Cross-Site Scripting Vulnerability In Download Manager Plugin
WordFence – On May 30, 2022, Security Researcher Rafie Muhammad reported a reflected Cross-Site Scripting (XSS) vulnerability to us that they discovered in Download Manager, a WordPress plugin installed on
Hackers are now hiding inside networks for longer. That's not a good sign
The amount of time cyber criminals intruders are spending inside victims’ networks is increasing, providing them with the ability to carry out higher complexity campaigns and more damaging cyber attacks.
Ransomware Gangs Now Employ a New Technique
Threat analysts have recently noticed a surprising tendency in ransomware gang strategies. According to them, the initial stages of victim extortion are becoming less visible to the public, as cybercriminals
Cyber Risk Retainers: Not Another Insurance Policy
The costs associated with a cyberattack can be significant, especially if a company does not have an Incident Response plan that addresses risk. The one-two punch of a cyberattack can
Behind the stage: Conti Leaks before and after
The Ukraine conflict comes to significant attention from the cybersecurity community because of cyberattacks conducted against Ukraine’s infrastructure. One threat group that has increased its operations is Conti Ransomware Group.
Bitdefender Threat Debrief | June 2022
Highlight of the Month: CVE-2022-30190 Zero-Day Vulnerability “Follina” Bitdefender has been keeping a close eye on recent vulnerabilities disclosed in the last week of May 2022 involving CVE-2022-30190, which threatens
Conducting Modern Insider Risk Investigations
Insider Risk Management requires a different approach than to those from external threats. IRM is unique from other domains of security in that the data sources which serve as inputs
Follina Exploited by State-Sponsored Hackers
A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets. Researchers have added state-sponsored hackers to the list of adversaries attempting to exploit Microsoft’s now-patched
Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw
The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario. Threat actors are using public exploits to pummel a critical zero-day
QBot Now Attacks Using Black Basta Ransomware
QBot is a banking virus active since 2007 that steals user data and banking credentials. The malware contains novel distribution methods, C2 tactics, and anti-analysis characteristics. Some campaigns distribute Qbot directly,
How do I recover data from an old laptop if I've forgotten the password? [Ask ZDNet]
Is there any way to retrieve the data before it’s lost for good? Getty Images Welcome to the latest installment of Ask ZDNet, where we answer the questions that make
Smishing and Vishing Attempts Surged in 2021
Proofpoint records 100,000 phone-based attacks each dayRead More: https://www.infosecurity-magazine.com/news/smishing-and-vishing-2021/
Social Care Organizations Get Cybersecurity Boost
NHS delivers new resources to enhance staff awarenessRead More: https://www.infosecurity-magazine.com/news/social-care-organizations-boost/
Cyber-Attack Surface “Spiralling Out of Control”
Infosec pros still struggling to define and manage cyber-riskRead More: https://www.infosecurity-magazine.com/news/cyberattack-surface-out-of-control/
#RSAC: The Changing Work of the Cyber-Threat Intelligence Community
The need for new approaches to improve cyber-threat intelligence was highlighted during a keynote at the RSA conferenceRead More: https://www.infosecurity-magazine.com/news/cyber-threat-intelligence-community/
LockBit 2.0 gang claims Mandiant as latest victim; Mandiant sees no evidence of it
Written by AJ Vicens Jun 6, 2022 | CYBERSCOOP A prominent ransomware group claimed Monday it has successfully attacked cybersecurity giant Mandiant, and will release company files. LockBit 2.0 — a
Critical Vulnerability Found in Motorola's Unisoc Chips
Checkpoint Research spotted a critical vulnerability in Unisoc Tiger T700 chips in three Motorola modelsRead More: https://www.infosecurity-magazine.com/news/vulnerability-in-motorolas-unisoc/
State-Backed Hacker Believed to Be Behind Follina Attacks on EU and US
An unnamed state actor is behind a phishing campaign targeting European and local US government entitiesRead More: https://www.infosecurity-magazine.com/news/statebacked-hacker-follina-attacks/
Small business cybersecurity: Avoid these 8 basic mistakes that could let hackers in
For small businesses, cyberattacks might sound like something they don’t need to think about. Because cyber criminals only go after big, lucrative targets, right? Why would they target a small
FBI warning: This gang steals data for ransom, then makes harassing phone calls to pile on the pressure
A cyber criminal gang is stealing sensitive data from businesses and demanding a ransom payment in exchange for deleting the stolen information – and they’re harassing victim’s employees, business partners
SMBs are rising to the challenge and turning to technology to help them get to the top
Image: Imaginima/Getty Images It would be an understatement to say that small to medium-sized businesses (SMBs) around Australia have had to face a tough couple of years. But there are
Planning for post-quantum cryptography: Impact, challenges and next steps
Symmetric vs. asymmetric cryptography Encryption algorithms can be classified into one of two categories based on their use of encryption keys. Symmetric encryption algorithms use the same secret key for
Ransomware attacks have dropped. And gangs are attacking each other's victims
Image: Shutterstock Researchers say that while ransomware attack volumes are dropping, shifts in gang activities have pivoted more attacks than ever to the finance sector. On Monday, cybersecurity firm KELA
Microsoft's new 'autopatch' service for Windows PC just took another step forwards
