A component in SupportAssist software pre-installed on Dell PCs - and other OEM devices - opens systems up to DLL hijacking attacks.π Read
via "Threatpost".
π‘ Cybersecurity & Privacy news π‘
A component in SupportAssist software pre-installed on Dell PCs - and other OEM devices - opens systems up to DLL hijacking attacks.SupportAssist, which comes pre-installed on millions of Dell PCs, is based on a platform called PC-Doctor, and it can be abused to give attackers system-level access to hardware and software.Google says it's fixed the issue, but we haven't heard details on how many, and which, products were affected.Early information suggests threat actors gained access to the managed service provider's remote monitoring and management tools and used them to attack the firm's clients.From November, users running some versions of Windows 10 will be required to upgrade or find themselves unable to receive security updates.The KGB Espionage Museum's curator Agne Urbaityte describes how agents concealed spying devices in what they wore when working in the field.This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to military strategy for cybersecurity.Mozilla has patched a second actively-exploited vulnerability in Firefox this week.Remote work and other developments demand a shift to managing people rather than devices.The KGB Espionage Museum's curator Agne Urbaityte explains why and how plates and ashtrays were used as eavesdropping and spying devices.TrueFort plans to use the funding to expand sales, marketing, R&D, customer support, and go-to-market initiatives.OpenStack Magnum passes OpenStack credentials into the Heat templates creating its instances. While these should just be used for retrieving the instances' SSL certificates, they allow full API access, though and can be used to perform any API operation the user is authorized to perform.While risk analysts and security experts continue to urge companies to secure systems against ransomware, they are now also advising that firms be ready to pay.A $600,000 ransom is paid, a phishing attack yields more victims than expected, and a trio of university data breaches - catch up on the week's news with this roundup!Four new CVEs present issues that have a potential DoS impact on almost every Linux user.When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata. A malicious user could modify this data in a way that affects the operation of the cluster.As the number of blacklisted apps on Google Play continues to drop, attackers find new ways to compromise smartphones.The Threatpost team discusses the top news of the week - from a NASA cyberincident to dating app privacy issues.A spoofing bug (CVE-2019-1105) can open the door to an email attack chain.Pink Camera apps secretly signed users up for premium subscription services.You can and should review your privacy settings for Microsoft Office 365. Learn how in this step-by-step tutorial.From Bella Thorne publishing her own nudes to the Yubikey recall - and everything in between. It's weekly roundup time.The language we use could be indicators of disease and, with patient consent, could be monitored just like physical symptoms.The leak, carried out by a since-fired rogue employee, affected 2.7 million people and 173,000 businesses - about 41% of its clientele.Be careful before installing that mobile app on your iOS or Android device - many mobile applications are riddled with vulnerabilities.Two emergency zero days affecting a browser in one week counts as unusual - especially when they pop up as separate alerts two days apart.There's more than one way to get inside a company.The Department of Homeland Security is warning that U.S. agencies are being targeted by Iranian-backed cyberattacks with destructive wiper malware.The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether.SaaS applications are supplanting traditional desktop software, and visibility into cloud workloads is a major problem, according to Symantec.NASA report shows exfiltration totaling more than 100 GB of information since 2009.A committee whose job is to oversee tax administration issues for the IRS says limitations at the agency are fostering cybersecurity risks.An attempt by Facebook to block a lawsuit, regarding a massive 2018 data breach, has been shot down.The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation.Dominion National first spotted something awry in April of 2019.The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server.Impact of FBI's takedown of 15 'booter' domains last December appears to have been temporary.Researchers explore how modern security problems can be solved with an examination of society, technology, and security.Krekelberg alleged that 58 fellow officers broke a federal privacy law by searching for her driverβs license data without any reason.Senator Ron Wyden has written to NIST asking for guidance and training for government staff in how to share files securely.Researchers have shown that itβs technically possible for hackers to target the US Presidential text Alerts system to send fake messages.Popular file transfer service WeTransfer faces embarrassment this week after admitting that it had mailed file links to the wrong users.Cryptomining will exist as long as it remains profitable. One of the most effective ways to disrupt that activity is to make it too expensive to run cryptomining malware in your network.Following a series of incidents in which packages were misrouted, and under increasing scrutiny from the Chinese government, FedEx is seeking relief.Enpass allows you to create your own custom templates for even more efficient usage.A new malicious campaign is spreading LokiBot and NanoCore trojans under the guise of an ISO file claiming to be an invoice.Gain more security with your open source FTP server with the help of OpenSSL and TLS.With the cyber conflict between the United States and Iran ramping up, companies traditionally targeted by the countries - such as those in the oil and gas and financial industries - need to bolster their security efforts, experts say.Be prepared by following these five steps so you don't have to pay a ransom to get your data back.Researchers have found samples of malware that targets a recently-disclosed, unpatched MacOS vulnerability.Data breaches remain prevalent in the enterprise. Learn what companies are doing right--and wrong--when it comes to prevention.A data breach at this company may have started as early as nine years ago, in the summer of 2010.Here's a way to keep secrets safe in memory, even in a world of hardware-level leakage due to tricks like Rambleed, Spectre and more.Security Hub aims to manage security across an AWS environment; Control Tower handles security and compliance for multi-account environments.PersonalVault locks down files with MFA and encryption.A nation-state group possibly out of China has attacked cell carrier networks in search of data on high-value individuals.Steve Schmidt says limiting access to data has dramatically changed the security posture across Amazon Web Services.Web analytics firm plugs a hole in its platform that allowed attackers to open a reverse shell that could be used to attack the service.Threat actors increasingly using malicious URLs, HTTPS domains, file-sharing sites in email attacks, FireEye says.Google has expanded its internet safety guide for children with techniques and games to help them be more info-literate online.Maintainers of the worldβs most popular open source media player, VLC, has issued the biggest single set of security fixes in the programβs history.Social Engineered, dedicated to the βArt of Human Hacking,β was gutted, with 55,121 users' details leaked on the same day as the hack.Those things drop out of pockets at the worst times. Like, say, when you're hurling a bomb at a brick-and-mortar that you've also DDoSed.Foster Warriors is a new nonprofit initiative focused on helping foster kids find a place in the world, and especially in the world of security. Join us!After being hit by a ransomware attack, the second Florida city this month has opted to pay hackers their requested ransom.Enpass allows you to create a streamlined template to meet your specific password needs.Standards group forms two new working groups to develop new open specifications.This week's TechRepublic and ZDNet news stories include a Verizon error leads to massive outages, Apple's plan to hire 2,000 employees, and five ways robots impact our lives.A bug in the Electronic Arts gaming platform's single sign-on mechanism could have allowed hackers to access game accounts.An analysis of the 1,000 most popular Docker containers uncovered a variety of security vulnerabilities, some of which are critical.This week's TechRepublic and ZDNet news stories include a Verizon error leads to massive outages, Apple's plan to hire 2,000 employees, and five ways robots impact our lives.A two-step strategy for creating an attack environment that is more complex, less profitable, and more likely to expose the attacker.Recent changes to data privacy legislation in the Lone Star State will likely affect the incident response plan of any business that does business in the state.This comprehensive guide covers different types of denial of service attacks, DDoS protection strategies, as well as why it matters for business.After a March report exposed Iran-linked APT33's infrastructure and operations, the cyberespionage group has adopted new tactics and techniques.Cisco has patched two critical vulnerabilities in its Data Center Network Manager software, which could allow a remote attacker to take over affected devices.Lawsuit alleges sales representatives stole trade secrets from McAfee before joining Tanium.The challenges and benefits to getting two traditionally adversarial groups on the same page.A two-step strategy for creating an attack environment that is more complex, less profitable, and more likely to expose the attacker.Silex has 'bricked' more than 2,000 Linux-based IoT devices so far.Google finalizes its DNS-over-HTTPS service inching toward a world where DNS request are sent via HTTPS and not UDP or TCP.While the password-cracking Mimikatz took top honors, Mac-targeted malware accounted for two of the 10 most detected malware samples, according to WatchGuard.TechRepublic Premium content helps you solve your toughest IT issues and jumpstart your career or next project.Many enterprises are too dependent on cloud vendors to secure their critical online data rather than adopting security as a shared responsibility, according to a survey from CyberArk.Attend Black Hat USA this summer and see how researchers are subverting the GDPR's privacy rules and detecting deep fakes with machine learning.After fingers, the iris of the eye, ears and even lips, it was probably inevitable that someone would propose the human heart might be the next big thing in biometric security.It's a drop in the β4.7 billion robocalls placed per monthβ bucket, but hey, it's better than nothing!Sen. Markey and 2 consumer groups said the Google-owned service must comply with COPPA and should be held accountable for not doing so.Why the ubiquitous nature of Office 365 poses unique challenges for MFA-based security and how organizations can protect themselves.Mobile devices could provide a more secure, user-friendly mode of account authentication, according to an IDG and MobileIron report.Cybersecurity researchers have fooled the Tesla Model 3's automatic navigation system into rapidly braking and taking a wrong turn on the highway.A 14-year-old hacker bricked at least 4,000 Internet of Things devices with a new strain of malware called Silex this week. Threatpost talks to the researcher who discovered the malware.Researchers have identified security hole in Microsoft Officeβs Excel spreadsheet program that allows an attacker to trigger a malware attack on remote systems.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152157.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152156.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150431.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150430.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150429.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148614.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605.IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks. IBM X-Force ID: 147838.The default configuration of glot-www through 2018-05-19 allows remote attackers to execute arbitrary code because glot-code-runner supports os.system within a "python" "files" "content" JSON file.Have you ever wondered how vulnerabilities are scored? Here's a simplified explanation for an overly complex system.Although the number of programs for training workers in cybersecurity skills has increased, as well as the number of graduates, the gap in supply and demand for cybersecurity-skilled workers is essentially unchanged, leaving companies to struggle.Polymorphic malware is far from a new thing. But today, what is good for attackers is also good for defenders. Here's why.Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.Insufficient data validation in filesystem URIs in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass content security policy via a crafted HTML page.Insufficient file type enforcement in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain local file data via a crafted HTML page.Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page.Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page.Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.Unintended floating-point error accumulation in SwiftShader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat.The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers.Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page.Many federal agencies are unprepared to "confront the dynamic cyber threats of today," according to a Senate investigation this week.The dependency trees of modern software-development make smaller open-source projects vulnerable to hackers sabotaging code.Hackers are stealing Instagram credentials through a tricky phishing scam that asks victims to apply for exclusive verified account status.Breaches caused by external vendors and service providers have become a major and escalating problem for organizations.As personal messaging platforms see the rise of end-to-end encryption, businesses struggle to provide strong levels of security.Netflix, TD Bank, and Ford were only a few of the companies whose data was exposed by three leaky Amazon S3 buckets owned by Attunity.Jun Ying is the second Equifax employee found guilty of insider trading related to the massive 2017 data breach.A new report offers the first step toward understanding and managing IoT cybersecurity risks.Pentesters say a keyless smart lock made by U-tec, called Ultraloq, is neither ultra or secure.Alphabet's enterprise cybersecurity division will become part of the Google security portfolio.Proof-of-concept, which allows remote code execution, is latest to exploit Dynamic Data Exchange (DDE) and is another reminder why organizations must ensure Office settings are secure.Spammers and scammers are getting better at spelling and grammar - so make sure you aren't relying on language alone to spot phishes...Trying to save 20 minutes, 100 drivers took a Google Maps shortcut... into a field, where the mud-stuck cars then caused a 2-hour delay.In an effort to show you how advertisers snoop on your surfing activity, Mozilla is offering you the chance to pretend that you're someone else."I'm not a voyeur, I'm a technology enthusiast,β says the creator, who combined deepfake AI with a need for cash to get ka-CHING!Twenty years in, enterprise VPNs occupy a uniquely solid position in a changing landscape.This year Black Hat USA is introducing special half-day programs focused on important topics that combine subject matter expertise with networking opportunities.Know your enemy and know your risk are two pieces of advice offered in a new report from security company eSentire.Looking at underlying security needs means organizations are more likely to be in compliance with privacy regulations.The FDA sent out an urgent advisory warning of serious flaws in Medtronic's insulin pumps, which are used by thousands across the U.S.A $600,000 ransomware payment, statistics on the cybersecurity talent shortage, and more - catch up on the week's news with this roundup!Attackers were reportedly able to compromise email and file-sharing systems for some of PCM's customers.On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers.Key Biscayne is the third Florida town to be hit by hackers in June.Various Lexmark devices have a Buffer Overflow (issue 2 of 2).Various Lexmark devices have a Buffer Overflow (issue 1 of 2).LOYTEC LGATE-902 6.3.2 devices allow XSS.MFA protocols are a simple best practice for increasing the overall access security of AWS cloud services and could prevent costly security breaches in your enterprise.Millions of records containing personal information and medical insurance data were exposed by a database belonging to insurance marketing website MedicareSupplement.com.A never-before-seen Dridex variant has been spotted in phishing emails using anti-virus detection evasion tactics.A tool new to MageCart bolsters the group's ability to evade detection and steal data.LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.Improper Host header sanitization in the dbfilter routing component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows a remote attacker to deny access to the service and to disclose database names via a crafted request.The module-description renderer in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier does not disable RST's local file inclusion, which allows privileged authenticated users to read local files via a crafted module description.Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds.Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters.Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.From the controversial DeepNude app to the Molotov-cocktail-throwing hacker who dropped his USB stick - and everything in between.It's yet another way to trick Instagram users out of their login credentials. Don't fall for it, lest your account be hijacked!The attackers allegedly stole admin credentials for Office 365 accounts, and planned to use stolen data to conduct gift card fraud.You've no doubt heard about Marie Kondo's method of decluttering the home. Turns out, it can help security pros tackle all of those security tools piling up around the organization.Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.From Albany, New York, to Atlanta, Georgia, to Del Rio, Texas, cities across the US have been hit with ransomware attacks.Still not fully clear about why your organization collects any (or all) log data? Experts offer their tips on making better use of log data and alerts to improve your security profile.Thinking of the bot landscape as homogeneous paints an overly simplistic picture.The following recommendations can help both end users and Web defenders mitigate credential abuse attacks.No longer can you secure the perimeter or a centralized core and trust that nothing will get in or out. Effective security depends on an in-depth strategy - from the core to the edge.As director of the DHS's National Risk Management Center, measuring and managing risk for critical infrastructure across 16 industrial sectors, Kolasky stands at a busy crossroads.CTFs require participants to be creative while using their critical-thinking and problem-solving skills to ultimately arrive at a functional solution.The 'bring your own device' movement has put security pros on high alert for a new breed of predator on the hunt to find ways to exploit the ever-expanding attack surface.Whether it's your first investigation or 500th, review the basics of IT forensics to streamline and simplify your discovery.The problem isn't with the code itself, experts say.X.509 certificates help secure the identity, privacy, and communication between two endpoints, but these digital certificates also have built-in expiration and must be managed.A lack of a security mandate in the development process has given rise to the recognized need for application security.It's a valid question, and one many enterprises remain unsure of amid a mass migration that has transformed business over the past few years.Virtual private networking is poised to become more automated and intelligent, especially as endpoints associated with cloud services and the Internet of Things need protection.Of particular interest for cybercriminals is the Domain Name System, which plays a central role in orchestrating all Internet and application traffic.Quantitative measurements - likelihood of loss, hard-dollar financial impact -- are what executives and directors need to make more informed decisions about security risksNewly published '2019 Black Hat USA Attendee Survey' recommends users stay off social media and remain wary of products that promise to solve security problems.You've no doubt heard about Marie Kondo's method of decluttering the home. Turns out, it can help security pros tackle all of those security tools piling up around the organization.From Albany, New York, to Atlanta, Georgia, to Del Rio, Texas, cities across the US have been hit with ransomware attacks.Still not fully clear about why your organization collects any (or all) log data? Experts offer their tips on making better use of log data and alerts to improve your security profile.Thinking of the bot landscape as homogeneous paints an overly simplistic picture.The following recommendations can help both end users and Web defenders mitigate credential abuse attacks.No longer can you secure the perimeter or a centralized core and trust that nothing will get in or out. Effective security depends on an in-depth strategy - from the core to the edge.CTFs require participants to be creative while using their critical-thinking and problem-solving skills to ultimately arrive at a functional solution.X.509 certificates help secure the identity, privacy, and communication between two endpoints, but these digital certificates also have built-in expiration and must be managed.Here's a sextortion scam that puts your password right where your name would usually be, to rattle your cage even more than usual.Akamai University, a 12-week internship program, was built from the ground up with the goal of promoting the student not the company.A video of the exploit shows CVE-2019-0708 being exploited remotely, without authentication.Quantitative measurements - likelihood of loss, hard-dollar financial impact -- are what executives and directors need to make more informed decisions about security risksOpen source components help developers innovate faster, but they sometimes come at a high price.Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.The 'bring your own device' movement has put security pros on high alert for a new breed of predator on the hunt to find ways to exploit the ever-expanding attack surface.Whether it's your first investigation or 500th, review the basics of IT forensics to streamline and simplify your discovery.Virtual private networking is poised to become more automated and intelligent, especially as endpoints associated with cloud services and the Internet of Things need protection.Of particular interest for cybercriminals is the Domain Name System, which plays a central role in orchestrating all Internet and application traffic.LGBQT dating app Jack'd has been slapped with a $240,000 fine on the heels of a data breach that leaked personal data and nude photos of its users.While the password-cracking Mimikatz took top honors, Mac-targeted malware accounted for two of the 10 most detected malware samples, according to WatchGuard.Attend Black Hat USA this summer and see how researchers are subverting the GDPR's privacy rules and detecting deep fakes with machine learning.The court's IT department is meeting with external agencies to determine the scope and severity of the cyberattack.When someone impersonates you online it can be a frightening and stressful experience. Learn how to safeguard your identity and accounts.An advertising trade group told the FTC last week that it supports a nation-wide data privacy standard that will provide enhanced privacy protections to consumers.Despite near-universal condemnation of the proposed lifting of price caps during a public comment period, ICANN will allow the operators of .org and .info to raise prices.Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature.A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe Dashboard 3.9.x and earlier, aka F5 WebSafe Alert Server, allows an unauthenticated user to inject HTML via a crafted alert.Campaign throws in Emotet and Trickbot for good measure, according to the UK's National Cyber Security Centre.A widespread malware campaign, ongoing since 2014, was using Facebook accounts and posts to spread malware through URL links.'Operation Tripoli' is another reminder why users cannot trust every link they see on social media sites.Three unsecured Amazon S3 storage buckets compromised more than 1TB of data belonging to Attunity and its high-profile clients.I have a confession to make. Iβm a sucker for good architecture. Visiting places like Singapore, London, Rome, Bueno Aires, and New York City, I quickly find myself gravitating towards beautiful archways, spires, and even the voids used in designing some of the worldβs most amazing buildings. I also found myself with a similar sense [β¦]Following the disclosure of the KRACK vulnerability, WPA3 was developed to prevent "session replay" attacks. Aruba's Jeff Lipton explains the importance of WPA3 to Wi-Fi 6.Privacy advocates may question the use of genealogy data in forensics, but defense attorneys in this case did not.Medtronic is immediately recalling of all MiniMed 508 & Paradigm insulin pumps after researchers uncovered serious security flaws.The company behind the gay dating app left users' private photos online for a year in spite of knowing about the security bugs.Halloween came a little early for some Android users this year after a horror-themed computer game was found stealing their account credentials and displaying potentially malicious ads.'Operation Tripoli' is another reminder why users cannot trust every link they see on social media sites.Following the disclosure of the KRACK vulnerability, WPA3 was developed to prevent "session replay" attacks. Aruba's Jeff Lipton explains the importance of WPA3 to Wi-Fi 6.Insider threats are more difficult to detect and prevent than external attacks, and are a major threat to businesses, according to Gurucul.The court's IT department is meeting with external agencies to determine the scope and severity of the cyberattack.The potential risks associated with compromised systems are severe. Given the prospects of a potential cyberwar, utilities should place a greater emphasis on security.Running regular anti-malware scans and blocking malicious IP addresses are two strategies. But organizations need to do more to defend themselves against security risks from supply chain partners, according to (ISC)2.A new malware is targeting Macs with new tactics to sniff out antivirus and virtual machines.The Florida city approved its insurer to pay $460,000 in ransom for a cyberattack that shut down servers, email, and phone.A bill passed by a Senate Committee last week could ease Health Insurance Portability and Accountability Act (HIPAA) enforcements by incentivizing healthcare entities to adopt cybersecurity policies.'PASTA' hardware and software kit now retails for $28,300.Google fixed several critical and high-severity vulnerabilities in its Android operating system.Existing functional silos are standing in the way of building a DevOps culture.Staying ahead can feel impossible, but understanding that perfection is impossible can free you to make decisions about managing risk.An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request (to test if SMB credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "cgibox" is the one that has the vulnerable function "sub_7EAFC" that receives the values sent by the GET request. If we open this binary in IDA-pro we will notice that this follows a ARM little endian format. The function sub_7EAFC in IDA pro is identified to be receiving the values sent in the GET request and the value set in GET parameter "user" is extracted in function sub_7E49C which is then passed to the vulnerable system API call.Europe's Strong Customer Authentication compliance regulations go into effect in September 2019. Tom Merritt explains five things you need to know to get ready for SCA.Europe's Strong Customer Authentication compliance regulations go into effect in September 2019. Tom Merritt explains five things you need to know to get ready for SCA.How writing patterns, online activities, and other unintentional identifiers can be used in cyber offense and defense.IBM has disclosed multiple critical and high-severity flaws across an array of products, the most severe of which exist in its IBM Spectrum Protect tool.An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The library "libmailutils.so" is the one that has the vulnerable function "sub_1FC4" that receives the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows an ARM little endian format. The function sub_1FC4 in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "receiver1" is extracted in function "sub_15AC" which is then passed to the vulnerable system API call. The vulnerable library function is accessed in "cgibox" binary at address 0x00023BCC which calls the "Send_mail" function in "libmailutils.so" binary as shown below which results in the vulnerable POST parameter being passed to the library which results in the command injection issue.An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross-site request forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface to change the user's password.An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The library "libmailutils.so" is the one that has the vulnerable function "sub_1FC4" that receives the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows an ARM little endian format. The function sub_1FC4 in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "receiver1" is extracted in function "sub_15AC" which is then passed to the vulnerable system API call. The vulnerable library function is accessed in "cgibox" binary at address 0x0008F598 which calls the "mailLoginTest" function in "libmailutils.so" binary as shown below which results in the vulnerable POST parameter being passed to the library which results in the command injection issue.As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines.Bugs in Arlo Technologiesβ equipment allow a local attacker to take control of Alro wireless home video security cameras.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the mobile devices and desktop to communicate with the device without any authentication. As a part of that communication, the device uses custom version of base64 encoding to pass data back and forth between the apps and the device. However, the same form of communication can be initiated by any process including an attacker process on the mobile phone or the desktop and this allows a third party to retrieve the device's password without any authentication by sending just 1 UDP packet with custom base64 encoding. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile applications and desktop applications to discover D-Link devices on the local network. The binary processes the received UDP packets sent from any device in "main" function. One path in the function traverses towards a block of code that processing of packets which does an unbounded copy operation which allows to overflow the buffer. The custom protocol created by Dlink follows the following pattern: Packetlen, Type of packet; M=MAC address of device or broadcast; D=Device Type;C=base64 encoded command string;test=1111 We can see at address function starting at address 0x0000DBF8 handles the entire UDP packet and performs an insecure copy using strcpy function at address 0x0000DC88. This results in overflowing the stack pointer after 1060 characters and thus allows to control the PC register and results in code execution. The same form of communication can be initiated by any process including an attacker process on the mobile phone or the desktop and this allows a third-party application on the device to execute commands on the device without any authentication by sending just 1 UDP packet with custom base64 encoding.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved from the user at address 0x000538E0 and performs a strcmp at address 0x00053908 to check if the password is correct or incorrect. However, the /etc/shadow file is a part of CRAM-FS filesystem which means that the user cannot change the password and hence a hardcoded hash in /etc/shadow is used to match the credentials provided by the user. This is a salted hash of the string "admin" and hence it acts as a password to the device which cannot be changed as the whole filesystem is read only.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary performs a sprintf operation at address 0x0000A3E4 with the value in the command line parameter "-f" and stores it on the stack. Since there is no length check, this results in corrupting the registers for the function sub_A098 which results in memory corruption.