedPiper" that left a widely-used pneumatic tube system (PTS) vulnerable to critical attacks, including a possibility of complete takeover. The security weaknesses, disclosed by American cybersecurity firm Armis, impact the Translogic PTS system by Swisslog Healthcare, which is installed in about 80% of all

New APT Hacking Group Targets Microsoft IIS Servers with ASP.NET Exploits

2 August 2021 at 11:11
A new highly capable and persistent threat actor has been targeting major high-profile public and private entities in the U.S. as part of a series of targeted cyber intrusion attacks by exploiting internet-facing Microsoft Internet Information Services (IIS) servers to infiltrate their networks. Israeli cybersecurity firm Sygnia, which identified the campaign, is tracking the advanced, stealthy

PyPI Python Package Repository Patches Critical Supply Chain Flaw

2 August 2021 at 10:27
The maintainers of Python Package Index (PyPI) last week issued fixes for three vulnerabilities, one among which could be abused to achieve arbitrary code execution and take full control of the official third-party software repository. The security weaknesses wereΒ discoveredΒ and reported by Japanese security researcher RyotaK, who in the past has disclosed critical vulnerabilities in theΒ 

Solarmarker InfoStealer Malware Once Again Making its Way Into the Wild

2 August 2021 at 10:07
Healthcare and education sectors are the frequent targets of a new surge in credential harvesting activity from what's a "highly modular" .NET-based information stealer and keylogger, charting the course for the threat actor's continued evolution while simultaneously remaining under the radar. Dubbed "Solarmarker," the malware campaign is believed to be active since September 2020, with