Image: Getty Images/iStockphoto Microsoft has rolled out the public preview of Windows Autopatch, potentially a much easier way for admins to handle Patch Tuesday. Patch Tuesday, the second Tuesday of
Decrypted: TaRRaK Ransomware
Avast – The TaRRaK ransomware appeared in June of 2021. This ransomware contains many coding errors, so we decided to publish a small blog about them. Samples of this ransomware
'Shields Up': the new normal in cyberspace
Written by Jen Easterly and Chris Inglis Jun 6, 2022 | CYBERSCOOP When the Cybersecurity and Infrastructure Security Agency — or CISA — launched the Shields Up campaign early this
Phishing Campaign Uses Reverse Tunnels and URL Shorteners
Phishing is a deceptive tactic used to obtain sensitive user information (credit card numbers, passwords, etc.). Attackers appear to be trustworthy organizations (typically mimicking a large brand) to deceive victims
What Is a CVE? Common Vulnerabilities and Exposures Explained
Vulnerability management is quintessential for a successful cybersecurity strategy, and CVEs are an integral part of it. You might have heard the acronym thrown around before, but what does it
Demand for cyber risk insurance soars in Brazil
Young women using computer, Cyber security concept. StackCommerce The increase in cybersecurity incidents in Brazil has led to soaring demand for insurance for risks in that area, according to numbers
60GB of User Data Was Exposed by Australian Trading Company ACY Securities
ACY Securities is an Australian financial derivative trading organization that allows customers to trade Forex (FX) and CFD instruments across shares, indices, precious metals, commodities, and cryptocurrencies. According to Anurag
Gloucester Council IT Systems Still Not Fully Operational Six Months After Cyber-Attack
The authority said its servers were compromised on December 20 last yearRead More: https://www.infosecurity-magazine.com/news/gloucester-council-it-systems/
Apple: These are the sorts of apps we blocked from our App Store last year
Source: Apple Apple says it prevented over 1.6 million risky and untrustworthy apps and app updates from reaching the App Store and stopped over $1.5 billion in fraudulent transactions in
Russian Ministry Website Reportedly Hacked
Russia’s state news agency said hackers were demanding a ransomRead More: https://www.infosecurity-magazine.com/news/russian-ministry-website/
Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
Trend Micro – The dark blue line in the survival analysis in Figure 8 shows the date range when victims paid the ransom amount. In this analysis, the victims that
Get a light, powerful cybersecurity device for under $300
StackCommerce The following content is brought to you by ZDNet partners. If you buy a product featured here, we may earn an affiliate commission or other compensation. With the sophistication
Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data
Rustam Kurmaev and Partners work with the Russian government and other high-profile banking, media, oil, and industrial companies, including American firms. The Anonymous hacktivists collective has struck Russia again by
Scoop: Australian Trading Giant ACY Securities Exposed 60GB of User Data
Upon being alerted by security researcher Anurag Sen, the company rubbished the sensitivity of the matter by labeling the exposed database as “an insignificant one.” Anurag Sen, a prominent IT
Threat Advisory: Atlassian Confluence zero-day vulnerability under active exploitation
Cisco Talos is monitoring reports of an actively exploited zero-day vulnerability in Confluence Data Center and Server. Confluence is a Java-based corporate Wiki employed by numerous enterprises. At this time,
CISA issues vulnerability advisory for select Dominion voting equipment, urges updates
Written by AJ Vicens Jun 3, 2022 | CYBERSCOOP Vulnerabilities within some Dominion voting machines used in roughly a dozen states should be mitigated “as soon as possible,” the U.S.
Threat Roundup for May 27 to June 3
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 27 and June 3. As with previous roundups, this post isn’t meant to be an
Fake Updates Continue To Be A Digital Risk: What To Do?
In this digital era, online threats are booming as much as the internet user base. Sometimes, malware infects devices due to vulnerabilities unknown to people. However, it frequently comes as
Authorities Take Down SMS-based FluBot Android Spyware
The takedown resulted from a global law enforcement operation involving eleven countries, headed by Europol’s European Cybercrime Center. The European Cybercrime Center/EC3 of Europol and law enforcement agencies from eleven
LockBit Malware Is Now Used by Evil Corp
Also known as the Dridex gang or INDRIK SPIDER, the Russian cybercriminal gang Evil Corp has been active since at least 2007 and is known for distributing the Dridex malware.
Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again
Deja-Vu data from this year’s DBIR report feels like we are stuck in the movie ‘Groundhog Day.’ Ransomware and social engineering continue to dominate challenges facing cybersecurity professionals, according to
Evil Corp Pivots LockBit to Dodge U.S. Sanctions
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity. Evil Corp
Zero-day Exploited to Target Atlassian Confluence
A zero-day vulnerability is a newly discovered software security flaw that has not yet been patched by the developers and, as a result, can be exploited. The term “zero-day” is an
Industrial Spy Is Now Targeting Corporate Websites to Display Ransom Notes
Industrial Spy ransomware gang has devised a new extortion strategy: it compromises corporate websites in order to publicly display ransom notifications. The new technique is being employed by Industrial Spy,
Build an Effective Network Defence by Using NDR
Network Detection and Response (NDR) enables organizations to monitor network traffic for malicious actors and suspicious behavior, as well as react and respond to the detection of cyber threats to