Latest news about information security vulnerabilities, threats, incidents and events
Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.
You can get evidence of this fact from the news below.
Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.
Biden administration appoints Chris DeRusha as federal CISO | TheHill - The Hill
The Biden administration has picked Chris DeRusha, the former top cyber official on the Biden campaign, to fill the role of federal chief information security officer. DeRusha’s appointment, first reported by CyberScoop, was made public on his LinkedIn profile on Monday night, and confirmed by...
Posted on 27 January 2021 1:27 am with tags: iso 27001 pdf
US Intelligence Analyst Given Stiff Prison Sentence For Trying To Pass Information To Russia
) — A U.S. intelligence analyst has been sentenced to for kidnapping and stealing national-security materials with the intent of selling them to Russia. The U.S. Department of Justice on January 25 that Elizabeth Shirley of West Virginia, was sentenced “to 97 months of incarceration for unlawfully...
Posted on 27 January 2021 1:01 am with tags: penetration testing services
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...
Posted on 27 January 2021 12:21 am with tags: attack simulator
Apple patches a trio of security bugs that were ‘actively exploited’ with iOS 14.4
Earlier today, Apple released iOS 14.4 to the public. While the new software adds some worthwhile features, it appears it also patches some potentially serious security bugs in the mobile OS. was the first to note the change...
Posted on 26 January 2021 10:31 pm
NA - CVE-2020-8292 - Rocket.Chat server before 3.9.0 is vulnerable...
This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary
Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes...
Posted on 26 January 2021 8:46 pm with tags: aws security training
Biden raises Navalny arrest, Russian hacking in first call with Putin
U.S. President Joe Biden had his first call with Vladimir Putin on Tuesday, raising concerns about the arrest of opposition figure Alexei Navalny while pressing the Russian president on his nation’s involvement in a massive cyberespionage campaign and bounties on American troops in Afghanistan, two senior administration officials said...
Posted on 26 January 2021 8:07 pm with tags: aws traffic mirroring
Man arrested after UK school finds wiped hard drives on devices connected to network
Gareth Corfield reports: A 28-year-old has been arrested after allegedly carrying out what police have labelled a “sophisticated cyber attack” on a school. The unnamed man is suspected of disrupting Welland Park Academy in Market Harborough, Leicestershire, England...
Posted on 26 January 2021 6:36 pm with tags: best penetration testing company
Palo Alto Networks Gets FedRAMP Approval for Three Data Security Products
has added three cloud products to its suite of government-approved offerings under the Federal Risk and Authorization Management Program. The Palo Alto Networks Government Cloud Services now includes the Prisma Cloud, Cortex XDR and Cortex Data Lake platforms that have received moderate FedRAMP...
Posted on 26 January 2021 6:08 pm with tags: black box penetration testing steps
DIU Taps CounterCraft to Help Deploy, Mature Threat Intell Prototype
The Defense Innovation Unit has awarded threat intelligence technology maker CounterCraft an other transaction agreement to mature the company’s counterintelligence tool in an effort to improve the CounterCraft said Monday its Cyber Deception Platform is intended to operate in complex deception...
Posted on 26 January 2021 6:08 pm with tags: black box security testing
Former LulzSec Hacker Releases VPN Zero-Day Used to Hack Hacking Team
The vulnerabilities underlying this exploit are patched, according to SonicWall. “The vulnerability that this post is referencing was patched in 2015 in SMA 22.214.171.124. It cannot be exploited in version 9 or 10,” a SonicWall spokesperson said in an email...
Posted on 26 January 2021 6:04 pm
Mimecast links security breach to SolarWinds hackers
Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month. "Our investigation has now confirmed that this incident is related to the SolarWinds Orion software compromise and was...
Posted on 26 January 2021 5:25 pm with tags: computer security outsourcing services
Report: Channel Partners’ Customers See Downward Trend in Phishing, Malware/Virus, and Ransomware Attacks
Report: Channel Partners’ Customers See Downward Trend in Phishing, Malware/Virus, and Ransomware Attacks.
Channel Partners Predict Cybersecurity Spending to Increase Due to News Cycle Covering Major Cyber Attacks...
Posted on 26 January 2021 4:33 pm with tags: cyber security consultant job description
North Korea Targets Security Researchers in Elaborate 0-Day Campaign
Hackers linked to North Korea are targeting security researchers with an elaborate social-engineering campaign that sets up trusted relationships with them — and then infects their organizations’ systems with custom backdoor malware...
Posted on 26 January 2021 3:59 pm with tags: cyber security consulting services
Australia's financial watchdog ASIC hit by cyber attack - 9News
Australia's chief financial watchdog has announced it was hit by a cyber attack almost two weeks ago that may have allowed criminals to access credit licence applications.
