Malware

Attackers exploiting critical flaw in many Zoho ManageEngine products

Users of on-premises deployments of Zoho ManageEngine products should make sure they have patches applied for a critical remote code execution vulnerability that attackers have now started exploiting in the wild. Technical details about the flaw along with a proof-of-concept exploit was released late last week, which will allow more attackers to add this exploit to their arsenal. “The vulnerability is easy to exploit and a good candidate for attackers to ‘spray and pray’ across…

Read More

Ad Fraud Campaign Targeted Over 11 Million Devices

“It doesn’t stop with the stacked ads, though. For as many of those as might be rendering on a user’s device at once, they keep loading new ads until the ad slot with the malicious ad code is closed. The actors behind the VASTFLUX scheme clearly have an intimate understanding of the digital advertising ecosystem,” stated the company. In order to mislead both the advertising companies and the applications that display adverts, the campaign also…

Read More

FanDuel Warns of Data Breach After Customer Info Stolen in Vendor Hack

Individuals who have been compromised by this breach should change login information immediately. FanDuel allows for multi-factor authentication (MFA), which should be enabled on any active account. Phishing attacks are likely to occur after this type of information is stolen. FanDuel users that have been notified of a data breach should remain vigilant for future phishing attacks. Many account compromises are caused by using the same credentials across numerous sites. If one site is breached,…

Read More

Canadian Energy Provider Qulliq Suffers Data Breach

With investigations still pending, Qulliq customers should remain vigilant. Regularly checking bank and credit card statements that may have been used on the company’s site is advised. Changing the password to QEC accounts, as well as anywhere else that login combination was used, is suggested as well. It is good news that QEC had an incident response plan in place, as many companies still do not. The investigation results will provide more information to the…

Read More

US Supreme Court leak investigation highlights weak and ineffective risk management strategy

The Supreme Court of the United States (SCOTUS) has announced that its investigation to find the insider who leaked a draft opinion of the Dobbs v. Jackson Women’s Health Org. decision to media outlet Politico has come up empty. In a nutshell, the court’s insider risk management program, designed to protect the information the justices handle on a daily basis, failed—and failed miserably. Frankly, based on the findings of the report, the court’s insider risk…

Read More

The metaverse brings a new breed of threats to challenge privacy and security gatekeepers

The metaverse is coming; businesses and government agencies are already building virtual worlds to support city services, meetings and conferences, community building, and commerce. They’re also rendering spatial apps around travel, car sales, manufacturing, and architecture in what Citi predicts will be a $13-trillion market with 5 billion users by 2030. “Just as the internet, e-commerce, social media, smartphones, and remote computing have in the past two decades changed the ways companies operate and reach…

Read More

Drupal Releases Security Advisories to Address Multiple Vulnerabilities

Original release date: January 20, 2023 Drupal has released security advisories to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to access sensitive information. CISA encourages users and administrators to review Drupal’s security advisories SA-CORE-2023-001, SA-CONTRIB-2023-002, SA-CONTRIB-2023-003, and SA-CONTRIB-2023-004 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Read More

Wallarm touts API leak protection with new scanning feature

API security company Wallarm announced Frdiay that it had opened a preview period for its newest offering — an active scanning system that checks through public sources of compromised API data, alerts users, and provides automated responses if a compromise is detected. The API Leak Protection feature, which will be deployed via Wallarm’s existing End-to-End API Security platform, takes advantage of that platform’s inventory of a given organization’s APIs. The system checks those APIs against…

Read More

Cisco Releases Security Advisory for Unified CM and Unified CM SME

Original release date: January 20, 2023 Cisco released a security advisory for a vulnerability affecting Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME). A remote attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the advisories and apply the necessary updates. This product is provided subject to…

Read More

New ‘Hook’ Android Malware Lets Hackers Remotely Control Devices

Android apps are constantly being used by threat actors because of the availability of third-party app stores and the lack of strict app guidelines for apps published within those stores. Android users should only download apps through the official Google Play Store and only from trusted developers. https://www.bleepingcomputer.com/news/security/new-hook-android-malware-lets-hackers-remotely-control-your-phone/

Read More