Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 95

Mar 11, 2022

Millions of HP laptops, points of sale machines and servers affected by 16 critical vulnerabilities

Posted by in category: cybercrime/malcode

A report by cybersecurity firm Binarly points to the detection of 16 critical vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI), present in multiple HP enterprise devices. According to the researchers, threat actors can exploit these flaws to implant firmware capable of evading UEFI Secure Boot, Intel Boot Guard, and virtualization-based security measures.

Mar 11, 2022

3 XSS vulnerabilities in IBM Security QRadar SOAR: Update immediately

Posted by in category: cybercrime/malcode

Cybersecurity specialists reported the detection of multiple vulnerabilities in IBM Security QRadar SOAR. According to the report, successful exploitation of these flaws would allow the deployment of severe attack scenarios.

Below are brief descriptions of the reported flaws, in addition to their tracking keys and scorings assigned according to the Common Vulnerability Scoring System (CVSS).

Continue reading “3 XSS vulnerabilities in IBM Security QRadar SOAR: Update immediately” »

Mar 11, 2022

Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times

Posted by in category: cybercrime/malcode

Hackers abuse Mitel devices to perform high-impact amplification attacks to stage massive DDoS attacks with a record-breaking amplification ratio.


Researchers have discovered three critical vulnerabilities in APC Smart-UPS.

Mar 11, 2022

Critical Bugs Could Let Attackers Remotely Hack, Damage APC Smart-UPS Devices

Posted by in category: cybercrime/malcode

Researchers have discovered three critical vulnerabilities in APC Smart-UPS.

Mar 11, 2022

The Incident Response Plan — Preparing for a Rainy Day

Posted by in category: cybercrime/malcode

Just as it wasn’t raining when Noah built the ark, companies must face the fact that they need to prepare — and educate the organization on — a well-thought-out response plan if a successful cyberattack does occur. Obviously, the worst time to plan your response to a cyberattack is when it happens.

With so many companies falling victim to cyberattacks, an entire cottage industry of Incident Response (IR) services has arisen. Thousands of IR engagements have helped surface best practices and preparedness guides to help those that have yet to fall victim to a cyberattack.

Recently, cybersecurity company Cynet provided an Incident Response plan Word template to help companies plan for this unfortunate occurrence.

Mar 11, 2022

AI: Hacking without Humans How Can Human Brains Be Hacked?

Posted by in categories: cybercrime/malcode, policy, privacy, robotics/AI

Anthony J. Ferrante, Global Head of Cybersecurity and Senior Managing Director, FTI Consulting, Inc.

Artificial intelligence (AI) models are built with a type of machine learning called deep neural networks (DNNs), which are similar to neurons in the human brain. DNNs make the machine capable of mimicking human behaviors like decision making, reasoning and problem solving. This presentation will discuss the security, ethical and privacy concerns surrounding this technology. Learning Objectives:1: Understand that the solution to adversarial AI will come from a combination of technology and policy.2: Learn that coordinated efforts among key stakeholders will help to build a more secure future.3: Learn how to share intelligence information in the cybersecurity community to build strong defenses.

Mar 9, 2022

Samsung says hackers breached company data and source code for Galaxy smartphones

Posted by in categories: cybercrime/malcode, mobile phones

Samsung said on Monday that hackers breached its internal company data, gaining access to some source codes of Galaxy-branded devices like smartphones.

The statement from the South Korean electronics giant comes after hacking group Lapsus$ claimed over the weekend via its Telegram channel that it has stolen 190 gigabytes of confidential Samsung source code.

Samsung did not name any specific hackers in its statement nor what precise data was stolen.

Mar 8, 2022

Elon Musk Says SpaceX Is So Busy With Ukraine That It’ll Delay Starship

Posted by in categories: cybercrime/malcode, Elon Musk, internet, satellites

Welp, Starship is delayed yet again.

SpaceX CEO Elon Musk tweeted on Friday that there would be “slight delays” ahead for the company’s experimental Mars-bound spacecraft. To blame, the billionaire said, was SpaceX having to dedicated more resources to fighting escalating cyber attacks on Starlink satellites by Russia after the space company sent Ukraine a shipment of its internet terminals.

Starship’s first launch has been delayed numerous times now, with much of it due to pending regulatory approval from the Federal Aviation Administration (FAA). However, this latest instance comes amidst a time of geopolitical turmoil caused by Russia’s invasion of Ukraine.

Mar 7, 2022

Leaked Nvidia Code-Signing Certificate Now Being Used by Malware

Posted by in category: cybercrime/malcode

Two such certificates were part of the Nvidia hack attack haul we reported on last week.


Among all the sensitive hardware and driver data spilled by hacking extortion group Lapsus$, there were some expired but still usable Nvidia code-signing certificates.

Mar 6, 2022

2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP!

Posted by in category: cybercrime/malcode

Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild.

Tracked as CVE-2022–26485 and CVE-2022–26486, the zero-day flaws have been described as use-after-free issues impacting the Extensible Stylesheet Language Transformations (XSLT) parameter processing and the WebGPU inter-process communication (IPC) Framework.

Page 95 of 220First9293949596979899Last