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile applications and desktop applications to discover D-Link devices on the local network. The binary processes the received UDP packets sent from any device in "main" function. One path in the function traverses towards a block of code that handles commands to be executed on the device. The custom protocol created by D-Link follows the following pattern: Packetlen, Type of packet; M=MAC address of device or broadcast; D=Device Type;C=base64 encoded command string;test=1111. If a packet is received with the packet type being "S" or 0x53 then the string passed in the "C" parameter is base64 decoded and then executed by passing into a System API. We can see at address 0x00009B44 that the string received in packet type subtracts 0x31 or "1" from the packet type and is compared against 0x22 or "double quotes". If that is the case, then the packet is sent towards the block of code that executes a command. Then the value stored in "C" parameter is extracted at address 0x0000A1B0. Finally, the string received is base 64 decoded and passed on to the system API at address 0x0000A2A8 as shown below. The same form of communication can be initiated by any process including an attacker process on the mobile phone or the desktop and this allows a third-party application on the device to execute commands on the device without any authentication by sending just 1 UDP packet with custom base64 encoding.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the system logs. As a part of doing that it retrieves the HTTP VERB sent by the user and uses a vulnerable sprintf function at address 0x0000C3D4 in the function sub_C210 to copy the value into a string and then into a log file. Since there is no bounds check being performed on the environment variable at address 0x0000C360 this results in a stack overflow and overwrites the PC register allowing an attacker to execute buffer overflow or even a command injection attack.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the "Authorization: Basic" RTSP header and stores it on the stack. The number of bytes to be copied are calculated based on the length of the string sent in the RTSP header by the client. As a result, memcpy copies more data then it can hold on stack and this results in corrupting the registers for the caller function sub_F6CC which results in memory corruption. The severity of this attack is enlarged by the fact that the same value is then copied on the stack in the function 0x00011378 and this allows to overflow the buffer allocated and thus control the PC register which will result in arbitrary code execution on the device.An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In this case, user's credentials are stored in clear text on the device and can be pulled easily. It also seems that the device does not implement any cross-site scripting forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface into executing a cross-site flashing attack on the user's browser and execute any action on the device provided by the web management interface which steals the credentials from tools_admin.cgi file's response and displays it inside a Textfield.An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that indicates whether a user should be authenticated or not before allowing access to the video feed. By default, the value for this flag is zero and can be set/unset using the HTTP interface and network settings tab as shown below. The device requires that a user logging to the HTTP management interface of the device to provide a valid username and password. However, the device does not enforce the same restriction by default on RTSP URL due to the checkbox unchecked by default, thereby allowing any attacker in possession of external IP address of the camera to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device could become completely unresponsive. Presumably this happens as the memory footprint provided to this device is very small. According to the specs from Rezolt, the Wi-Fi module only has 256k of memory. As a result, an incorrect string copy operation using either memcpy, strcpy, or any of their other variants could result in filling up the memory space allocated to the function executing and this would result in memory corruption. To test the theory, one can modify the demo application provided by the Cypress WICED SDK and introduce an incorrect "memcpy" operation and use the compiled application on the evaluation board provided by Cypress semiconductors with exactly the same Wi-Fi SOC. The results were identical where the device would completely stop responding to any of the ping or web requests.In the most recent firmware for Blipcare, the device provides an open Wireless network called "Blip" for communicating with the device. The user connects to this open Wireless network and uses the web management interface of the device to provide the user's Wi-Fi credentials so that the device can connect to it and have Internet access. This device acts as a Wireless Blood pressure monitor and is used to measure blood pressure levels of a person. This allows an attacker who is in vicinity of Wireless signal generated by the Blipcare device to easily sniff the credentials. Also, an attacker can connect to the open wireless network "Blip" exposed by the device and modify the HTTP response presented to the user by the device to execute other attacks such as convincing the user to download and execute a malicious binary that would infect a user's computer or mobile device with malware.It was discovered as a part of the research on IoT devices in the most recent firmware for Blipcare device that the device allows to connect to web management interface on a non-SSL connection using plain text HTTP protocol. The user uses the web management interface of the device to provide the user's Wi-Fi credentials so that the device can connect to it and have Internet access. This device acts as a Wireless Blood pressure monitor and is used to measure blood pressure levels of a person. This allows an attacker who is connected to the Blipcare's device wireless network to easily sniff these values using a MITM attack.A wave of new MacOS malware over the past month includes a zero-day exploit and other attack code.Depending on when users receive it, this weekβs Androidβs July patch update will fix 33 security vulnerabilities, including 9 marked critical, and 24 marked high.Videos from Miami Police Department body cams were leaked and stored in unprotected, internet-facing databases, then sold on the darkweb.There's a hint that it might involve Ryuk ransomware. If so, it might be the fourth Ryuk attack against state and local agencies since May.Researchers at web privacy review service vpnMentor discovered the data in an exposed ElasticSearch server online. It contains two billion items of log data from devices sold by Shenzen, China-based smart IoT device manufacturer Orvibo.Russian-speaking group has sent thousands of emails containing new malware to individuals working at financial institutions in the US, United Arab Emirates, and Singapore.National Security Agency researcher Brian Knighton previews his October Black Hat USA talk on the evolution of Ghidra.According to a regulator, retail banks in the region took the biggest hit last year.Human vulnerability presents a real threat for organizations. But it's also a remarkable opportunity to turn employees into our strongest cyber warriors.DevOps initiatives have become important for 74% of organizations over the past year, but communication must improve for DevOps to be successful, according to Trend Micro.Amazon's acknowledgment that it saves Alexa voice recordings - even sometimes after consumers manually delete their interaction history - has thrust voice assistant privacy policies into the spotlight once again.Selling items online? Watch our for people who suddenly offer to help!This week's TechRepublic and ZDNet news stories include the brand battle between Apple and Microsoft, Word documents containing malicious links, and the future of on-premises databases.Apple report now includes data on requests by governments to take down apps from the tech giant's app store.This week's TechRepublic and ZDNet news stories include the brand battle between Apple and Microsoft, Word documents containing malicious links, and the future of on-premises databases.CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.A weak Cookie parameter is used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. An attacker can brute force parameters required to bypass authentication and access the web interface to use all its functions except for password change.There are important lessons to be learned from a crisis, even the ones that are more fiction than fact.66% of devices in small-to midsized businesses are based on expired or about-to-expire Microsoft OS versions, Alert Logic study found.Exploitation of CVE-2018-8453 grants attackers the highest level of privileges on a target system.Secret data of processes managed by CM is not secured by file permissions.The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. The keystore file itself is not exposed.The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs.An issue was discovered in Riello NetMan 204 14-2 and 15-2. The issue is with the login script and wrongpass Python script used for authentication. When calling wrongpass, the variables $VAL0 and $VAL1 should be enclosed in quotes to prevent the potential for Bash command injection. Further to this, VAL0 and VAL1 should be sanitised to ensure they do not contain malicious characters. Passing it the username of '-' will cause it to time out and log the user in because of poor error handling. This will log the attacker in as an administrator where the telnet / ssh services can be enabled, and the credentials for local users can be reset. Also, login.cgi accepts the username as a GET parameter, so login can be achieved by browsing to the /cgi-bin/login.cgi?username=-%20a URI.novaksolutions/infusionsoft-php-sdk v2016-10-31 is vulnerable to a reflected XSS in the leadscoring.php resulting code executionSQL injection vulnerability in /wbg/core/_includes/authorization.inc.php in CMS Web-Gooroo through 2013-01-19 allows remote attackers to execute arbitrary SQL commands via the wbg_login parameter.packages/subjects/pub/subjects.php in Archon 3.21 rev-1 has XSS in the referer parameter in an index.php?subjecttypeid=xxx request, aka Open Bug Bounty ID OBB-466362.The latest variant of WannaLocker is a banking Trojan, spyware tool, and ransomware.Microsoft patched a serious vulnerability in the Microsoft Outlook client in 2017, but an Iranian group continues to exploit the flaw.On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who has access to login in to the web administrative interface of the device can add a new administrative user to the interface using HTTP APIs provided by the device and perform all the actions as an administrative user by using that account. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable functions that performs the various action described in HTTP APIs. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function at address 0x00429084 in IDA pro is the one that processes the HTTP API request for "addUser" action. If one traces the calls to this function, it can be clearly seen that the function sub_ 41F38C at address 0x0041F588 parses the call received from the browser and passes it to the "addUser" function without any authorization check.Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function sub_436D6 in IDA pro is identified to be setting up the configuration for the device. If one scrolls to the address 0x000437C2 then one can see that /current_config is being set as an ALIAS for /mnt/mtd/Config folder on the device. If one TELNETs into the device and navigates to /mnt/mtd/Config folder, one can observe that it contains various files such as Account1, Account2, SHAACcount1, etc. This means that if one navigates to http://[IPofcamera]/current_config/Sha1Account1 then one should be able to view the content of the files. The security researchers assumed that this was only possible only after authentication to the device. However, when unauthenticated access tests were performed for the same URL as provided above, it was observed that the device file could be downloaded without any authentication.Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the user actually owns the camera other than knowing the serial number of the camera. This can allow an attacker who knows the serial number to easily add another user's camera to an attacker's cloud account and control it completely. This is possible in case of any camera that is currently not a part of an Amcrest cloud account or has been removed from the user's cloud account. Also, another requirement for a successful attack is that the user should have rebooted the camera in the last two hours. However, both of these conditions are very likely for new cameras that are sold over the Internet at many ecommerce websites or vendors that sell the Amcrest products. The successful attack results in an attacker being able to completely control the camera which includes being able to view and listen on what the camera can see, being able to change the motion detection settings and also be able to turn the camera off without the user being aware of it. Note: The same attack can be executed using the Amcrest Cloud mobile application.Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt is performed using the ONVIF specification (which is supported by the same binary) then there is no account lockout or timeout executed. This can allow an attacker to circumvent the account protection mechanism and brute force the credentials. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that performs the credential check in the binary for the ONVIF specification. If one opens this binary in IDA-pro one will notice that this follows a ARM little endian format. The function at address 00671618 in IDA pro is parses the WSSE security token header. The sub_ 603D8 then performs the authentication check and if it is incorrect passes to the function sub_59F4C which prints the value "Sender not authorized."Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that sets up the default credentials on the device. If one opens this binary in IDA-pro, one will notice that this follows a ARM little endian format. The function sub_3DB2FC in IDA pro is identified to be setting up the values at address 0x003DB5A6. The sub_5C057C then sets this value and adds it to the Configuration files in /mnt/mtd/Config/Account1 file.The Amcrest IPM-721S Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encoded in the Authorization HTTP header. However, a missing length check in the code allows an attacker to send a string of 1024 characters in the password field, and allows an attacker to exploit a memory corruption issue. This can allow an attacker to circumvent the account protection mechanism and brute force the credentials. If the firmware version Amcrest_IPC-AWXX_Eng_N_V2.420.AC00.17.R.20170322 is dissected using the binwalk tool, one obtains a _user-x.squashfs.img.extracted archive which contains the filesystem set up on the device that has many of the binaries in the /usr folder. The binary "sonia" is the one that has the vulnerable function that performs the credential check in the binary for the HTTP API specification. If we open this binary in IDA Pro we will notice that this follows an ARM little-endian format. The function at address 00415364 in IDA Pro starts the HTTP authentication process. This function calls another function at sub_ 0042CCA0 at address 0041549C. This function performs a strchr operation after base64 decoding the credentials, and stores the result on the stack, which results in a stack-based buffer overflow.CodeIgniter Rest Server (aka codeigniter-restserver) 2.7.1 allows XXE attacks.A settlement with the FTC should mean comprehensive security upgrades for D-Link routers and IP camera.It's already gotten hit with the biggest-ever US child privacy fine, and now it might be facing a fine for GDPR violations.Could Facebook's Libra cryptocurrency undermine the security of the global financial ecosystem?Clickbait health/nutrition posts will sink in page rankings due to two ranking updates, Facebook announced.The Zipato controller has three critical security flaws which could be used together by hackers to open your homeβs doors for you, according to researchers.Smart locks are cool and useful - but they are also a great reminder that cybersecurity is all about value, not cost.It's the first state to enact a deepfakes ban, but it's not going to be the last: laws are being considered in many other states.An internet craze could change the way computers see, thanks to research published by Google.That's around seven gigawatts, equal to 0.21% of the world's supply: as much power as generated by seven Dungeness nuclear power plants.Somebody out there has taken a big dislike to Robert J. Hansen (βrjhβ) and Daniel Kahn Gillmor (βdkgβ), two well-regarded experts in the specialised world of OpenPGP email encryption.Cracking a five year Facebook malware campaign, this week's CDN outage, and an app fined for leaking users' photos - catch up on the week's news with this recap!Lawyers must step into the shoes of technical roles and craft legal guidance that can be easily put into use.Social media isn't for everyone, but lots of us love it - so here's how to be in it and win it.Two