Technology

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service (SVR) have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday. “SVR cyber operators appear to have reacted […] by changing their TTPs in an attempt to […]

Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild Read More »

4 Major Privacy and Security Updates From Google You Should Know About

Google has announced a number of user-facing and under-the-hood changes in an attempt to boost privacy and security, including rolling out two-factor authentication automatically to all eligible users and bringing iOS-styled privacy labels to Android app listings. “Today we ask people who have enrolled in two-step verification (2SV) to confirm it’s really them with a simple tap

4 Major Privacy and Security Updates From Google You Should Know About Read More »

New TsuNAME Flaw Could Let Attackers Take Down Authoritative DNS Servers

Security researchers Thursday disclosed a new critical vulnerability affecting Domain Name System (DNS) resolvers that could be exploited by adversaries to carry out reflection-based denial-of-service attacks against authoritative nameservers. The flaw, called ‘TsuNAME,’ was discovered by researchers from SIDN Labs and InternetNZ, which manage the national top-level internet domains ‘.nl’ and ‘.

New TsuNAME Flaw Could Let Attackers Take Down Authoritative DNS Servers Read More »

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named ‘Mouse Trap,’ were disclosed on Wednesday by security researcher Axel Persinger, who said, “It’s clear that this application is very vulnerable and puts

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS Read More »

New Stealthy Rootkit Infiltrated Networks of High-Profile Organizations

An unknown threat actor with the capabilities to evolve and tailor its toolset to target environments infiltrated high-profile organizations in Asia and Africa with an evasive Windows rootkit since at least 2018. Called ‘Moriya,’ the malware is a “passive backdoor which allows attackers to inspect all incoming traffic to the infected machine, filter out packets that

New Stealthy Rootkit Infiltrated Networks of High-Profile Organizations Read More »

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site

InfoSec leaders tend to be a specific type. Their jobs require them to think of possible threats, take actions that may not pay immediate results, plan for unknown security risks, and react quickly when emergencies arise, often before the morning’s first coffee. The high-stakes position also means that CISOs need to keep their knowledge and

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site Read More »

Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software

Networking equipment major Cisco has rolled out software updates to address multiple critical vulnerabilities impacting HyperFlex HX and SD-WAN vManage Software that could allow an attacker to perform command injection attacks, execute arbitrary code, and gain access to sensitive information. In a series of advisories published on May 5, the company said there are no

Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software Read More »

New Spectre Flaws in Intel and AMD CPUs Affect Billions of Computers

When Spectre, a class of critical vulnerabilities impacting modern processors, was publicly revealed in January 2018, the researchers behind the discovery said, “As it is not easy to fix, it will haunt us for quite some time,” explaining the inspiration behind naming the speculative execution attacks. Indeed, it’s been more than three years, and there is no end

New Spectre Flaws in Intel and AMD CPUs Affect Billions of Computers Read More »

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices

Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm’s mobile station modems (MSM) that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. “If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject

New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices Read More »

BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide

PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. 1, 2020, reside in a firmware update driver named “dbutil_2_3.sys” that comes pre-installed

BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide Read More »