In a statement, the Australian Securities and Investments Commission (ASIC) said it became aware of the incident on January 15...
Posted on 26 January 2021 2:52 pm with tags: grey box penetration testing definition
WordPress security & hardening, the definitive guide
WordPress is massively popular. Around every one in five sites on the Internet uses WordPress in some form. Be that to run a humble blog, or a multi-site Content Management System (CMS) or eCommerce site...
Posted on 26 January 2021 1:33 pm with tags: information consulting
WhatsApp Malware: Users Warned of a Malicious Message Going Around the App
WhatsApp Malware Spreading. According to the Daily Express , the malware campaign is devised to help hackers earn money by spamming your device with ads and then hacking your phone into sending the same malicious message to people on your contacts, making it spread easily like wildfire...
Posted on 26 January 2021 1:25 pm with tags: is consulting
TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?
October 2020 saw the TrickBot Trojan, a prominent cybercrime gang’s tool of choice, suffer a takedown attempt by security vendors and law enforcement. Unfortunately, the takedown was not effective, and beyond coming back to life shortly after, TrickBot’s operators released a new and more persistent version of the malware...
Posted on 26 January 2021 1:09 pm
TikTok fixes privacy issue discovered by Check Point Research
Read the original article: TikTok fixes privacy issue discovered by Check Point Research In recent months, Check Point Research teams discovered a vulnerability within the TikTok mobile application’s friend finder feature: a vulnerability that if exploited would have enabled an attacker to access...
Posted on 26 January 2021 12:59 pm with tags: iso 27001 access control policy
Cook County Leaks 320,000 Court Records
Over 320,000 court records belonging to the second most populous county in the US have been discovered sitting on a misconfigured online database. Security researcher Jeremiah Fowler and a team from Website Planet soon found that the data was all from Cook County, Illinois, which is home to America’s third-largest city, Chicago...
Posted on 26 January 2021 12:54 pm with tags: iso 27001 annex a
TikTok Bug Could Have Exposed Users’ Profile Data and Phone Numbers
Cybersecurity researchers on Tuesday disclosed a now-patched security flaw in TikTok that could have potentially enabled an attacker to build a database of the app’s users and their associated phone numbers for future malicious activity...
Posted on 26 January 2021 12:28 pm with tags: iso 27001 case study
TikTok patched an exploit that could've let attackers steal user phone numbers
and threats of a ban by the former Trump administration. That effort appears to have paid dividends, as it recently fixed a serious flaw discovered by the security firm Check Point Research. The vulnerability would have allowed attackers to use the app’s “Friend Finder” feature to steal users’...
Posted on 26 January 2021 12:00 pm with tags: iso 27001 pdf 2019
North Korean hackers are targeting security researchers via social media
An ongoing cyber-espionage campaign is targeting security experts involved in vulnerability research and development at different companies and organizations, Google’s Threat Analysis Group has warned in its new The attackers behind this campaign, attributed by TAG to a “government-backed entity...
Posted on 26 January 2021 8:53 am with tags: iso 27001 vulnerability management
Georgetown County computer network down after cyber attack - Live 5 News WCSC
GEORGETOWN, S.C. (WCSC) - Georgetown County leaders say a “major infrastructure breach” over the weekend is affecting most of the county’s electronic systems.
County emails are affected, the county said in a Facebook post...
Posted on 26 January 2021 7:18 am
2020 Data Breaches Set Cybersecurity Tone for New Year - Governing
2020 Data Breaches Set Cybersecurity Tone for New Year As the COVID-19 pandemic grabbed 2020 headlines, the list of data breaches in government and the private sector quietly grew. And then came SolarWinds...
Posted on 26 January 2021 7:18 am with tags: nist penetration testing
Phone numbers of nearly 500 million Facebook users up for sale via Telegram bot
Mobile phone numbers of nearly 500 million Facebook users are up for sale via a Telegram bot, according to a report by Motherboard. The data includes numbers of around 6 lakh Indian users, according to security researcher Alon Gal, who first highlighted the problem on his Twitter account...
Posted on 26 January 2021 7:10 am with tags: outsourcing cybersecurity
North Korea infected infosec bods with backdoors via dodgy blog pages, Visual Studio files – Google (email@example.com (Iain Thomson)/The Register)
North Korea infected infosec bods with backdoors via dodgy blog pages, Visual Studio files – Google.
Security eggheads discover their PCs chatting with Kim Jong Un's hackers. North Korea's hackers homed in on specific infosec researchers and infected their systems with a backdoor after luring them...
Posted on 26 January 2021 6:21 am with tags: penetration hacking
A Look at the Legal Consequence of a Cyber Attack
Is your system 100% ready to face the severest cyber-attack and mitigate the risk of a possible data breach ? If you are unsure about your cyber-safety structure, then it’s time to upgrade it. Otherwise, you could be at risk of lengthy legal battles that result in hefty fines...