researchers are being singled out in what are called PGP poisoning or flood attacks that render the authentication tool unusable for victims.Confidence in user identity is critical to prevent fraud and theft, and companies are looking for new ways to get the necessary assurance.A cross-site scripting vulnerability in WordPress plugin WP Statistics could have enabled full website takeover.Victim firm Eurofins Scientific handles more than 70,000 criminal cases per year in the UK.How companies can identify their own insecure data, remediate data breaches and proactively secure data against future attacks.From RDP BlueKeep's message for admins to Medtronic's recall of hackable insulin pumps - and everything in between.Back in 2014, @DerpTrolling said he attacked sites simply based on requests from people who tweeted suggested targets.ISPA has shortlisted Mozilla for the sort of award that, on the face of it, no tech company should be keen to win - 2019βs Internet Villain.Just some of the research and ideas worth checking out at this year's 'security summer camp.'An open letter from the OpenID Foundation says that Apple introduced potential risks when it diverged from the OpenID Connect protocol.Improve the speed SSH can run commands on remote servers with the help of multiplexing.Hackers just infiltrated virtual reality, enabling them to manipulate users' immersive 3D worlds.GDPR fines are finally coming down, and companies must be prepared to comply with the regulations or pay up.A proposed $230 million fine on British Airways after a data breach would be the biggest GDPR penalty yet.Apple is testing biometric authentication as a new way of signing in to iCloud.com.Getting your company smartphone or laptop stolen from your car isn't just a hassle; it can have large regulatory ramifications, too. Visibility is the answer.An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.7. A carefully constructed email could be used to inject and execute arbitrary stylesheet or JavaScript code in a logged in customer's browser in the context of the OTRS customer panel application.Google Project Zero finds Apple iMessage bug that bricks iPhones running older versions of the company's iOS software.Reports indicate a deal could be made by mid-July as Broadcom secures financing for the purchase.An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request (to test if SMB credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The binary "cgibox" is the one that has the vulnerable function "sub_7EAFC" that receives the values sent by the GET request. If we open this binary in IDA-pro we will notice that this follows a ARM little endian format. The function sub_7EAFC in IDA pro is identified to be receiving the values sent in the GET request and the value set in GET parameter "user" is extracted in function sub_7E49C which is then passed to the vulnerable system API call.The authors have tweaked a known piece of malware to specifically target Korean TV fans.This is the first formal step in writing the standards that will guide the implementation of AI technologies within the federal government.The penalty is a sign of things to come, say experts.A zero-trust model is the only way to keep up with today's digital complexities.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the mobile devices and desktop to communicate with the device without any authentication. As a part of that communication, the device uses custom version of base64 encoding to pass data back and forth between the apps and the device. However, the same form of communication can be initiated by any process including an attacker process on the mobile phone or the desktop and this allows a third party to retrieve the device's password without any authentication by sending just 1 UDP packet with custom base64 encoding. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The library "libmailutils.so" is the one that has the vulnerable function "sub_1FC4" that receives the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows an ARM little endian format. The function sub_1FC4 in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "receiver1" is extracted in function "sub_15AC" which is then passed to the vulnerable system API call. The vulnerable library function is accessed in "cgibox" binary at address 0x0008F598 which calls the "mailLoginTest" function in "libmailutils.so" binary as shown below which results in the vulnerable POST parameter being passed to the library which results in the command injection issue.A DNS misconfiguration resulted in an open Jenkins server being available to all.The fine would be the largest against a company post-GDPR and roughly 1.5 percent of the company's annual revenue.Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission.Black Hat USA session will reveal how they reverse-engineered the proprietary cryptographic protocol to attack the popular programmable logic controller.It's outside of Sidewalk Labs HQ in Toronto, where Google's sister company is working on stuffing the city with data-collecting sensors.Mozilla has introduced a lot of tracker blocking protections into Firefox lately. Now, it is planning a new feature that will let you see how many online snoopers youβve successfully evaded. A new feature called the Tracking Protections Panel (aka the Protection Report) will tell users how many trackers Firefox blocked in the prior week, [β¦]People subscribed to Google Trends in New Zealand were emailed the murder suspect's name in violation of a New Zealand court's order.Cynet's 360 platform is ready out-of-the-box, for fast, easy deployment across all endpoints.Financial services organizations face a variety of cyber threats. But mobile risks represent a major Achilles' heel for the industry, says a new report from Wandera.Ransomware, cryptojacking, and business email compromise attacks all ramped up the financial losses due to cyber breaches, according to the Online Trust Alliance.Black Hat USA programming will dive into the ways DevOps-driven shifts in practices and tools are introducing both new vulnerabilities and new ways of securing enterprises.Because data has never been more portable, taking it has never been easier. And that's a huge problem during mergers and acquisitions.An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or βgemβ) used by Ruby on Rails (RoR) web apps to check password strength.A Zero Day vulnerability allows any website to open up a video-enabled call on a Mac with the Zoom app installed. Here's how to patch it.The vulnerability can be exploited on a drive-by basis by a malicious website.The data breach fine against Marriott by the Information Commissioner's Office comes a day after British Airways was also penalized.The proposed penalty is for a data breach beginning in 2014 that affected more than 500 million customers worldwide.Companies in the young, rapidly growing industry are targeted for sensitive information they store and immature security practices.Incorrect access control in the TransientModel framework in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated attackers to access data in transient records that they do not own by making an RPC call before garbage collection occurs.Intuit Lacerte 2017 has Incorrect Access Control.An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross-site request forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface to change the user's password.Its local web server reportedly also automatically reinstalls Zoom if a user removes the app and joins a meeting.Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen bookStudy finds Android apps circumvented privacy opt-in rules and collected sensitive user information against user permission.Just because your data isn't on-premises doesn't mean you're not responsible for security.An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary performs a sprintf operation at address 0x0000A3E4 with the value in the command line parameter "-f" and stores it on the stack. Since there is no length check, this results in corrupting the registers for the function sub_A098 which results in memory corruption.An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary performs a memcpy operation at address 0x00011E34 with the value sent in the "Authorization: Basic" RTSP header and stores it on the stack. The number of bytes to be copied are calculated based on the length of the string sent in the RTSP header by the client. As a result, memcpy copies more data then it can hold on stack and this results in corrupting the registers for the caller function sub_F6CC which results in memory corruption. The severity of this attack is enlarged by the fact that the same value is then copied on the stack in the function 0x00011378 and this allows to overflow the buffer allocated and thus control the PC register which will result in arbitrary code execution on the device.An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to the device to provide a username and password. However, the device does not enforce the same restriction on a specific URL thereby allowing any attacker in possession of that to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.An issue was discovered on D-Link DCS-1130 devices. The device provides a crossdomain.xml file with no restrictions on who can access the webserver. This allows an hosted flash file on any domain to make calls to the device's webserver and pull any information that is stored on the device. In this case, user's credentials are stored in clear text on the device and can be pulled easily. It also seems that the device does not implement any cross-site scripting forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface into executing a cross-site flashing attack on the user's browser and execute any action on the device provided by the web management interface which steals the credentials from tools_admin.cgi file's response and displays it inside a Textfield.An issue was discovered on D-Link DCS-1130 and DCS-1100 devices. The binary rtspd in /sbin folder of the device handles all the rtsp connections received by the device. It seems that the binary loads at address 0x00012CF4 a flag called "Authenticate" that indicates whether a user should be authenticated or not before allowing access to the video feed. By default, the value for this flag is zero and can be set/unset using the HTTP interface and network settings tab as shown below. The device requires that a user logging to the HTTP management interface of the device to provide a valid username and password. However, the device does not enforce the same restriction by default on RTSP URL due to the checkbox unchecked by default, thereby allowing any attacker in possession of external IP address of the camera to view the live video feed. The severity of this attack is enlarged by the fact that there more than 100,000 D-Link devices out there.Deleting files in Windows 10 does not really delete the file. Security best practice requires deleted files to be completely overwritten more than once.The massive fine comes one day after the ICO's fine of British Airways.New data drills down on the types of security misconfigurations and challenges dogging application developers.The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel "SACK Panic" bug.CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.Microsoft issued fixes for 77 unique vulnerabilities this Patch Tuesday, including two zero-day privilege escalation vulnerabilities seen exploited in the wild.Videoconferencing software maker downplays risks and says mitigations are on the way.A commercial vessel suffered a significant malware attack in February, prompting the US Coast Guard to issues an advisory to all shipping companies: Here be malware.Cybersecurity analysts explore a range of industry research to examine trends around cyber incidents and their financial impact.Companies see the changing demands of cloud identity management but are mixed in their responses to those demands.Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup.A new anti-bullying feature uses AI to recognize mean words in comments and warns users before they post them.New research has revealed that apps are snooping on data such as location and unique ID number - even when users haven't given permission.Patch Tuesday July 2019 offers fixes for a total of 77 vulnerabilities, including 15 marked critical, rounded out by two zero-day flaws.An audit of security awareness conducted by Proofpoint found that users on average answered 22% of security-related questions incorrectly.A Raspberry Pi attached to the network at NASA JPL became the doorway for a massive intrusion and subsequent data loss. Here's how to keep the same thing from happening to your network.Researchers say malware infects phones in order to sneak ads on devices for profit.Security analysts know they are a hot commodity in the enviable position of writing their own ticket. Here's how to keep them engaged, challenged, and happy.An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter.An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter.An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the current_page parameter.An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter.There is Memory corruption in the web interface Moxa OnCell G3100-HSPA Series version 1.6 Build 17100315 and prior, different vulnerability than CVE-2018-11420.There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.The espionage tool is capable of eavesdropping on calls and messages sent via Signal, Telegram, WhatsApp and more.CISA released an alert telling users about the updates to firmware in Intel SSD and Processor Diagnostic products.After media scrutiny, the collaboration service has decided to address the zero-day after initially dismissing its severity.main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen calls, such as by interpreting fsockopen('127.0.0.1:80', 443) as if the address/port were 127.0.0.1:80:443, which is later truncated to 127.0.0.1:80. This behavior has a security risk if the explicitly provided port number (i.e., 443 in this example) is hardcoded into an application as a security policy, but the hostname argument (i.e., 127.0.0.1:80 in this example) is obtained from untrusted input.paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code executionlibpng before 1.6.32 does not properly check the length of chunks against the user limit.GE Healthcare has released a statement claiming the bug is not in the machine itself and does not pose direct risk to patients.It may seem obvious, but many companies lose sight of the fact that they can't protect what they don't know they even have.An issue was discovered in the America's Army Proving Grounds platform for the Unreal Engine. With a false packet sent via UDP, the application server responds with several bytes, giving the possibility of DoS amplification, even being able to be used in DDoS attacks.In addition to a list of best practices, the Coast Guard confirmed in an alert this week that malware affected the shipboard network of a vessel in February.More than 19,000 systems in the US are potentially at risk from eCh0raix.GE Healthcare said an attacker could modify gas composition parameters within the devices' respirator function.A new report says that phishing and man-in-the-middle attacks are major risks to financial institutions - via mobile devices in the hands of their employees.Modern threats putting healthcare organization at risk, how they're improving their security posture, and where many fall short.Mozilla was nominated for an "Internet Villain" award - and The People Of The Internet were not pleasedThe ICO isn't pulling its punches: The penalty for BA's data breach is about 367 times higher than the previous record-setting fine.Less than two months after warning of cybersecurity problems on ships, the US Coast Guard has revealed that a large international vessel has suffered a cyberattack.The average dwell time for riskware can be as much as 869 days.Small and medium-sized businesses lack the IT staff needed to run comprehensive security detection and response, according to Infocyte.Threatpost catches up with David Baker, the chief security officer at Bugcrowd, about the future of bug bounty programs.βWe donβt need to regulate it, we need to ban it entirely.