attacks Archives - Page 9 of 11 - Cyber Security Minute

WhatsApp fix goes live after targeted attack on human rights lawyer

Issued by: Blog Malwarebytes

If you use WhatsApp, you’ll want to update both app and device as soon as possible due to a freshly-discovered exploit. The vulnerability was found in Google Android, Apple iOS, and Microsoft Windows Phone builds of the app. Unlike many mobile attacks, potential victims aren’t required to install or click on anything—they may not even…

Vulnerabilities

When Every Attack Is a Zero Day

Issued by: Dark Reading

The collective efforts of hackers have fundamentally changed the cyber defense game. Today, adversarial automation is being used to create and launch new attacks at such a rate and volume that every strain of malware must now be considered a zero day and every attack considered an advanced persistent threat. That’s not hyperbole. According to…

Vulnerabilities

There May be A Ceiling on Vulnerability Remediation

Issued by: Dark Reading

Security has no shortage of metrics — everything from the number of vulnerabilities and attacks to the number of bytes per second in a denial-of-service attack. Now a new report focuses on how long it takes organizations to remediate vulnerabilities in their systems — and just how many of the vulnerabilities they face they’re actually…

Application Security

4 Ways At-Work Apps Are Vulnerable to Attack

Issued by: Dark Reading

They haven’t completely replaced phone calls or email, but communication and collaboration apps are becoming increasingly popular. For workers today, who are in and out of the office, working on the go, with multiple team members, it’s all about convenience and ease of use. Many rely on Slack, Google Hangouts, Box, SharePoint, and other applications…

Vulnerabilities

Healthcare email fraud: Attack attempts jump 473% over two years

Issued by: Help Net Security

Proofpoint found that healthcare organisations were targeted in 96 email fraud attacks on average in Q4 2018 – a 473 percent jump from Q1 2017. More than half of these organisations (53 percent) were attacked more often, with incidents up between 200 and 600 percent during the two-year period. Researchers analysed more than 160 billion…

Malware & Threats

What do successful pentesting attacks have in common?

Issued by: Help Net Security

In external penetration testing undertaken for corporate clients in industrial, financial, and transport verticals in 2018, Positive Technologies found that, at the vast majority of companies, there were multiple vectors in which an attacker could reach the internal network. Full control of infrastructure was obtained on all tested systems in internal pentesting. In addition, the…

Malware & Threats

Cybercriminals Exploit Gmail Feature to Scale Up Attacks

Issued by: Dark Reading

Some cybercriminals are taking advantage of a long-standing feature in Google Gmail designed to enhance account security, to create multiple fraudulent accounts on various websites quickly and at scale, security vendor Agari said this week. The feature, which some have warned about previously, basically ensures that all dotted variations of a Gmail address belong to…

Malware & Threats

Massive DDoS Attack Generates 500 Million Packets per Second

Issued by: Dark Reading

Distributed denial-of-service (DDoS) c do not have to be bandwidth-intensive to be disruptive and hard to mitigate. Earlier this month, Imperva mitigated an attack against one of its clients that exceeded 500 million packets per second, making it possibly the largest DDoS attack by packet volume ever recorded. The January 10 attack was a so-called…

Vulnerabilities

Code Execution Vulnerability Impacts Linux Package Manager

Issued by: Security Week

Tracked as CVE-2019-3462, the software bug could be exploited by hackers able to perform network man-in-the-middle (MitM) attacks to inject content and have it executed on the target machine with root privileges. Malicious package mirrors can also exploit the bug. “The code handling HTTP redirects in the HTTP transport method doesn’t properly sanitize fields transmitted…

Malware & Threats

773 Million Email Addresses, 21 Million Passwords For Sale on Hacker Forum

Issued by: Dark Reading

A folder with over 12,000 files containing nearly 773 million email addresses and over 21 million unique passwords from numerous previous data breaches — some potentially dating back to 2008 — has been posted online in another massive leak of credential data. Security researcher Troy Hunt discovered the 87 GB worth of data on cloud…