Posted on 26 January 2021 6:15 am with tags: penetration scanning
N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches
by January 26, 2021. GIXnews Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development...
Posted on 26 January 2021 6:04 am with tags: penetration testing approach
Cyber Incident Knocks Construction Firm Palfinger Offline
The cyber incident notification posted to Palfinger's website. The Austrian construction equipment manufacturing firm Palfinger AG reports being hit with a cyberattack that has knocked the majority of its worldwide IT infrastructure offline...
Posted on 26 January 2021 12:26 am with tags: penetration testing black box
EntornoInteligente | Voting machine maker sues Trump lawyer Giuliani for defamation
WASHINGTON, United States (AFP)— A voting machine manufacturer sued Rudy Giuliani , the lawyer for former US president Donald Trump , on Monday after he claimed the company had cost Trump last November’s election...
Posted on 25 January 2021 10:41 pm
DDoS Attackers Exploit Vulnerable Microsoft RDP Servers
Threat actors are exploiting vulnerable Microsoft Remote Desktop Protocol servers to amplify various distributed denial-of-service attacks, according to a report from application and network performance firm
See Also: 2021: The Cyber-Attack Outlook Netscout researchers have identified about 33,000...
Posted on 25 January 2021 7:24 pm with tags: penetration testing is
In this write-up, I will detail my walkthrough on exploiting a vulnerable HTTP web server with a non-executable stack using the return-to-libc attack. In addition, the exploit will leverage the Return-Oriented Programming (ROP) technique to chain gadgets found in the libc to (1) invoke mprotect() to...
Posted on 25 January 2021 6:07 pm with tags: penetration testing report template
CISA: HPH Cyber Threat Insights, Ransomware Reduction Campaign - HealthITSecurity.com
Posted on 25 January 2021 4:12 pm with tags: penetration testing solutions
Russian Hack of US Agencies Exposed Supply Chain Weaknesses
Instead, they got inside by sneaking malicious code into a software update pushed out to thousands of government agencies and private companies. It wasn’t surprising that hackers were able to exploit vulnerabilities in what’s known as the supply chain to launch a massive intelligence gathering operation...
Posted on 25 January 2021 3:17 pm with tags: penetration testing test cases
Australia's Securities Regulator Suffers Security Breach Affecting File Transfer Server
(Reuters) - Australia’s securities regulator said on Monday there was a cyber security breach at a server it used to transfer files including credit licence applications where some information may have been viewed...
Posted on 25 January 2021 2:23 pm with tags: penetration testing types
Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked
Read the original article: Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users...
Posted on 25 January 2021 12:49 pm
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions
Posted on 25 January 2021 12:25 pm with tags: pentesting execution standard
Russian Government Agency Warns Firms of US Attack
The Russian government has issued cybersecurity guidance to businesses in the country after claiming they are at risk of US reprisals for the recent SolarWinds attacks. The alert came late last week from the National Coordination Center for Computer Incidents (NKTsKI), an agency created in 2018 by KGB successor the Federal Security Service (FSB)...
Posted on 25 January 2021 12:18 pm with tags: professional security services
Pen Testing By Numbers: Tracking Pen Testing Trends and Challenges
Over the years, penetration testing has had to change and adapt alongside the IT environments and technology that need to be assessed. Broad cybersecurity issues often influence the strategy and growth of pen-testing...
Posted on 25 January 2021 9:04 am with tags: secure development policy iso 27001
NIST Cybersecurity Framework – The Key to Critical Infrastructure Cyber Resiliency
Read the original article: NIST Cybersecurity Framework – The Key to Critical Infrastructure Cyber Resiliency In the digital age, organizations and the missions and business processes they support rely on information technology and information systems to achieve their mission and business objectives...
Posted on 25 January 2021 6:47 am with tags: security outsourcing
4 Steps for Assessing Your NERC CIP Compliance Program
4 Steps for Assessing Your NERC CIP Compliance Program.
The North American Electric Reliability Corporation Critical Infrastructure Protection ( NERC CIP) Standards are a cybersecurity compliance framework designed to protect utility organizations...
Posted on 25 January 2021 6:05 am with tags: security penetration test
Biden hires ‘world class’ cybersecurity team after massive hack
United States President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defence officials and investigators as the US government works to recover from one of the biggest hacks of its agencies attributed to Russian spies [Jonathan...
Posted on 25 January 2021 6:02 am with tags: ukraine cybersecurity
Google Drive Filled With Thousands of Explicit, Pirated Content from Cybercriminals and Pirates, Including Malware
Thousands of Explicit and Illegal Content Found. In a report by Business Insider , thousands of explicit and illegal content have been stored and are circulating around the storage service in zipped compressed files, according to independent cybersecurity researcher Rajshekhar Rajaharia...
