Items tagged with security

Yesterday was Microsoft’s routine Patch Tuesday release, which tackled quite a few vulnerabilities, 55 to be exact. Though this may seem like a lot, it is actually the smallest update from the company since 2020, but it does take care of some big problems. This includes a rather worrisome wormable HTTP protocol-stack vulnerability within Windows that thankfully has not been seen exploited in the wild. Of the 55 fixes coming with this patch, the wormable HTTP protocol-stack vulnerability, denoted by CVE-2021-31166, is the most concerning. This vulnerability has been given a rather high Common Vulnerability Scoring System (CVSS) score at 9.8 out of 10, which means it can be dangerous if used.... Read more...
A researcher who has helped shaped Wi-Fi security has once again discovered a series of vulnerabilities affecting all Wi-Fi devices dating back to 1997. Fortunately, many of the security holes are difficult to exploit, and according to the Wi-Fi Alliance, it does not appear as though hackers are leveraging the security holes in the wild. That could change at any time, of course, especially now that these vulnerabilities have been publicized. Belgian security researcher Mathy Vanhoef has collectively dubbed the security holes as FragAttacks, because they are fragmentation and aggregation attack vectors. According to Vanhoef, an attacker that is within radio range of a device can exploit the vulnerabilities... Read more...
Yesterday, we reported on a ransomware attack that targeted Colonial Pipeline, and by association, the eastern seaboard after the company had to shut off its pipeline network. Now, the FBI has tied the ransomware attack on the fuel company to a newly formed group called “DarkSide,” who has been incredibly quiet about the situation until today. On May 7th, Colonial Pipeline learned that they had been the victim of a cybersecurity incident and then “proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations.” Since then, the company has slowly restored services to its customers in Texas through New Jersey. The company’s... Read more...
When it was found that Microsoft Exchange on-premises was vulnerable to hackers, quite a bit of havoc ensued across a wide range of industries. Since then, the FBI obtained a court order to go in and remove backdoors to hacked servers, but there are likely many hacked Exchange servers still out there. In recent days, researchers have noticed an uptick in DNS queries and new infrastructure and components associated with the Lemon Duck cryptocurrency mining botnet that targeted these vulnerable Exchange servers. In March, Microsoft first caught onto Lemon Duck “adopting different exploit styles and choosing to use a fileless/web shell-less option of direct PowerShell commands” for some... Read more...
Last week, cybersecurity researchers discovered an open Elasticsearch database that exposed an extensive fake Amazon reviews scam ring. The database contained millions of direct messages between Amazon vendors and upwards of 200,000 customers willing to provide fake reviews in exchange for free products. It is presently unknown who owns the database, but it shows the nasty underbelly of some Amazon vendors and online retail. The SafetyDetectives cybersecurity team’s discovery of this Elasticsearch database proved to be incredibly interesting and valuable as it outlined how Amazon vendors went about getting the fake reviews. The team reported that Amazon vendors send to reviewers, or an... Read more...
One of the top U.S. fuel pipeline operators had to shutter its network this weekend due to a nasty ransomware attack. This effectively shut down approximately half of the East Coast’s fuel for both air and ground transportation. Though home heating oil prices are not expected to increase as a result, this does raise concerns about how vulnerable U.S. critical infrastructure is after seeing how disruptive this attack was. Colonial Pipeline is one of the largest pipeline operators in the United States, with over 5,500 miles of pipe delivering 100 million gallons of fuel across 14 different states and directly serving seven airports. The network, which you can see below, spans from New... Read more...
Dell is one of the most popular PC brands globally, selling millions of laptops, desktops, and server systems to everyday consumers and businesses alike each year. However, SentinelLabs researchers warned this week that five critical security flaws have been lurking in its firmware update driver since the early days of President Obama's first term. Attackers could have potentially exploited these flaws to conduct escalation of privilege attacks for kernel-level access on hundreds of millions of Dell and Alienware PCs. Multiple vulnerabilities were traced to Dell's firmware update driver version 2.3 (dbutil_2_3.sys) module. This module is responsible for Dell firmware updates using the Dell BIOS... Read more...
