Cyber Security

It is predicted that 3.5 million jobs will be unfilled in the field of cybersecurity by the end of this year. Several of these jobs pay very well, and in most cases, you don’t even need a college degree to get hired. The most important thing is to have the skills and certifications. The All-In-One

Code-hosting platform GitHub Friday officially announced a series of updates to the site’s policies that delve into how the company deals with malware and exploit code uploaded to its service. “We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits,” the Microsoft-owned company said. “We understand that many security

A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an adversary could abuse to gain elevated privileges on a device and hijack wireless communications. “Successful exploitation would lead to complete control of the Wi-Fi module and potential root access on the OS (such as Linux or Android) of

Cybersecurity researchers on Thursday disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to remote code execution on programmable logic controllers (PLCs). “To exploit the vulnerabilities, an attacker does not need a username or password; having network access to the industrial controller is enough,” researchers from Positive Technologies said.

Google is tightening the privacy practices that could make it harder for apps on Android phones and tablets to track users who have opted out of receiving personalized interest-based ads. The change will go into effect sometime in late 2021. The development, which mirrors Apple’s move to enable iPhone and iPad users to opt-out of

Google on Thursday said it’s rolling new security features to Chrome browser aimed at detecting suspicious downloads and extensions via its Enhanced Safe Browsing feature, which it launched a year ago. To this end, the search giant said it will now offer additional protections when users attempt to install a new extension from the Chrome

Major software vulnerabilities are a fact of life, as illustrated by the fact that Microsoft has patched between 55 and 110 vulnerabilities each month this year – with 7% to 17% of those vulnerabilities being critical. May had the fewest vulnerabilities, with a total of 55 and only four considered critical. The problem is that

New upgrades have been made to a Python-based “self-replicating, polymorphic bot” called Necro in what’s seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. “Although the bot was originally discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different command-and-control (C2) communications and

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening. Just as it wasn’t raining when

A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with its southern counterpart to install an Android and Windows backdoor for collecting sensitive information. Cybersecurity firm Malwarebytes attributed the activity to a threat actor tracked as Kimsuky, with the targeted entities comprising of the

A top Russian-language underground forum has been running a “contest” for the past month, calling on its community to submit “unorthodox” ways to conduct cryptocurrency attacks. The forum’s administrator, in an announcement made on April 20, 2021, invited members to submit papers that assess the possibility of targeting cryptocurrency-related technology, including the theft of private

Days after Microsoft, Secureworks, and Volexity shed light on a new spear-phishing activity unleashed by the Russian hackers who breached SolarWinds IT management software, the U.S. Department of Justice (DoJ) Tuesday said it intervened to take control of two command-and-control (C2) and malware distribution domains used in the campaign. The court-authorized domain seizure 1m took

Researchers have disclosed significant security weaknesses in popular software applications that could be abused to deactivate their protections and take control of allow-listed applications to perform nefarious operations on behalf of the malware to defeat anti-ransomware defenses. The twin attacks, detailed by academics from the University of Luxembourg and the University of London, are aimed

The U.S. National Security Agency (NSA) used a partnership with Denmark’s foreign and military intelligence service to eavesdrop on top politicians and high-ranking officials in Germany, Sweden, Norway, and France by tapping into Danish underwater internet cables between 2012 and 2014. Details of the covert wiretapping were broken by Copenhagen-based public broadcaster DR over the

Are you aware of how secure your domain is? In most organizations, there is an assumption that their domains are secure and within a few months, but the truth soon dawns on them that it isn’t. Spotting someone spoofing your domain name is one way to determine if your security is unsatisfactory – this means

Starting June 8, Amazon will automatically enable a feature on your Alexa, Echo, or other Amazon device that will share some of your Internet bandwidth with your neighbors—unless you choose to opt out. Amazon intends to register its family of hardware devices that are operational in the U.S.—including Echo speakers, Ring Video Doorbells, Ring Floodlight

Siemens on Friday shipped firmed updates to address a severe vulnerability in SIMATIC S7-1200 and S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to remotely gain access to protected areas of the memory and achieve unrestricted and undetected code execution, in what the researchers describe as an attacker’s “holy grail.”

Cybersecurity researchers have disclosed two new attack techniques on certified PDF documents that could potentially enable an attacker to alter a document’s visible content by displaying malicious content over the certified content without invalidating its signature. “The attack idea exploits the flexibility of PDF certification, which allows signing or adding annotations to certified documents under

Russian-language dark web marketplace Hydra has emerged as a hotspot for illicit activities, pulling in a whopping $1.37 billion worth of cryptocurrencies in 2020, up from $9.4 million in 2016. The “blistering growth” in annual transaction volumes marks a staggering 624% year-over-year jump over a three-year period from 2018 to 2020. “Further buoying Hydra’s growth

Microsoft on Thursday disclosed that the threat actor behind the SolarWinds supply chain hack returned to the threat landscape to target government agencies, think tanks, consultants, and non-governmental organizations located across 24 countries, including the U.S. “This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations,” Tom Burt, Microsoft’s Corporate

Cybersecurity researchers have disclosed a new backdoor program capable of stealing user login credentials, device information and executing arbitrary commands on Linux systems. The malware dropper has been dubbed “Facefish” by Qihoo 360 NETLAB team owing its capabilities to deliver different rootkits at different times and the use of Blowfish cipher to encrypt communications to

Cybersecurity researchers from FireEye unmasked additional tactics, techniques, and procedures (TTPs) adopted by Chinese threat actors who were recently found abusing Pulse Secure VPN devices to drop malicious web shells and exfiltrate sensitive information from enterprise networks. FireEye’s Mandiant threat intelligence team, which is tracking the cyberespionage activity under two threat clusters UNC2630 and UNC2717,

The Uyghur community located in China and Pakistan has been the subject of an ongoing espionage campaign aiming to trick the targets into downloading a Windows backdoor to amass sensitive information from their systems. “Considerable effort was put into disguising the payloads, whether by creating delivery documents that appear to be originating from the United

Cybersecurity researchers on Wednesday publicized the disruption of a “clever” malvertising network targeting AnyDesk that delivered a weaponized installer of the remote desktop software via rogue Google ads that appeared in the search engine results pages. The campaign, which is believed to have begun as early as April 21, 2021, involves a malicious file that

Severe security flaws uncovered in popular Visual Studio Code extensions could enable attackers to compromise local machines as well as build and deployment systems through a developer’s integrated development environment (IDE). The vulnerable extensions could be exploited to run arbitrary code on a developer’s system remotely, in what could ultimately pave the way for supply

Researchers on Tuesday disclosed a new espionage campaign that resorts to destructive data-wiping attacks targeting Israeli entities at least since December 2020 that camouflage the malicious activity as ransomware extortions. Cybersecurity firm SentinelOne attributed the attacks to a nation-state actor affiliated with Iran it tracks under the moniker “Agrius.” “An analysis of what at first

WhatsApp on Wednesday fired a legal salvo against the Indian government to block new regulations that would require messaging apps to trace the “first originator” of messages shared on the platform, thus effectively breaking encryption protections. “Requiring messaging apps to ‘trace’ chats is the equivalent of asking us to keep a fingerprint of every single

A team of security researchers from Google has demonstrated yet another variant of the Rowhammer attack that bypasses all current defenses to tamper with data stored in memory. Dubbed “Half-Double,” the new hammering technique hinges on the weak coupling between two memory rows that are not immediately adjacent to each other but one row removed.

Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges. “Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary

There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience,