Cybersecurity News


HP Omen Hub Exposes Millions of Gamers to Cyberattack

HP Omen Hub Exposes Millions of Gamers to Cyberattack A driver privilege-escalation bug gives attackers kernel-mode access to millions of PCs used for gaming.
16 September 2021

Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk

Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk Dubbed OMIGOD, a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux demonstrate hidden security threats, researchers said.
16 September 2021

Customer Care Giant TTEC Hit By Ransomware?

TTEC, [NASDAQ: TTEC], a company used by some of the world's largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident that appears to be the result of a ransomware attack, KrebsOnSecurity has learned.
15 September 2021

No Patch for High-Severity Bug in Legacy IBM System X Servers

No Patch for High-Severity Bug in Legacy IBM System X Servers Two of IBM's aging flagship server models, retired in 2020, won’t be patched for a command-injection flaw.
15 September 2021

Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws

The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML.

The post Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws appeared first on WeLiveSecurity

15 September 2021

Attackers Impersonate DoT in Two-Day Phishing Scam

Attackers Impersonate DoT in Two-Day Phishing Scam Threat actors dangled the lure of receiving funds from the $1 trillion infrastructure bill and created new domains mimicking the real federal site.
15 September 2021

Cybercriminals recreate Cobalt Strike in Linux

The new malware strain has gone unnoticed by detection tools.
15 September 2021

Two-thirds of cloud attacks could be stopped by checking configurations, research finds

IBM says that over half of cloud security breaches are caused by issues simple to rectify.
15 September 2021

Meris botnet assaults KrebsOnSecurity

The botnet appears to be made up of compromised routers.
15 September 2021

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager Adobe releases security updates for 59 bugs affecting its core products, including Adobe Acrobat Reader, XMP Toolkit SDK and Photoshop.
14 September 2021

Microsoft Patch Tuesday, September 2021 Edition

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that's reportedly been abused to install spyware on iOS products, and Google's got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.
14 September 2021

Microsoft Patches Actively Exploited Windows Zero-Day Bug

Microsoft Patches Actively Exploited Windows Zero-Day Bug On Patch Tuesday, Microsoft fixed 66 CVEs, including an RCE bug in MSHTML under active attack as threat actors passed around guides for the drop-dead simple exploit.
14 September 2021

2021’s Most Dangerous Software Weaknesses

2021’s Most Dangerous Software Weaknesses Saryu Nayyar, CEO at Gurucul, peeks into Mitre's list of dangerous software bug types, highlighting that the oldies are still the goodies for attackers.
14 September 2021

Paving the Way: Inspiring Women in Payments - A Q&A Featuring Zeal Somani

 

Women alone can be powerful. But women who empower each other can have an even greater impact. In this edition of our blog, Zeal Somani, who was greatly influenced by her grandmother and by her female colleagues, explains that forming close connections with other women and channeling the power of collaboration are key to overcoming unconscious bias that women face in the workplace.

14 September 2021

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender The well-known banking trojan retools for stealth with a whole new attack routine, including using ads for Microsoft TeamViewer and Zoom to lure victims in.
14 September 2021

WhatsApp announces end‑to‑end encrypted backups

The Facebook-owned messaging service plans to roll out the feature to both iOS and Android users in the coming weeks.

The post WhatsApp announces end‑to‑end encrypted backups appeared first on WeLiveSecurity

14 September 2021

Pair of Google Chrome Zero-Day Bugs Actively Exploited

Pair of Google Chrome Zero-Day Bugs Actively Exploited The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year.
14 September 2021

Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast

Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast Imperva's Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws.
14 September 2021

Romance, BEC Scams Lands Soldier in Jail for 46 Months

Romance, BEC Scams Lands Soldier in Jail for 46 Months A former Army Reservist pleaded guilty to scamming the elderly with catfishing and stealing from veterans.
14 September 2021

The state of ransomware: national emergencies and million-dollar blackmail

Banks, however, have experienced the highest volume of ransomware attacks this year.
14 September 2021