AI is spreading, and not in the creepy sci-fi dystopian kind of way, but by way of programs to help manage large tasks in critical business sectors, such as healthcare, finance, and defense. Now, Microsoft is releasing a tool called Counterfit, an “automation tool for security testing AI systems as an open-source project.” This way, companies will be able to “ensure that the algorithms used in their businesses are robust, reliable, and trustworthy.” As mentioned, AI systems are becoming more prevalent in business, powering many different services. Thus, these systems must be secure from adversaries so that important or confidential information is not lost. However, performing... Read more...
At the start of May, researchers at the University of Virginia announced that current Spectre chip vulnerability mitigations could be bypassed entirely, bringing the ghostly security flaw back to life. Intel has now officially responded by claiming that software coded following its specific security guidance protects against these new vulnerabilities. However, UVA  researchers seem to disagree with the general sentiment. The question now is, who is right and what needs to happen to protect end-users? Here's Intel's full statement on the matter... “Intel reviewed the report and informed researchers that existing mitigations were not being bypassed and that this scenario is addressed... Read more...
Back in 2018, a processor security vulnerability called Spectre appeared, affecting all modern CPU architectures from Intel, AMD, and even ARM in the last 20 years. Since then, major players and semiconductor OEMs have worked hard to patch out the vulnerabilities in a cybersecurity whack-a-mole game, in some cases leading to performance loss and other issues. Today, unfortunately, University of Virginia Researchers have now found a way to circumvent all of the original Spectre security mitigations, essentially resurrecting the ghostly security flaw that will now again haunt billions of PCs globally. Of the vulnerabilities that appeared in 2018, Spectre was the nastier of the two primary... Read more...
If you catch the flu, you may be stuck at home or even bedridden for a few days until you get better. If you catch the FluBot malware, you could be at risk of losing sensitive information, such as banking details and personal information. While this malware campaign has not made it across the pond from Europe yet, it could make its way over while wreaking havoc along the way. In late 2020, an Android-based malware was discovered trying to spread itself and capture credit card data. Regardless of the version, the basis for the malware was phishing people with fake links to track packages using reputable names like FedEx and DHL. Once a user clicked a link, it would direct them to download a legitimate-looking... Read more...
Last week, the CEO of messaging app Signal got his hands on Cellebrite software, which is typically used for extracting data from mobile devices. Several security vulnerabilities were discovered with this acquisition, leading to Signal including files in its app that would corrupt all present and future data collected by the Cellebrite utility. Now, the Cellebrite Physical Analyzer, or “the most intrusive phone cracking tool offered by the company,” is no longer fully supporting iPhones. Cellebrite is an Israeli digital forensics and intelligence company that provides both hardware and software to crack phones. These products are used by law enforcement agencies around the world and... Read more...
Given that data leaks are occurring even more frequently these days, it is a matter of when, not if, your information makes it to the open web. Cybercriminals are constantly on the prowl looking for a new way to make a quick buck, and clearly the system is working for them. New data reports that over 5 billion records were lost to leaks through March, with 3.27 billion of them from one massive set of data alone. According to data collected by Hackmageddon and compiled by AtlasVPN, the five billion records lost came from an outstanding 42 different breaches across January, February, and March. Of those months, January was the busiest with a total of 23 breaches, whereas March was the meekest with... Read more...
The same group of hackers that hit the NBA's Houston Rockets basketball team with a ransomware attack earlier this month has now turned its sights on the police force in Washington, D.C. It is the latest in a string of concerning ransomware attacks aimed at police over the past several weeks, where data leaks can put people's lives in danger. More than just a potentially embarrassing situation, in which private information could be revealed to the public, unscrupulous hackers are also threatening to reveal the identity of police informants to gangs, according to a post on the dark web viewed by The New York Times. In such a scenario, a data dump could conceivably result in actual bodily harm,... Read more...
From time to time, malware will pop up that affects Apple devices which are typically touted as the superior option to other PCs for their security. This happened earlier this year with the mysterious Silver Sparrow malware that caught thousands of M1 Macs. Now, Mac users are being urged to patch again to prevent actively used malware, bypassing many of Apple’s core security measures with ease. File quarantine, Gatekeeper, and Application Notarization are three utilities that have been introduced over the years to help protect users. Effectively, these tools make it so Apple must essentially sign off on all software that could make it to a Mac. If some software somehow managed to sneak... Read more...