Posted on 24 January 2021 5:50 pm
SonicWall Investigating Zero-Day Attacks Against Its Products
A zero-dat attack is affecting SonicWall's SMA 100 series gateway products (Source: SonicWall) Security vendor SonicWall is investigating what the company calls a "coordinated attack" against its internal network by threat actors using a zero-day exploit within the company's remote access products...
Posted on 24 January 2021 4:34 pm with tags: wireless penetration testing
Vigil@nce - MongoDB Server: assertion error, analyzed on 24/11/2020
Synthesis of the vulnerability An attacker can force an assertion error of MongoDB Server, in order to trigger a denial of service. Vulnerable products:
Severity of this weakness: 2/4. Creation date: 24/11/2020...
Posted on 24 January 2021 12:38 pm with tags: underdefennce
AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Original release date: January 8, 2021. Summary. This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...
Posted on 8 January 2021 4:36 pm with tags: 27001 iso 2013 controls
AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
Original release date: December 17, 2020 | Last revised: January 7, 2021. Summary. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat (APT) actor beginning in at least March 2020...
Posted on 17 December 2020 3:00 pm with tags: blockchain cyber security service
AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
Original release date: December 10, 2020. Summary. This Joint Cybersecurity Advisory was coauthored by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC)...
Posted on 10 December 2020 5:00 pm with tags: cis benchmarks internet exploroer adobe flash
AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
Original release date: December 1, 2020. Summary. This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques...
Posted on 1 December 2020 6:00 pm
AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
Original release date: October 30, 2020 | Last revised: November 3, 2020. Summary. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework...
Posted on 30 October 2020 6:11 pm with tags: cyber security operation center as a service
AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector
Original release date: October 28, 2020 | Last revised: November 2, 2020. Summary. This advisory was updated to include information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection...
Posted on 28 October 2020 11:07 pm with tags: cybersecurity incident remediation software
AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky
Original release date: October 27, 2020. Summary. This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques...
Posted on 27 October 2020 5:00 pm with tags: infrastructure testing services
AA20-296B: Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems
Original release date: October 22, 2020. Summary. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U...
Posted on 22 October 2020 4:00 pm with tags: iso 27000 shared passwords
AA20-296A: Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets
Original release date: October 22, 2020 | Last revised: December 1, 2020. Summary. This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework...
Posted on 22 October 2020 12:44 pm with tags: iso 27001 management software
AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
Original release date: October 9, 2020 | Last revised: October 24, 2020. Summary. This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework...
Posted on 9 October 2020 8:21 pm with tags: iso 27001 rights management
Robot Motion Servers
This Alert contains a public report of a Remote Code Execution vulnerability affecting robot motion servers written in OEM exclusive programming languages running on the robot controller.
Posted on 4 August 2020 2:10 pm
This ALERT details vulnerabilities in SweynTooth's Bluetooth Low Energy (BLE) proof-of-concept (PoC) exploit code. This report was released without coordination with some of the affected vendors and without advance coordination with CISA...
Posted on 3 March 2020 3:20 pm with tags: iso 27001 system acquisition development and maintenance
Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU (Update A)
This updated alert is a follow-up to the original alert titled ICS-ALERT-19-225-01 Mitsubishi Electric smartRTU and INEA ME-RTU that was published August 13, 2019, on the ICS webpage on us-cert.gov. CISA is aware of a public report of a proof-of-concept (PoC) exploit code vulnerability affecting Mitsubishi Electric smartRTU devices...
Posted on 10 September 2019 2:30 pm with tags: mac anitmalware
CAN Bus Network Implementation in Avionics
CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft...
Posted on 30 July 2019 1:00 pm with tags: outsourcing cyber security risks
DICOM Standard in Medical Devices
NCCIC is aware of a public report of a vulnerability in the DICOM (Digital Imaging and Communications in Medicine) standard with proof-of-concept (PoC) exploit code. The DICOM standard is the international standard to transmit, store, retrieve, print, process, and display medical imaging information...
Posted on 11 June 2019 4:15 pm with tags: penetration test pentest
Meltdown and Spectre Vulnerabilities (Update J)
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website.
Posted on 11 January 2018 5:51 pm with tags: recommandation iso 27001 network security
NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port...
Posted on 7 December 2017 9:11 pm
Eaton ELCSoft Vulnerabilities
NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, identified that an attacker can leverage these vulnerabilities to execute arbitrary code in the context of the process...
Posted on 4 August 2017 7:11 pm with tags: security solutions for blockchain
CAN Bus Standard Vulnerability
NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard...
Posted on 28 July 2017 7:34 pm with tags: switch iso27001
CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers...
Posted on 25 July 2017 4:45 pm with tags: what is black box penetration testing