Cybersecurity News
What are buffer overflow attacks and how are they thwarted?
Ever since the Morris worm, buffer overflows have become notorious fare in the world of vulnerabilities
The post What are buffer overflow attacks and how are they thwarted? appeared first on WeLiveSecurity
Who Is the Network Access Broker ‘Babam’?
Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access credentials -- such as usernames and passwords needed to remotely connect to the target's network. In this post we'll look at the clues left behind by "Babam," the handle chosen by a cybercriminal who has sold such access to ransomware groups on many occasions over the past few years.Pandemic-Influenced Car Shopping: Just Use the Manufacturer API
Jason Kent, hacker-in-residence at Cequence, found a way to exploit a Toyota API to get around the hassle of car shopping in the age of supply-chain woes.
Omicron Phishing Scam Already Spotted in UK
Omicron COVID-19 variant anxiety inspires new phishing scam offering fake NHS tests to steal data.
NSO Group spyware used to hack at least nine US officials’ phones – report
Revelation comes just weeks after the Biden administration placed NSO on a US blacklist
The iPhones of at least nine US state department officials were recently hacked by a government using NSO Group spyware, according to a new report that raised serious questions about the use of Israeli surveillance tools against US government officials around the world.
The claim, which was reported by Reuters, comes just weeks after the Biden administration placed NSO on a US blacklist and said the surveillance company acted “contrary to the foreign policy and national security interests of the US”.
Continue reading...What Are Your Top Cloud Security Challenges? Threatpost Poll
We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll!
Week in security with Tony Anscombe
ESET researchers analyze malware frameworks targeting air-gapped networks – ESET Research launches a podcast – INTERPOL cracks down on online fraud
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Scammers exploit Omicron fears in new COVID‑19 phishing campaign
Fraudsters take advantage of the emergence of the new variant to dupe unsuspecting victims out of their sensitive data
The post Scammers exploit Omicron fears in new COVID‑19 phishing campaign appeared first on WeLiveSecurity
Threat Group Takes Aim Again at Cloud Platform Provider Zoho
Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio.
‘Double-Extortion’ Ransomware Damage Skyrockets 935%
Startling triple-digit growth is fueled by easy criminal access to corporate networks and RaaS tools, an analysis found.
Planned Parenthood Breach Opens Patients to Follow-On Attacks
Cyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information.
AT&T Takes Steps to Mitigate Botnet Found Inside Its Network
AT&T is battling a modular malware called EwDoor on 5,700 VoIP servers, but it could have a larger wildcard certificate problem.
Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach”
In January 2021, technology vendor Ubiquiti Inc. [NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the company had drastically understated the scope of the incident, and that the third-party cloud provider claim was a fabrication. On Wednesday, a former Ubiquiti developer was arrested and charged with stealing data and trying to extort his employer while pretending to be a whistleblower.Cabinet Office fined £500,000 over New Year honours list data breach
Regulator says safety of hundreds of individuals was jeopardised after their addresses were posted online
The Cabinet Office has been fined £500,000 by the UK’s data watchdog after the postal addresses of the 2020 New Year honours recipients were disclosed online.
The Information Commissioner’s Office (ICO) found officials failed to put in place “appropriate technical and organisational measures” to prevent the unauthorised disclosure of personal information in breach of data protection law.
Continue reading...Launching ESET Research Podcast: A peek behind the scenes of ESET discoveries
Press play for the first episode as host Aryeh Goretsky is joined by Zuzana Hromcová to discuss native IIS malware
The post Launching ESET Research Podcast: A peek behind the scenes of ESET discoveries appeared first on WeLiveSecurity
80K Retail WooCommerce Sites Exposed by Plugin XSS Bug
The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts.
Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments
Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang.
Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users
Attackers use socially engineered SMS messages and malware to compromise tens of thousands of devices and drain user bank accounts.
Jumping the air gap: 15 years of nation‑state effort
ESET researchers studied all the malicious frameworks ever reported publicly that have been used to attack air-gapped networks and are releasing a side-by-side comparison of their most important TTPs
The post Jumping the air gap: 15 years of nation‑state effort appeared first on WeLiveSecurity
How Decryption of Network Traffic Can Improve Security
Most industry analyst firms conclude that between 80-90 percent of network traffic is encrypted today. Jeff Costlow, CISO at ExtraHop, explains why this might not be a good thing.