When we hear of ransomware attacks, it usually involves high-value targets, such as the recent $50 million attack against Apple supplier Quanta. This time, a ransomware gang took a different approach and targeted consumers and small businesses using QNAP devices and subsequently encrypted their files. In just five days, the gang managed to collect $260,000 in Bitcoin for unlocking all the devices they took hostage. On Monday, a ransomware operation called Qlocker kicked off, exploiting new vulnerabilities in QNAP NAS devices and leaving users to wake up to their files being locked up. The ransomware gang behind this pulled it off by scanning the web for connected QNAP devices and then locking... Read more...
When it comes to password management, users really have just a handful of options, and all of them have their caveats. If we choose to just use memorable passwords and recycle them between accounts, one account becoming compromised can lead to a group of them being in a bad state. On the other hand, relying on a cloud service to store passwords puts our security credentials on someone else's servers, and we're subject to whatever tracking those services may entail. Lastly, if we host our own password management solutions, one bad update can leak our credentials to the world. This third option is the story of Click Studios and PasswordState. PasswordState is a self-hosted, as opposed to cloud-hosted,... Read more...
The United States government has quietly handed over management of around 175 million traditional internet addresses (IPV4) to Global Resource Systems LLC, a small company in Florida, as part of a "pilot effort" to look for security issues. In case you are wondering, that works out to around 6 percent of all available IPV4 internet addresses. This transfer of management (not ownership) began several months ago. What started off as tens of millions of IP addresses quickly became over a hundred million, which on the surface is unusual—typically speaking, big chunks of the IPV4 space are controlled by large telecommunications companies, such as AT&T and Verizon. So how does Global Resource... Read more...
With all due apologies for the disappointing news, you did not win a set of Apple AirPods, no matter what that unsolicited text message you received may have said. The text message is a scam attempt, plain and simple. It has gotten so big that the Better Business Bureau (BBB) felt it necessary to issue a warning to the public, explaining how the text message con works. Tech savvy individuals (most of you reading this) will recognize this sort of thing right away. But even if you would never fall for such a thing, you can probably think of family members and friends who would. So if nothing else, pass the warning on to those you know who would be duped by what basically amounts to a popular phishing... Read more...
After a Reddit user alerted AMD to vulnerabilities within its web store that was making it easy for bots to buy hard-to-get graphics cards and other hardware before us regular folk ever stood a chance, it made some back-end changes and sent the user a t-shirt as a 'thank you' gift. All is now well in the world, right? Well, not exactly. There's still more work to be done on AMD's part. We're not talking about work in the broader sense, like securing more silicon so that supply can catch up with demand, even while being ravaged by cryptocurrency miners and scalpers. Much of that is outside of AMD's control—manufacturing partner TSMC recently indicated the general shortage of silicon could... Read more...
Israeli-based digital intelligence company Cellebrite provides software that enables the extraction of data from devices. While law enforcement loves this, it raises ire from phone manufacturers and individuals alike, with privacy concerns abound. Interestingly, the CEO of Signal got their hands on one of these devices and managed to hack it, which provided some interesting insights, to say the least. For context, Cellebrite software seems to exist in a moral and legal grey area, when law enforcement can unlock phones without authorization by the owner. While it is important to note that Cellebrite software requires the device to be in the hands of the person attempting to get data, this may... Read more...
It is a miserable time now for securing PC gaming hardware like graphics cards and high-end processors. Securing AMD Radeon RX 6000 Series and NVIDIA GeForce RTX 30 Series graphics cards have been particularly troublesome due to demand from gamers and crypto miners. The supply issue has been compounded by people using bots to snatch up available graphics cards when they do come back in stock before the general public even has a chance to add the item to their cart. One Redditor, originofspices, decided to take matters into their own hands against bots ruining the purchase experience for AMD's web store. Digital River runs AMD's store, and it is rife with vulnerabilities that bots use to secure... Read more...
1 2 3 4 5 Next ... Last