Vulnerabilities Archives - Page 39 of 85

Sprite Spider emerging as one of the most destructive ransomware threat actors

Issued by: CSO

At the recent SANS Cyber Threat Intelligence Summit, two CrowdStrike cybersecurity leads, Senior Security Researcher Sergei Frankoff and Senior Intelligence Analyst Eric Loui, offered details on an emerging major ransomware actor they call Sprite Spider. Like many other ransomware attackers, the gang behind Sprite Spider’s attacks has grown rapidly in sophistication and damage capacity since…

Network Security, Vulnerabilities

Attacks on Individuals Fall as Cybercrime Shifts Tactics

Issued by: Security Week

The nonprofit, which supports victims of identity crime, found that the number of U.S. data breaches fell 19% in 2020 to 1,108. But the number of individual victims of such cybercrimes fell 66% compared with the year prior. Ransomware and phishing attacks are now the preferred form of data theft because they require less effort…

Network Security, Vulnerabilities

Unemployment Fraud – Preying on Those Most in Need

Issued by: Security Week

The Covid-19 pandemic has been raging for nearly a year now. With the pandemic has come a tremendous amount of uncertainty. Many of us wonder when we will be able to return to normal life, when we will be able to see family and friends, and when we might resume those everyday activities we used…

Malware & Threats, Vulnerabilities

Fake copyright violation notice aimed at stealing Facebook accounts

Issued by: Kaspersky Blog

The latest phishing campaign aimed at stealing Facebook accounts is gathering momentum. Users are receiving mass e-mails threatening bans for copyright violation. The aim is to steal the users’ login credentials. We explain the anatomy of the new scheme and how not to swallow the bait. Who, me? The message says something like: “Your Facebook…

Cloud Security, Vulnerabilities

SCM market to reach $2.2B in total web and email security revenues by 2024

Issued by: Help Net Security

The Secure Content Management (SCM) market is expected to achieve an 11.4% compound annual growth rate to reach $2.2 billion in total web and email security revenues by 2024, according to Frost & Sullivan. Cloud-based deployments are projected to lead growth as more enterprises move their emails to the cloud and rely on the internet,…

Vulnerabilities

How much is a vulnerability worth?

Issued by: Help Net Security

As part of its crowdsourced security program, Zoom has recently increased the maximum payout for vulnerabilities to $50,000. Such figures make great headlines and attract new talent in search of the big bucks, but here is a question that begs to be answered: how much is a vulnerability worth? I have previously found several bugs…

Application Security, Vulnerabilities

Bugs in Signal, other video chat apps allowed attackers to listen in on users

Issued by: Help Net Security

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed. Searching for bugs in video chat apps In early…

Vulnerabilities

Over 70 Vulnerabilities Will Remain Unpatched in EOL Cisco Routers

Issued by: Security Week

A total of 68 high-severity flaws were identified in Cisco’s Small Business RV110W, RV130, RV130W, and RV215W routers, but the company says patches won’t be released, because these devices have reached end-of-life (EOL). The last day for software maintenance releases and bug fixes was December 1, 2020. The security bugs exist because user-supplied input to…

Vulnerabilities

SOC analysts overloaded, but role more important than ever

Issued by: Help Net Security

Organizations are spending more to account for widespread security operation center (SOC) challenges including growing security management complexity, increasing analyst salaries, security engineering and management outsourcing costs, yet are still dissatisfied with the outcomes, Ponemon Institute and FireEye reveal. Companies are also boosting investments in new SOC tools like Extended Detection and Response (XDR) and…

Vulnerabilities

The future history of medical device cybersecurity

Issued by: Help Net Security

In 1555, Nostradamus published his famous Les Prophéties containing obfuscated prophecies for the world to come. Some believe that one of these predictions pertains to the year 2020 and it reads, in part: “The false trumpet concealing madness / will cause Byzantium to change its laws.” Yeah… I have no idea what that means either!…