βApple has disabled the Walkie Talkie app from its Apple Watch products after a vulnerability was discovered enabling bad actors to eavesdrop on iPhone conversations.The tech giant addressed a widely publicized Zoom bug with an automatic update mechanism usually reserved for removing malware.Employees working away from the office, including over vacation, could increase the chance of network compromise.Despite the great success of the cloud over the last decade, misconceptions continue to persist. Here's why the naysayers are wrong.About a third of cybersecurity professionals believe that their companies see more cyberattacks during the summer, but the survey data does not convince on the reasons for the perception of a summer bump.Wannacry remains a significant threat for companies. Learn how your organization can guard against it.Mobile devices could provide a more secure, user-friendly mode of account authentication, according to an IDG and MobileIron report.All campuses are affected, with attackers demanding $2 million in Bitcoin in exchange for decryption keys.Despite increasing threats, many organizations continue to run with only token cybersecurity and resilience.With SSH you can run commands on remote machines, even if the command requires sudo privileges.The group hopes to increase cybersecurity awareness, education, and knowledge sharing around industrial cybersecurity concerns.Xudong Yao reportedly stole proprietary information from his employer and brought it to China, where he is believed to currently reside.Google is under fire after a report found that Google Home and Google Assistant records user audio, even when no wake-up word is used.Advanced phishing techniques and poor user behaviors that exacerbate the threat of successful attacks.Some advanced persistent threat actors can spend north of $1 million on attacks, but the return on that investment can be huge.The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame.Changes in fundamental enterprise architectures coupled with shifts in human resources mean that companies are considering new risks to their infrastructure.Apple disabled the app after somebody reported a bug - not exploited yet - that could allow an eavesdropper to listen in on another iPhone.This is either a minor controversy blown out of proportion, or the latest example of Microsoftβs disregard for its usersβ wishes.Humans are listening to our recordings - some made by mistake - to improve speech recognition. But they're not as anonymous as Google says.Increasingly complex attacks coupled with a shortage in skills and budget are worrying IT managers across the globe.Visit the Arsenal this August to go hands-on with hackable gadgets and catch live demos of open-source security tools from some of the best in the business.A lack of a Bluetooth Low Energy (BLE) pairing mechanism leaves the smart IoT devices open to malicious manipulation.If you're worried a password you use to log in to a site was leaked during a data breach, read about two websites and a Chrome extension that can alert you if this happens.QNAPCrypt continues to spread via brute-force attacks.Android malware, peeling back the layers on the GandCrab malware, and a recruiting website leak - catch up on the week's news with this week's Friday Five!The time to read the fine print in your cybersecurity insurance policy is before you sign on the dotted line.Small business IT professionals are trying to balance multiple priorities and finding that the balance often leaves the company with serious security risks.The ruling follows years of debate over whether German schools and institutions should use Microsoft tools and services.Performing tasks with root user credentials opens AWS to potentially catastrophic security vulnerabilities. Creating and managing access keys mitigates the risk.Rupert Murdoch's News Group has agreed to pay damages to Paul McCartney's ex as part of the massive phone-hacking scandal by UK tabloids.The migration to Wi-Fi 6 is the most complex in roughly a decade, as a new authentication standard is necessary to ensure security integrity. How will the two standards coexist?Fernando JosΓ© CorbatΓ³, Turing Award winner, computer scientist extraordinaire, MIT computer lab pioneer, RIP.Vulnerability experts Michiel Prins and Greg Ose discuss the 15 most common vulnerability types.Most respondents in a recent survey say they're losing the battle despite having up-to-date protections in place.From a Ruby gem backdoor to the things that keep IT managers awake - and everything in between. It's weekly roundup time.The US Conference of Mayors has unanimously adopted a resolution not to pay any more ransoms to hackers.The FCC in June called for carriers to provide free, default robocall blocking services. One month later, plans are "far from clear."The migration to Wi-Fi 6 is the most complex in roughly a decade, as a new authentication standard is necessary to ensure security integrity. How will the two standards coexist?In the latest twist in the saga of the web-conferencing app, Apple has issued a βsilentβ update removing Zoom's hidden web server from Macs.In this first part of a two part series, Shawn Taylor with Forescout talks to Threatpost about lessons learned from helping Atlanta remediate and recover from its massive ransomware attack.Researchers have developed a technique for reading data from air-gapped PCs using LEDs. Cue dynamic hacker music now!CISOs must drive business strategy amid an expanded attack surface and increasing security complexity, according to Fortinet.The nature of containers and microservices makes them harder to protect. Machine learning might be the answer going forward.On Fitbit activity-tracker devices, certain addresses never change. According to the popets-2019-0036.pdf document, this leads to "permanent trackability" and "considerable privacy concerns" without a user-accessible anonymization feature. The devices, such as Charge 2, transmit Bluetooth Low Energy (BLE) advertising packets with a TxAdd flag indicating random addresses, but the addresses remain constant. If devices come within BLE range at one or more locations where an adversary has set up passive sniffing, the adversary can determine whether the same device has entered one of these locations.Employees receive nearly five phishing emails per work week, according to Avanan.Too many systems, failure to test tools, and fear of replacement drive endpoint complexity and render products less effective.An independent researcher earned a $30,000 bug bounty after discovering a weakness in the mobile recovery process.The good news is that Facebook updated Instagram's server-side defences automatically, so you don't have to do anything to fix this one.Microsoft will officially end support for Windows 7 on January 14, 2020. Many large businesses aren't ready.If your Wordpress site is stuck in maintenance mode, there's a simple fix.It's believed the suspect, a software engineer, took the trade secrets with him to China, where he now resides.Seven in ten developers are expected to write secure code, but less than half receive feedback on security, a survey finds.The fine, for the social media giant's role in the Cambridge Analytica scandal, would be the largest ever against a tech company.A dropper called βTopinambour" is the first-stage implant, which in turn fetches a spy trojan built in several coding languages.App settings combined with Android behavior can put data integrity at risk for WhatsApp and Telegram users.The FTC has levied its biggest fine ever against the social network, but it's unlikely to have much effect.In case you were wondering, scientists really can change the world, and change it for the better, too.A group of Asian companies want to create a blockchain-based service to turn your phone into a mobile ID system.The school, located in the Bronx and serving around 8,000 students, has declined to say whether it will pay up.It's 200x greater than the largest fine ever for breaking a promise to improve privacy practices.Researchers have found a way to beat the MAC address randomisation feature used by Bluetooth to protect users from being tracked.Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen bookDespite being the industry standard for email authentication to prevent cyberattacks, DMARC policies aren't implemented by most companies , according to 250ok.The case for bringing the CISO to the C-suite's risk and business-strategy table.Did the GandCrab ransomware gang really 'retire' when they said, or did they never go away?Someone AirDropped a picture of a suicide vest to multiple people on a JetBlue flight, prompting an evacuation.The group of more than 1,400 top elected municipal officials takes the admirable, recommended stance against paying ransoms. However, can towns and cities secure their information technology infrastructure to withstand attacks?Learn about USB control & encryption in Data Protection 101, our series that covers the fundamentals of data security.New additions to its Integrated Cyber Defense Platform aim to give businesses greater control over access to cloud resources and applications.The issue, present on Android versions, is similar to the known man-in-the-disk attack vector.With cybersecurity worldwide facing a major applicant shortage, businesses should be courting women and supporting girls.With some security best practices, enterprises can significantly reduce the chances that a potential supply chain attack will affect business operations.Publishing the keys should render existing versions of the ransomware far less dangerous for victims.Lenovo patches enterprise and SMB network attached storage devices for a vulnerability that leaked data to the public internet.SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.New research shows cloud apps are climbing, SMS authentication is falling, Chrome is the enterprise browser favorite, and Android leads outdated devices.More than 5,100 vulnerable devices containing multiple terabytes of data are open to exploitation, researchers found.It's now possible to secretly transfer data inside music without turning it into unlistenable mush.Facebook has coughed up Β£3m to help launch an anti-scam service as well as introducing a tool to report scam ads on its UK site.Citing privacy issues, Germany just banned its schools from using Microsoft Office 365, Google Docs, and Apple's iWork cloud services.Whether it's your first investigation or 500th, review the basics of IT forensics to streamline and simplify your discovery.While everyone waits for BlueKeep to be exploited, another RDP threat is already at the door, according to new research from Sophos.Brush up on new DDOS defense tricks, 5G network vulnerabilities, and applications of military strategy to cybersecurity.The group is using malicious versions of WinRAR and other legitimate software packages to infect targets, likely via watering-hole attacks.You never know when disaster might strike, and being prepared can make all the difference. Tom Merritt suggests five tips for your disaster recovery plan.You never know when disaster might strike, and being prepared can make all the difference. Tom Merritt suggests five tips for your disaster recovery plan.Digital transformation initiatives bring a slew of data privacy concerns to US health organizations, according to a Thales report.For too long, we've focused almost exclusively on keeping out the bad guys rather than what to do when they get in (and they will).The proliferation of malicious packages in repositories for software developers that rely on typosquatting points to a problem: A reliance on flat namespaces.libpng before 1.6.32 does not properly check the length of chunks against the user limit.Compliance, accidental exposure of credentials, and data control are also primary concerns for senior IT and security managers.While blockchain technology can offer great opportunities, the hype surrounding it often leads to unrealistic expectations, according to the World Economic Forum.A sophisticated and growing malvertising attacker is partnering with legitimate ad tech platforms to drop malware at scale.In e107 v2.1.7, output without filtering results in XSS.This week's TechRepublic and ZDNet stories include a breach of Sprint customers' data, notes from the Duo Security 2019 access report, and how execs are taking charge of digital transformation plans.This week's TechRepublic and ZDNet stories include a breach of Sprint customers' data, notes from the Duo Security 2019 access report, and how execs are taking charge of digital transformation plans.Identifying tokens and random addresses, meant to create anonymity, do not change in sync on some devices -- opening an attack vector.Lenovo, Acer and five additional server manufacturers are hit with supply-chain bugs buried in motherboard firmware.As the California Consumer Privacy Act (CCPA) continues to take shape, the state's Senate Committee on the Judiciary voted to advance seven amendments to the law last week but not after making some changes.New research on password management tools identifies the relative strengths and weaknesses of 12 competing offerings.Organizations with systems exploitable via the RDP flaw pose an increasing risk to themselves and other organizations, BitSight says.The last-June breach exposed data includes names, phone numbers, and account numbers.Researchers discover a third-party algorithm in multiple high-profile Bluetooth devices exposes users to third-party tracking and data access.Two months after the alarm sounded warning of a WannaCry-level event, progress in patching exposed Windows systems varies by country and industry.At Black Hat, analysts from MITRE and Splunk will detail how organizations of many different sizes are leveraging ATT&CK's common language.Two years after promising to report all HTTP-based web pages as insecure, Mozilla is about to deliver.Google's throwing in the towel on XSS Auditor and putting its trust in Trusted Types instead.The Glamoriser Smart Bluetooth straightener offers up yet another example of how not to add a risky product to the Internet of Things (IoT).Digital transformation initiatives bring a slew of data privacy concerns to US health organizations, according to a Thales report.The Naked Security Podcast is back. Listen now, and let us know what you think!The use of compromised accounts to send phishing emails to contacts inside and outside an organization is an increasing security threat.Users recycle the same password an average of four times, according to a Security.org report.What will it take to align staff and budget to protect the organization?The CampTix Event Ticketing plugin before 1.5 for WordPress allows XSS in the admin section via a ticket title or body.The CampTix Event Ticketing plugin before 1.5 for WordPress allows CSV injection when the export tool is used.Widespread privacy concerns have caused 60% of people to cover their laptop webcams - some in creative ways - survey data shows.The cyberspy group's activities are broader than originally thought.Google is announcing much higher bug bounty payouts for Chrome, Chrome OS and Google Play.These competitions challenge participants with problems involving digital forensics, cryptography, binary analysis, web security, and many other fields.An attack by a 'wizard hacker' results in leaked records for virtually every Bulgarian taxpayer.More victims of a 2015 credential-harvesting incident have come to light.The seemingly harmless fun of AI-based apps such as FaceApp can actually subject individuals and businesses to security breaches.Mirai activity has nearly doubled between the first quarter of 2018 and the first quarter of 2019.Threat actors are increasingly 'living off the land,' using publicly available management and administration tools to conceal malicious activity.Koadic toolkit gets upgrades - and a little love from nation-state hackers.Researchers show how simply connecting to a rogue machine can silently compromise the host.Directly linking thoughts to a phone via Bluetooth -- what could go wrong?A new framework is allowing the threat group to compile variants of the malware for each victim, Morphisec says.A security professional needed a secure language for IoT development. So he wrote his own, applying learned lessons about memory and resources in the process.An additional 2.2 million patients have had their data compromised by a data breach at AMCA, the now bankrupt medical debt collector.You grant FaceApp a perpetual, irrevocable license to use, reproduce, modify and adapt your image. Sounds scary.Morpheus aims to make hacking so difficult at microprocessor level that attackers will give up long before they can do any damage.Mozilla is integrating its Lockwise password manager directly into the browser and expanding its support for the Have I Been Pwned website.Get the latest insights into how to attack and defend platforms like iOS, MacOS, and Windows 10 at this upcoming August security conference.Why apples-to-apples performance tests are the only way to accurately gauge the impact of network security products and solutions.CISOs must change the ways they recruit, train, and retain cybersecurity professionals, according to Forrester.Catherine De Bolle is concerned law enforcement will lose its ability to track criminals with the arrival of 5G networks.More than 30% of Mirai attacks, and an increasing number of variants of the malicious malare, are going after enterprise IoT devices, raising the stakes for business.A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories.Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.Researcher creates 'Selfblow' proof-of-concept attack for exploiting a vulnerability that exists in "every single Tegra device released so far".Third-party tracking is rampant on sites like Pornhub, with users' sexual preferences on full view.The group was posing as a researcher from Cambridge, and was found to have added three new malware families to its spy arsenal.** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0639. Reason: This candidate is a reservation duplicate of CVE-2002-0639. Notes: All CVE users should reference CVE-2002-0639 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.From the RDP exploit already at your door to Chrome's XSS Auditor - and everything in between. It's weekly roundup time.The UK government should suspend trials of automatic facial recognition systems until it can meet regulatorsβ concerns about the technology, according to a report released Friday.Data on millions of people stolen from the Bulgarian government has already popped up on hacker trading forums.Ever bypassed a website paywall using a browserβs privacy mode? It was once a simple hack, however, it no longer works for most websites.In the wake of recent fines levied against British Airways, Marriott, and Facebook, companies are starting to take data privacy and security more seriously.CISOs spend much less time in their role than other members of the boardroom. It's a serious problem that must be addressed.Equifax will dish out as much as $700 million on the heels of its infamous 2017 data breach that impacted 150 million customers.Law enforcement recovered two decades' worth of stolen material from the home and car of former government contractor Harold Martin.Users can avoid malware on their Android devices if they follow four, easy tips.The Bulgarian attack impacted almost tax information for the entire country.While 80% of organizations use more than the default security provided by Office 365, additional measures are needed to secure enterprise email.IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 155350.Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA6174A, QCA8081, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130Threatpost talks to Tim Mackey with Synopsys about recent Amazon Echo and Google Home privacy faux pas. Will GDPR and other regulations catch up to the voice assistants?A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk.Once approved, the settlement will be the largest ever paid by a company over a data breach.Enterprises should recognize the data security risk that Slack, Teams or TeamViewer could introduce and address it.The bug is previously unknown but yet still fixed in later releases. However, many organizations are likely still vulnerable.Microsoft and Trimarc researchers explore the most common attacks against the cloud and effective defenses and mitigation.In a settlement with the FTC, consumers affected by the breach are eligible for up to $20,000 in a cash settlement, depending on damages they can prove.A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online.Researchers have created an attack called Spearphone that uses the motion sensors in Android phones to listen to phone calls, interactions with your voice assistant, and more.A security clanger has been spotted in the current beta version of iOS 13 which allows anyone to access a userβs stored web and app passwords without having to authenticate.Fraudulent emails that try to trick their victims into conducting financial transactions amounted to losses of more than $1.2 billion in 2018, according to a new study from Symantec.The cost of a data breach has grown 12% over the past 5 years, hitting $3.92 million on average. Organizations can take steps to mitigate the financial damage, according to a new report.The 'bring your own device' movement has put security pros on high alert for a new breed of predator who is on the hunt to find ways to exploit the ever-expanding attack surface.Four years, $1 million in payouts, and the identification of 950 bugs later, Shopify provides an excellent example for organizations looking to launch their own programs.As director of the DHS's National Risk Management Center, measuring and managing risk for critical infrastructure across 16 industrial sectors, Kolasky stands at a busy crossroads.At some dark moment, have you ever wondered: what if the programmers are adding the bugs deliberately?Service mesh helps balance your app infrastructure while still maintaining proper encryption and authentication. Tom Merritt discusses five things you need to know about service mesh.Service mesh helps balance your app infrastructure while still maintaining proper encryption and authentication. Tom Merritt discusses five things you need to know about service mesh.Six steps for creating a work environment that challenges, stimulates, rewards, and constantly engages employees fighting the good fight against cybercriminals.Microsoft's new phishing detection feature, an increase in cybersecurity spend, and more - catch up on the week's news with this round up.Read about approaches your company can take to manage IoT and big data cyber risks.A patch does not yet exist for a critical buffer overflow vulnerability in VLC Media Player that could enable remote code execution.GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/board_form_update.php bo_subject parameter.A Spearphone attacker can use the accelerometer in LG and Samsung phones to remotely eavesdrop on any audio that's played on speakerphone, including calls, music and voice assistant responses.Not all phishes contain easily spotted errors or obviously dodgy web links - here's how to stay safe...Vulnerabilities include everything from physical risks through the supply chain to business risks.An attempt to crack Tor was one of many projects hackers discovered when they broke into Russian intelligence contractor SyTech.The judge is hopeful the sentencing is enough to deter other government employees with security clearances from mishandling secrets.GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/board_form_update.php bo_mobile_subject parameter.GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menu_list_update.php me_link parameter.GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board head contents" parameter, aka the adm/board_form_update.php bo_content_head parameter.GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/board_form_update.php bo_mobile_content_head parameter.GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/config_form_update.php cf_1~10 parameter.Dropper malware become more popular as hackers turn to more quiet attack techniques to avoid detection.Reward for vulnerability research climbed 83% in the past year.An ongoing malvertising campaign is exploiting WordPress plugin vulnerabilities to redirect website visitors to malicious pages.Security experts say the attack stemmed from weak cybersecurity controls.As BEC continues to drive record-high losses, cybercriminals devise new tactics for swindling corporate targets out of millions.But gaining a foothold on the LAN via vulnerabilities on Internet-facing assets is becoming harder, Rapid7 found in its real-world pen tests.Can a stream of data intended for network performance monitoring be the basis of network security? One company says the answer is 'yes.'Meanwhile, criminals waged more encrypted, ransomware, and IoT attacks.A hole in the supposed closed-loop messaging system allowed children to join group chats with people their parents hadnβt approved.Apple released fixes for various products this week, including one for a bug that has been public with proof-of-concept code for two months.Virtual private networking is poised to become more automated and intelligent, especially as endpoints associated with cloud services and the IoT need protection.Do you travel to dangerous places, like Information Security Conferences?The 787 Dreamliner, WhatsApp, and Windows 10 are all subjects of cutting-edge Reverse Engineering talks at this year's August event.The ease with which DDoS attacks can be waged makes them particularly prevalent, with over half surveyed experiencing multiple attacks waged against their organization.In the second of a two part series discussing recent ransomware attacks against municipalities, Shawn Taylor with Forescout talks about how cities can protect themselves.Malware that used to be advanced is now available to everyone. These three actions could help you stay safer.An inside look at staffing levels, budget allocation, outsourcing habits, and the metrics used by security operations centers (SOCs).Make sure you're only pulling down signed Docker images with Content Trust enabled.Make sure you're only pulling down signed Docker images with Content Trust enabled.Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.DEF CON's Voting Village and AI Village team up with r00tz Asylum to let kids explore simulated campaign financial disclosure portals and disinformation campaigns.Researchers have linked the surveillance tool to a Russian tech firm that has been sanctioned for interfering with the 2016 U.S. presidential election.A new paper, released Monday, is designed to act as a best practices guide to IIoT (industrial IoT) systems that connect control systems with enterprise systems and business processes.IoT botnet-made up mainly of routers-hit a service provider with nearly 300,000 requests-per-second in a 13-day deluge of data.This week's stories from TechRepublic and ZDNet include AI's influence on retail, the onslaught of malicious emails, and a look at why 50% of employees aren't satisfied.This week's stories from TechRepublic and ZDNet include AI's influence on retail, the onslaught of malicious emails, and a look at why 50% of employees aren't satisfied.Anne Neuberger will lead the directorate, which aims to bring together the NSA's offensive and defensive operations.Meanwhile, remediation times are ballooning to a year or more in the case of malicious attacks, according to Ponemon Institute.The sooner a company can detect and respond to an incident, the less likely they are to pay for it, a new IBM-Ponemon study finds.WeTransfer is being used by hackers to circumvent email gateways looking to zap malicious links.Executives and directors need quantitative measurements - such as likelihood of loss and hard-dollar financial impact - to make more informed decisions about security risks.The idea of de-identifying data has been around for a while. However, a study published this week asserts that itβs even easier to re-identify information than we first thought.Google in May disclosed that several Android devices had been shipped pre-installed with the RAT.New York City is considering a law that could stop cellphone carriers and smartphone app vendors from selling their location data.Data protection regulations are only going to grow tighter. Make sure you're keeping the customer's best interests in mind.A new report from Barracuda Networks reveals that email-based attacks are having a major impact on businesses, despite increased confidence in email security systems.EvilGnome was written to target the comparatively small but committed community who use Linux on their laptops.Insider attacks are some of the most threatening cyberattacks to data security, according to a Nucleus Cyber report.The FTC initially wanted a fine worth tens of billions, plus potential jail time for execs.The fine, against a large hospital, stems from its apparent lack of internal patient record security.Black Hat USA speakers to discuss what it will take to 'shift knowledge left' to build up a corps of security-savvy software engineers.Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660The virus affected the network, applications, and databases at City Power, which delivers electricity to the South African financial hub.Malware infection technique called TxHollower gets updated with stealthy features.Webinar examines challenges in patch management and offers solutions to streamline the process.A series of attacks on school district systems leads the governor to declare the state's first cybersecurity state of emergency.Data from an intrusion last year suggests Iron Liberty group may have a new trick up its sleeve, Secureworks says.Recently revealed surveillance-ware comes from a consultant with close ties to Russia's GRU who was sanctioned by the US for election-tampering.Senate Intelligence Committee report released today cites weaknesses, but finds no evidence of vote-tampering.The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these endpoints.In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.Weβre finally back with Series 2 of the Naked Security Podcast. While youβve been missing us, weβve been working out how to improve the show and kitting out a dedicated studio. Youβll now find longer episodes with more opportunities to get involved. Send us your general cybersecurity questions and join the discussion via social media [β¦]Nacho Analytics gathered data like passwords, tax and prescription data from browser add-ons - and those who bought it can keep it.An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.Of particular interest for cybercriminals is the Domain Name System, which plays a central role in orchestrating all Internet and application traffic.A public exploit for Microsoft's BlueKeep vulnerability is just days away. In fact, for those with deep pockets, it's already here.Cybersecurity expert Bart Stump explains what it's like to reliably deliver a useful, high-security network for one of the toughest audiences in the world.Data leaks from business logic flaws are not well understood and difficult to identify before they reach production environments. Here's how to find and prevent them.Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with user@example.com followed by <!---->. and then the attacker's domain name.Cybersecurity expert Bart Stump explains what it's like to reliably deliver a useful, high-security network for one of the toughest audiences in the world.SMBs aren't prioritizing cybersecurity prevention strategies, even though they are at risk of attack, according to a Keeper Security report.We take on one of #SysAdminDay's thorny issues.Exposed files include mortgage and loan information, passport and driver's license scans, internal corporate files, and shipping labels.News about a new phishing campaign targeting Office 365 admins, the FTC's big Facebook fine, and the latest data breach statistics are all covered in this week's Friday Five.An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass the session checks (that would otherwise logout a low-privileged user) by calling the core print job components directly via crafted HTTP GET and POST requests.A credit-card skimmer on Magento sites was found loading JavaScript from a legitimate-seeming Google Analytics domain.New study found that any database containing 15 pieces of demographic data could be used to identify individuals.The low cost of records reflects the huge supply of PII after many breaches at hospitals, government agencies, and credit bureaus.Gamers are easy pickings for credential crooks, thanks to lax security hygiene and poor gaming company practices.Attackers are hiding PHP scripts in EXIF headers of JPEG images to hack websites, just by uploading an image.Marcus Hutchins, the researcher known for stopping WannaCry, avoids jail time over charges of creating and distributing Kronos malware.Attacks on at least three school districts and likely others have prompted the state's first emergency due to cyberattack.Wrote malware for money, went straight, got busted, didn't go to prison. Has US cybercrime enforcement gone soft?In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption.In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access.In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem.In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.The Louisiana Governor declared a state of emergency after three public school districts were seized by ransomware.From iOS 13's password hole to logic bombs courtesy of the programmer from hell - and everything in between. It's weekly roundup time.Aware of the risks inherent in software, businesses are recognizing the need for application security.The ability to keep data encrypted while you use it for computations in the cloud could protect data from attackers and malicious insiders alike. There is still a performance hit, but you can start using open-source libraries to take advantage of that.Trolling, stalking, sexual harassment, and humiliation have become so bad that one in ten respondents had depressive or suicidal thoughts.There are security concerns that go far beyond the usual suspects. Here are some that should be on your list of scary things.Cybercriminals are targeting numerous Network Attached Storage vendors with a new wave of ransomware.The Senate Intelligence Committee doesn't know what Moscow's intentions are, but Robert Mueller says they're still at it.Marcus Hutchins, also known by his online alias MalwareTech, has been spared jail time in his sentencing for the creation of the Kronos malware.From BYOD and social media to ergonomics and encryption, TechRepublic has dozens of ready-made, downloadable IT policy templates.It's Shark Week again! Are you ready to outmaneuver sharks of the cyber variety? These tips can help.Fears of a WannaCry-level global attack grow as working exploit info starts to go public.Researchers have uncovered easy-to-exploit bugs that can impact physical safety, utilities, healthcare, critical infrastructure and more, setting the stage for widespread worm attacks.Internet-connected devices powered by VxWorks 6.5 and newer are affected by a vulnerability that allows remote attackers full control over targeted devices.Threatpost talks to Jacob Serpa with Bitglass about how more enterprises are struggling with a cloud security conundrum when it comes to public cloud vs on prem.edx-platform before 2016-06-06 allows CSRF.edx-platform before 2016-06-10 allows account activation with a spoofed e-mail address.The Unity Web Player plugin before 4.6.6f2 and 5.x before 5.0.3f2 allows attackers to read messages or access online services via a victim's credentialsedx-platform before 2015-09-17 allows XSS via a team name.edx-platform before 2015-08-17 allows XSS in the Studio listing of courses.edx-platform before 2015-07-20 allows code execution by privileged users because the course import endpoint mishandles .tar.gz files.The answer ultimately depends on the country and industry but in general, can span anywhere from $1.25 million to $8.19 million.The data breach compromised data belonging to customers in parts of Southeast Asia, Australia, and New Zealand.Standard email authentication to prevent spoofing and phishing remains elusive for most.An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. A user without valid credentials can bypass the authentication process, obtaining a valid session cookie with guest/pseudo-guest level privileges. This cookie can then be further used to perform other attacks.An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. An unauthenticated attacker can view details about the printers associated with CPS via a crafted HTTP GET request.Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that function. The implementation of strtotime at the time the issue was discovered appeared to be resistant to a malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree. The cookie data is then used in an SQL statement. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.Failures in computer and control systems are being blamed.Vulnerabilities in VxWorks' TCP stack could allow an attacker to execute random code, launch a DoS attack, or use the vulnerable system to attack other devices.Planon before Live Build 41 has XSS.Here's how to stop them - or at least limit the systems it can reach.Many organizations, along with their tech teams, are questioning whether eliminating passwords as an authentication tool might augment their overall security posture.Cybercriminals are increasingly trying to trick people into paying ransoms by threatening to expose compromising activities to friends and family.As end of support for the still-popular Windows 7 draws near, risks of unpatched operating systems are likely to be a significant security concern in the near future.Half of IT security leaders don't know if their cybersecurity tools are working, according to a report from the Ponemon Institute and AttackIQ.More than 100 million customers have had their data compromised by a hacker after a cloud misconfiguration at Capital One.Duo Labs' Mikhail Davidow and Jeremy Erickson speak about their research on the Apple T2 security chip, and why they're sharing it at Black Hat USA.Equifax is fined $675 million, while New York data breach notification law now covers biometrics, passwords, and more.Two years ago, the US government fined an international cybercriminal and his fraudulent bitcoin exchange over $100m. Now, it's going after them for the money.Apple Watch and HomePod have the highest rate of inadvertent recordings, a whistleblower says.As politicians should know by now, secure messaging apps such as Telegram can quickly become a double-edged sword.edx-platform before 2017-08-03 allows attackers to trigger password-reset e-mail messages in which the reset link has an attacker-controlled domain name.In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.Such a program will require effort and reprioritization, but it will let your company fight modern-day threats and protect your most important assets.New study exposes low confidence among security professionals in their security operations centers.Even though mobile data security is less mature than its desktop equivalent, the quality of the information on offer is top-tier.A Capital One data breach put the data of 106 million people at risk, including social security numbers and banking information.Global financial services company Capital One has just announced a massive data breach.The lack of an attack has puzzled some security experts, but the general advice remains that companies should patch their vulnerable systems more quickly.Rapid7 researchers found holes in CAN bus networks that an attacker could exploit to sabotage its operation.A new strain of ransomware is being distributed to Android users via online forums and SMS messages.Today's consumers want to see and touch security. Meeting this demand will be a win-win for everyone, from users to vendors to security teams.The breach exposed credit card application data, Social Security numbers, and linked bank accounts, among other information.A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.Lack of security in the default settings of Internet-enabled video cameras make co-opting video feeds not just a movie-hacker technique, but a reality for millions of cameras.The law, which updates data breach notification requirements in the state, was one of two forms of legislation signed last week to better protect New York residents against security breaches.New study exposes low confidence among security professionals in their security operations centers.Remote exploitation can be achieved with no user interaction.Google Project Zero researchers found an iOS vulnerability that could let an attacker snoop on a victim's phone remotely.The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials.Hackers with physical access to small aircraft can easily hack the plane's CAN bus system and take control of key navigation systems.Organizations are increasingly turning to containers even though they are not as confident in the security of those containers, according to a new survey.It would require taking over and stranding 20% of a city's cars to freeze traffic, and only 10% to impede ambulances, physicists calculate.X.509 certificates help secure the identity, privacy, and communication between two endpoints, but these digital certificates also have built-in expirations and must be managed.Lackadaisical security practices in proprietary management software from a hardware vendor underscore the need for a vendor-agnostic solution.Android patched more CVEs than Apple did, according to a Zimperium report.Phishing and credential stuffing attacks are top threats to financial services organizations and customers, according to Akamai.Threatpost editors discuss the top trends, keynotes and sessions that they look forward to at Black Hat USA and DEF CON 2019.The Department of Public Safety says it won't pay, but given the umpteen times the state's agencies have been hit, somebody's not listening.Google's Project Zero has unveiled details of a bug in Apple's iMessage that lets attackers read data from an iPhone without any user interaction.These early-stage security trends have not yet seen widespread adoption, but may in the near future, according to CB Insights.Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large.Anyone can listen to the camera's audio over the internet.In addition, Googleβs latest Chrome version implements 43 new security fixes.A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.There are 11 security flaws affecting VxWorks: βthe most widely used operating system you may never have heard aboutβ.New research shows how enterprises are adding additional layers of authentication.Altitude Networks, led by Michael Coates and Amir Kavousian, aims to prevent accidental and malicious file sharing.The legislation, which cites a rash of Chinese IP theft, would develop a national strategy to prevent risks to U.S. tech.Security is hard enough without adding multiple clouds into the mix.Is there something fishy about your network activity? Better make sure all of your IoT devices are under control.A researcher said that he found a Honda ElasticSearch database exposing 40GB of internal system and device data.Digita Security's Apple Mac endpoint protection solutions will join Jamf's MDM suite for iOS and MacOS.SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was previously logged in) to access resources by pressing a back or forward button in a web browser.The RIG exploit kit and Safari redirects are both in the adversaries' bag of tricks.Organizations using the utility should immediately install the latest version of the software, security vendor Trustwave says.Updates include Advanced Protection Program for the enterprise and general availability of password vaulted apps in Cloud Identity and G Suite.An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.The alliance wants tech companies to build backdoor access to usersβ encrypted data, by force if necessary.The county could only claw back some of the $2,504,601 it paid to a scammer posing as a contractor working on building a new high school.Security teams often look to technology to solve their security challenges. Yet sometimes investing in new products can create more issues.Tampering with surveillance cameras is a common activity for Hollywood heroes and criminals alike. Now, researchers have shown how they can do it in real life.Organizations must adopt a security-by-design approach to best combat threats created by the Internet of Things, according to Deloitte.To keep your turnover low, focus on these areas: compensation, advancement opportunities, training, and environment.The complaint claims the networking giant knowingly sold bug-riddled software to federal and state governments, that would allow complete network compromise.The U.K.'s data protection authority recently issued new draft guidelines to sharing data while maintaining compliance.Researchers are warning that unpatched flaws found in the Hickory Smart BlueTooth Enabled Deadbolt allow an attacker with access to a victim's phone to break into their houses.The proxy is being distributed by the RIG and Fallout exploit kits.Cybersecurity vulnerabilities continue to increase, and automated scanners can't always detect the most critical ones, according to Bugcrowd.cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem (SEC-85).cPanel before 11.54.0.4 allows self XSS in the WHM PHP Configuration editor interface (SEC-84).cPanel before 11.54.0.4 allows arbitrary code execution via scripts/synccpaddonswithsqlhost (SEC-83).cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).It was found that the Apache ActiveMQ client before 5.15.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations.Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users.Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account.Looking to use a Yubikey for added security on your encrypted Linux drives? With a few quick commands, you'll enjoy that added layer of security.Staying on top of the latest cybersecurity risks and preferred attack methods can feel impossible, but standards like FIDO2 are designed to help relieve the burden.An unprotected database, now secured, contained information on every computer owned by the automobile giant.cPanel before 55.9999.141 allows unauthenticated arbitrary code execution via DNS NS entry poisoning (SEC-90).cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation (SEC-89).cPanel before 55.9999.141 allows self XSS in X3 Reseller Branding Images (SEC-88).South Korea is the largest victim of card present data theft at a time when criminals are ramping up cyberattacks in the Asia-Pacific region.cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains (SEC-118).Online card-skimming activities grew sharply this summer fueled by the availability of attack kits and other factors, Malwarebytes says.The agency this week will share the source code and hardware specifications for the secure voting system prototypes.A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 - but the company ignored the issues and fired the consultant.Protection failures come at a time when malicious Android software is becoming more of a problem.OK, perhaps that's self-evident, so how come it far too often still takes an incident to trigger planning?The completely non-evil-genius goal: a wearable, noninvasive device that could translate thoughts into text, for the speech impaired or VR.Pretending to be a hot young thing brought in beaucoup bucks. Last laugh department: "world's best granny" now has more followers than ever.The hugely popular gaming site Club Penguin Rewritten suffered a data breach that exposed 4m user accounts.The European Space Agency thinks it's found a much cheaper way to control a small module - and it's built around a tiny Raspberry Pi Zero board.Apple's Siri follows Amazon Alexa and Google Home in facing backlash for its data retention policies.Vast majority of Apple iOS users haven't updated to iOS 12.4, leaving themselves wide open to a public exploit.Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.A trio of breaches, the plight of IT budgets in the U.K., and hackers hitting school districts - catch up on the week's news with this roundup!Listen to the latest episode now!Where Capital One went wrong, what the bank did right, and more key takeaways from the latest mega-breach.Researchers spotted the never-before-seen LookBack malware being used in spearphishing campaigns against three U.S. utilities.Comprehensive testing of 21 free Android antivirus apps revealed big security vulnerabilities and privacy concerns; especially for AEGISLAB, BullGuard, dfndr and VIPRE.Cybersecurity experts will share their latest insights and strategies for protecting industrial sites and equipment, from electric motors to satellites.An email phishing attack, thought to be from a nation-state actor, claims that engineers have failed licensing exams.Enjoy the respite from the security tasks that await you back at home. Then prepare yourself for the uphill battles to come. Here's how.From NAS targeted by brute force ransomware attacks to the humans who hear your Siri recordings, catch with everything we've written in the last seven days - it's weekly roundup time.The good news is that Web servers have come a long way in terms of security. But to err is human, even for IT and security people.Watch right here for more than 30 video interviews with speakers and sponsors. Streaming live from Black Hat USA Wednesday and Thursday 2 p.m. to 6 p.m. Eastern.Manual steps have been replaced by automation.Destructive attacks cost multinational companies $239 million on average, far more than the cost of a data breach, according to IBM X-Force.Hackers know vulnerable systems when they see them, and they also know this: Many government systems are decades old, running Windows 7 and even Windows XP.What have seven security fixes in FileZilla got to do with 2014's Heartbleed bug?Receive any strange SMS text messages recently? If you live in the US, thereβs a small chance you might have received an SMS with the following text in the last few days from someone called βj3ws3r on Twitterβ: Iβm here to warn the masses about SMS email gateways. Please look up how to disable it [β¦]Apple and Google have announced that they will limit the way audio recorded by their voice assistants, Siri and Google Assistant, are accessed internally by contractors.cPanel before 60.0.25 allows self XSS in the tail_ea4_migration.cgi interface (SEC-172).cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171).cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165).cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update (SEC-164).cPanel before 60.0.25 allows an open redirect via /cgi-sys/FormMail-clone.cgi (SEC-162).cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades (SEC-161).cPanel before 60.0.25 allows stored XSS in the WHM Repair Mailbox Permissions interface (SEC-159).The first step toward identifying and preventing mobile fraud threats is acknowledging that mobile security requires a unique solution.Buffer overflows, race conditions, use-after-free and more account for more than half of all vulnerabilities in the Android platform.Microsoft says its Azure Security Lab will allow researchers to attack its cloud environment in a customer-safe way.edx-platform before 2016-06-06 allows CSRF.After infecting Fiberhome routers, its sole purpose seems to be setting up SOCKS5 proxies.Microsoft has invited security experts to 'come and do their worst' to mimic cybercriminals in the Azure Security Lab.Researchers have discovered a botnet (and the database it feeds on) dedicated to extortion schemes.Personal data of 2,000 journalists was found publicly accessible on a spreadsheet on the website for popular trade show E3.Organizations hit with destructive malware can lose more than 12,000 machines and face $200 million or more in costs, IBM X-Force reports.The authors of MegaCortex appear to have traded security for convenience and speed, say researchers at Accenture iDefense.New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.Preconceived notions and divisions make building security into the software development life cycle an uphill battle for many organizations.Another database has fallen to extortion hackers, this time containing 2.1 million records belonging to Mexican bookseller, LibrerΓa PorrΓΊa.The class action charges Capital One and GitHub, charging it with being "friendly" (at least) toward hacking and for the hackers' posts.What movies much? Here's what happens when two hackers try to outhack each other.His victims: UCSD and a Pennsylvania university. He hid out in Kenya for nearly 8 months before being nabbed.New research from Sophos takes an exhaustive look at the Baldr password stealer.To improve the security posture of our organizations, we must open our eyes to rationalization and put an end to it with logic. Here's how.NVIDIA has patched five bugs in its Windows GPU display driver, three of which could allow an attacker to execute code on the system.cPanel before 60.0.25 allows self stored XSS in postgres API1 listdbs (SEC-181).cPanel before 60.0.25 allows self XSS in the UI_confirm API (SEC-180).New research warns that security pros must guard against updates to older malware and more manipulative social-engineering techniques.cPanel before 60.0.25 allows stored XSS in the ftp_sessions API (SEC-180).cPanel before 60.0.25 allows stored XSS in api1_listautoresponders (SEC-179).cPanel before 60.0.25 allows self stored XSS in the listftpstable API (SEC-178).cPanel before 60.0.25 allows self XSS in WHM Tweak Settings for autodiscover_host (SEC-177).cPanel before 60.0.25 allows stored XSS during the homedir removal phase of WHM Account termination (SEC-174).The latest risks involved in cloud computing point to problems related to configuration and authentication rather than the traditional focus on malware and vulnerabilities, according to a new Cloud Security Alliance report.Slack's Enterprise Grid product now helps admins limit which people and devices can access Slack, and how Slack can be used.Learn about data security and the role it plays in many data protection solutions in Data Protection 101, our series on the fundamentals of data security.Flaws in Qualcomm chipset expose millions of Android devices to hacking threat.The sites are targeting job-seekers, movie aficionados and shoppers in hopes of harvesting their personal information.Criminals are getting increasingly sophisticated in their efforts to commit fraud and recruit 'money mules,' according to the FBI.Teams need to manage perceived risks so they can focus on fighting the real fires.A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts.Patient medical history and over 6 million email addresses tied to Democrats were detailed in a misconfigured storage buckets over the past few weeks.A new investigation detects more than 540 domain names linked to the Walmart brand and camouflaged as career, dating, and entertainment websites.Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data.The Air Force brought together 50 vetted hackers to find the vulnerabilities in the latest bug-bounty program hosted by a branch of the US military.The vulnerability, dubbed SWAPGS, is an undetectable threat to data security, similar in some respects to Spectre and Meltdown.Cloud security issues are growing more prevalent in the enterprise, according to the Cloud Security Alliance. Here's how to stay protected.The August 2019 security bulletin is out - and two of the critical flaws could allow an attacker to compromise the Android system kernel.When is a secure PIN not a secure PIN? When you accidentally store it in your log files.Security teams have been slow to embrace enterprisewide encryption, and for good reasons. But the truth is, it doesn't have to be an all-or-nothing endeavor.Several serious privacy flaws in a kid's tablet were disclosed this year at Black Hat, which could allow a bad actor to track or send messages to children.Equifictitious sites popped up within days of Equifax agreeing to pay up to $700m to settle claims over the 2017 data breach.A kid's tablet with security vulnerabilities is only the latest privacy faux pas in a children's connected device.It's not longer enough to be wary of flash-in-the-pan "lovers" who ask you to send money; now they're asking you to open accounts for them.Many popular routers include security flaws, but here are some tips on how to secure your wireless router, according to Consumer Reports.Researchers demonstrate a new side-channel attack that bypass mitigations against Spectre and Meltdown.Deception technology is evolving rapidly, making it easier for organizations to turn the tables on their attackers. Here's how.Crooks don't have to break *into* your network to benefit - they can bounce *off* it so you take the blame and look like a hacker yourself.The Air Force paid out $123,000 to researchers who found vulnerabilities in the organization's move to the cloud. Here's why.BitSight is sounding an alarm over the potential for patching to taper off, leaving legacy systems at risk for the potentially potent vulnerability.The adversaries have retooled with EternalBlue and credential theft to add a new "access mining" revenue stream.cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_applications (CPANEL-1221).An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.Dino Dai Zovi, mobile security lead at Square, discusses ongoing transformation in security's role in the workplace during the keynote.Boeing disputes IOActive findings ahead of security firm's Black Hat USA presentation.New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.From government surveillance to domestic abuse, technology is being used in new and disturbing ways that threaten human rights - how can the security industry fight back?Unlike many nations, North Korea often engages in cyber operations to generate much-needed cash for the country's coffers. In that respect, its hackers have been extremely successful.Democratic presidential hopeful Pete Buttigieg's campaign reportedly may be the first to bring a security exec on board.Experts on a panel at Black Hat stressed Wednesday that there's never been a greater need for hackers and public interest technologists to foster a safe digital society.The algorithms that check for a user's 'liveness' have blind spots that can lead to vulnerabilities.In his Black Hat USA keynote, Square's Dino Dai Zovi discussed lessons learned throughout his cybersecurity career and why culture trumps strategy.Academic researchers carry out attacks on high-end commercial devices as well as narrowband IoT sensors.At Black Hat USA 2019, researchers showed how a previously-disclosed flaw on Windows systems that could allow arbitrary code execution could also impact Hyper-V.Listen up, VBScript fans: your favourite scripting language's days are numbered.A raft of bugs in six popular models can allow a hacker to wreak havoc on a corporate network.Attack vectors disclosed last year are still fully exploitable, researchers demoed at Black Hat USA 2019.Episode 3 of the podcast is now live. This week, host Anna Brading is joined by Paul Ducklin, Mark Stockley and Ben Jones.The alleged, now indicted ringleader paid more than $1m in bribes to insiders who planted malware and hardware for remote unlocking.Some user data, such as country and device type, was exposed to some advertisers for over a year.Transparency rules, but taking the right amount of time to figure out what happened will go a long way toward setting the record straight.Businesses running any of Ciscoβs 220 Series Smart Switches have some urgent patching work on their hands.Check Point security researchers demonstrate how a dangerous security weakness in the messaging application can be abused to spread fake news and carry out online scams.New research shows that criminals are evolving ransomware attacks against servers, network hosts, and IaaS cloud assets in search of bigger payoffs from businesses.An ongoing campaign is hosting its phishing landing pages on enterprise-class public cloud storage services -- a nascent trend meant to throw defenders off.A pair of reports released at Black Hat mark the huge shift away from targeting consumers.FaceApp has an unprecedented level of access to data from 150 million users. What could its endgame be? We unpack three potential risks.Assets used as part of phishing campaigns are being hosted on AWS, with heavy XOR obfuscation to limit detection, according to a Proofpoint report.Cybercriminals are increasingly targeting businesses with ransomware instead of consumers for a bigger payout, according to Malwarebytes.You might not think your phone is as exposed as an internet server - but it's handling plenty of untrusted data from unknown sources!Researchers were able to bypass Apple's FaceID using a pair of glasses with tape on the lenses.The closed-source, opaque operation of network equipment makes spying accusations difficult to disprove. This could be solved by opening the software stack, but Huawei CSO Andy Purdy disagrees.A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause applications that use liblouis (such as Orca) to crash, or potentially execute arbitrary code when opened.Researchers at Black Hat USA reveal how security authentication weaknesses in popular Siemens ICS family let them control a PLC.The vulnerability is a decade old with a public exploit, yet remained unpatched in one of the phone giant's most popular models.LAS VEGAS β Supply-chain attacks have nabbed headlines lately thanks to high-profile incidents like the Wipro news last April, where attackers were able to compromise the staffing agencyβs network and pivot to their customers. That incident pointed out that supply-chain risk should be thought of in a much more holistic fashion than it usually is, [β¦]The insurance giant serves at least 83 million U.S. households.In a talk at this year's Black Hat an Oxford University student explained how he used GDPR Access Requests and a Python script to steal a slew of sensitive information on another person.In addition, ransomware seems likely to continue its evolution in the second half of 2019.6kbbs 7.1 and 8.0 allows CSRF via portalchannel_ajax.php (id or code parameter) or admin.php (fileids parameter).A new program leveraged behavioral data of employees to determine when they excelled at security and where they needed improvement.Organizational culture is key to good enterprise security posture, Jamil Farshchi told Black Hat attendees.Apple is opening its once-private bug bounty program to all researchers, as well as boosting vulnerability payouts and expanding the product scope to include MacOS.TechRepublic's Karen Roby interviews Dan Patterson about the top trends at the Black Hat USA 2019 cybersecurity conference.TechRepublic's Karen Roby interviews Dan Patterson about the top trends at the Black Hat USA 2019 cybersecurity conference.With so many threats and vulnerabilities to deal with, just knowing which actions you should prioritize can be hard. The new Threat & Vulnerability Management service from Microsoft should help.A Skype Translator insider claims it's good because humans are listening in and helping to train its artificial intelligence.From insecure voting machines to social media misinformation, governments have alot to think about when it comes to securing elections.LeapFrog has done lots to fix the security of the LeapPad. Now all that's left is for parents to scrape Pet Chat off of older tablets.A βpreferred Facebook Marketing Partnerβ is alleged to have tracked millions of Instagram users' locations and stories.The best way to protect your identity in cyberspace is the simplest: Use a variety of strong passwords, and never, ever, use "123456" no matter how easy it is to type.Here's a story of super-sized digital blackmail aimed at one of the biggest cryptocoin exchanges out there.Despite the risk, small businesses are largely unaware of security risks associated with remote employees, according to a Nationwide survey.Researchers show how they hacked Google Home smart speakers using the Megellan vulnerability.In a half-year project, two researchers tested six of the top enterprise printer brands and found vulnerabilities in every device, some of which allow remote execution.In a half-year project, two researchers tested six of the top enterprise printer brands and found vulnerabilities in every device, some of which allow remote execution.To install an app in Windows 10, standard level users are prompted for elevated credentials. With a few tweaks, you can change that behavior to deny such requests.Heading back to campus soon? Here are seven tips that will get your digital house in order and keep you safe online this semester.Twitter shares user data without permission, malware attacks are on the rise, and more - catch up on the weekβs infosec news with this roundup!The bug exists in a controller that oversees HVAC, lighting, sensor and alarm systems, to name a few.LAS VEGAS β Β A vulnerability in a popular IoT lock key β used chiefly by a high-end hotel in Europe β allowed researchers to break into hotel rooms. The locks in question are dubbed βmobile keysβ because of their reliance on mobile phones as opposed to card-based access such as those based on mag-strips and [β¦]The insurer has informed customers a third party used a list of user IDs and passwords to attempt access into online accounts.Taking into account more factors than the current CVSS makes for a better assessment of actual danger.Patrick Wardle proves that signature-based anti-malware protection on Macs is woefully inadequate when fending off modern attacks.Researchers exploit a SQLite memory corruption issue outside of a browser.Dozens of insecure drivers from 20 vendors illustrate widespread weaknesses when it comes to kernel protection.Session shows how researchers found multiple vulnerability in Canon firmware that can be used in a malware attack.Two decades ago some people still used dial-up modems, and now the world is at our fingertips. Read on to get a sense of how much has changed in the IT office since 2000.This week: hijacked home routers, SMS spam and time to update your iPhone. Catch up with everything we've written in the last seven days - it's weekly roundup time.As businesses look to the future and invest in next-generation tools, here are some considerations for more effective planning.A British researcher has uncovered an ironic, gaping security hole in the EUβs General Data Protection Regulation (GDPR) - right of access requests.The court said facial recognition could well harm privacy rights, given its βdetailed, encyclopedic, and effortlessly compiledβ biometrics collection.It formalizes the reality: "pre-jailbroken" iPhones were already on the black market.The latest on the number of attacks, types of attacks, and threats to enterprises' most critical IT infrastructure.Development environments pose a few unique risks to the organization.Development environments pose a few unique risks to the organization.The Internet of Things isn't going away, so it's important to be aware of the technology's potential pitfalls.Tech Republic's Karen Roby sat down with Frank Abagnale, the real life inspiration behind Spielberg's hit Catch Me If You Can, to discuss everything from cybersecurity and credit protection to cryptocurrency and the tech he fears most.Tech Republic's Karen Roby sat down with Frank Abagnale, the real life inspiration behind Steven Spielberg's hit movie "Catch Me If You Can," to discuss everything from cybersecurity and credit protection to cryptocurrency and the tech he fears most.Your 4G hotspot might seem very basic and low risk compared to your phone, but you need to keep it patched just as carefully!Valve said it wouldn't fix an elevation-of-privilege bug that allows attackers to run any program on a target machine with high privileges.Threatpost breaks down the highs and lows from Black Hat 2019, from new vulnerabilities and industry collaboration to a scandal around a sponsored session.The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS.The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions."Never trust, always verify" is a solid security concept -- but it's important to realize that putting it into practice can be complex.At Black Hat, the head of Appleβs Security Engineering team announced new enhancements to its bug bounty program, including one vulnerability that could fetch a researcher $1M.