News

Security researchers gathered in Austin, Texas, this week for yet another Pwn2Own hacking competition, racking up more than $1 million in rewards for their exploit demonstrations. The latest edition of the iconic hacking contest has seen a specific focus on network-attached storage (NAS) boxes as well as routers, with mobile phones and printers also on

Ukraine’s premier law enforcement and counterintelligence agency on Thursday disclosed the real identities of five individuals allegedly involved in cyberattacks attributed to a cyber-espionage group named Gamaredon, linking the members to Russia’s Federal Security Service (FSB). Calling the hacker group “an FSB special project, which specifically targeted Ukraine,” the Security Service of Ukraine (SSU) said

The ever-increasing use of IoT devices is leading corporations to adopt one of the evergreen methods of IT security — segmentation — to protect their burgeoning fleets of IoT appliances. IoT devices, such as card readers, sensors and appliances, do not usually have much computing power or memory onboard. Therefore, many can’t run security programs

Cybersecurity researchers have disclosed a security flaw in the Linux Kernel’s Transparent Inter Process Communication (TIPC) module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines. The heap overflow vulnerability “can be exploited locally or remotely within a network to

An analysis of new samples of BlackMatter ransomware for Windows and Linux has revealed the extent to which the operators have continually added new features and encryption capabilities in successive iterations over a three-month period. No fewer than 10 Windows and two Linux versions of the ransomware have been observed in the wild to date,

A decade ago, Netflix created a concept called chaos engineering to test the resilience of its systems as the streaming media company moved its systems to the cloud. Today, two proponents of the concept tout how chaos engineering can be used in cybersecurity. In 2011, Netflix built Chaos Monkey, a chaos engineering tool that helps

A now-patched critical remote code execution (RCE) vulnerability in GitLab’s web interface has been detected as actively exploited in the wild, cybersecurity researchers warn, rendering a large number of internet-facing GitLab instances susceptible to attacks. Tracked as CVE-2021-22205, the issue relates to an improper validation of user-provided images that results in arbitrary code execution. The

One of the harder cybersecurity areas to develop and maintain a skill base for is the red team. For those on the offense side of the security equation — for example, penetration testers — it can be challenging to establish an initial set of skills and keep them sharp over the long term. Other than

Multiple vulnerabilities have been disclosed in Hitachi Vantara’s Pentaho Business Analytics software that could be abused by malicious actors to upload arbitrary data files and even execute arbitrary code on the underlying host system of the application. The security weaknesses were reported by researchers Alberto Favero from German cybersecurity firm Hawsec and Altion Malka from

Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed “Shrootless” and tracked as CVE-2021-30892, the “vulnerability lies in how Apple-signed packages with

By What is shoulder surfing? Shoulder surfing is using direct observation techniques, such as looking over someone’s shoulder, to get information. Shoulder surfing is an effective way to get information in crowded places because it’s relatively easy to stand next to someone and watch as they fill out a form, enter a PIN at an

12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups. The arrests were made earlier this week on October 26 in Ukraine and Switzerland, resulting

What is risk appetite and how is it different from risk tolerance? Risk appetite is the amount of risk an organization is willing to take in pursuit of objectives it deems have value. Risk appetite can also be described as an organization’s risk capacity, or the maximum amount of residual risk it will accept after

An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. The malware has been named “AbstractEmu” owing to its use of code abstraction and anti-emulation checks to avoid running while under

Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input in a feature called Intents as well as a case of inappropriate

Twitter detailed its process for onboarding 100% of employee accounts with physical Yubico security keys in a blog post Wednesday. The post comes a little over a year after last summer’s Twitter hack, in which attackers used a social engineering attack that granted access to administrative systems and tools within the company. Through this access,

A new spam email campaign has emerged as a conduit for a previously undocumented malware loader that enables the attackers to gain an initial foothold into enterprise networks and drop malicious payloads on compromised systems. “These infections are also used to facilitate the delivery of additional malware such as Qakbot and Cobalt Strike, two of

More data than ever before is being put into cloud-based storage repositories. Leading cloud providers offer an array of storage options, yet databases remain the most common choice in today’s enterprises. Because databases are updated so frequently, it’s important to review their security controls regularly. When it comes to cloud databases, organizations have two options:

A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. The premium SMS scam campaign — dubbed “UltimaSMS” — is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including

Cybersecurity is often viewed as a technical and complex field. Few realize, however, that cybersecurity also focuses on how people work and the way they think. “No matter what background you come from, you’ll have skills and knowledge that are hugely valuable to cybersecurity,” said Jessica Barker, co-CEO and co-founder of cybersecurity consulting group Cygenta.

A “potentially devastating and hard-to-detect threat” could be abused by attackers to collect users’ browser fingerprinting information with the goal of spoofing the victims without their knowledge, thus effectively compromising their privacy. Academics from Texas A&M University dubbed the attack system “Gummy Browsers,” likening it to a nearly 20-year-old “Gummy Fingers” technique that can impersonate

As public engagement with digital content continues to rise, consumers and businesses are increasingly more reliant on technology platforms. The anonymity of our digital world makes it difficult to know who is behind the screen. This gray space gives would-be fraudsters an opening to threaten both businesses and consumers directly, especially in the realm of

The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what’s the latest action taken by governments to disrupt the lucrative ecosystem. The takedown was first reported by Reuters, quoting multiple private-sector cyber

Microsoft on Thursday disclosed an “extensive series of credential phishing campaigns” that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant’s Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the

Listen to this podcast Security researchers criticized the Apple Security Bounty program and claimed the company ignored bug reports, denied bounty payments and silently patched vulnerabilities. This week’s Risk & Repeat podcast discusses the infosec community’s growing discontent with Apple’s bug bounty program and what it could mean for the technology giant. Several security researchers

A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the cyber campaign to a “lone wolf” threat actor operating a Lahore-based fake

IT teams struggle to develop adequate security strategies with the multitude of devices on ever-expanding corporate networks. Protecting IoT investments is critical for business survival and growth, yet IoT security presents unique challenges. A machine learning (ML) approach to IoT security can address some of these challenges. It solves the issue of identifying unknown devices

An effective cybersecurity strategy can be challenging to implement correctly and often involves many layers of security. Part of a robust security strategy involves performing what is known as a penetration test (pen test). The penetration test helps to discover vulnerabilities and weaknesses in your security defenses before the bad guys discover these. They can

A newly disclosed vulnerability affecting Intel processors could be abused by an adversary to gain access to sensitive information stored within enclaves and even run arbitrary code on vulnerable systems. The vulnerability (CVE-2021-0186, CVSS score: 8.2) was discovered by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National