Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the company but from account compromise on other platforms. READ MORE...
If you're running the Cacti network monitoring solution and you haven't updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw (CVE-2022-46169). Cacti is an open-source front-end app for RRDtool, a system for logging and graphing time series data, i.e., data from sensors and systems that is recorded / collected at regular intervals to create an evolving picture of what one wants to monitor. READ MORE...
Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers. The availability of a decryptor comes only about half a year after increased activity from BianLian ransomware over the summer of 2022, when the threat group breached multiple high-profile organizations. READ MORE...
CircleCI said an unauthorized third-party leveraged malware on the laptop of one of its engineers to steal a valid 2FA-backed single-sign-on session, according to highly anticipated report stemming from a security incident disclosed earlier this month. The engineer's laptop was compromised on Dec. 16, but the company's antivirus software failed to detect the malware, the company said. READ MORE...
At $39.99 with a $3 coupon option for Amazon Prime members, the T95 Android 10.0 TV box might seem like a good value. But when an unsuspecting but cybersecurity-savvy customer ordered one up, he said it came "festooned" with malware - no extra charge. Daniel Milisic warned consumers in Reddit and GitHub posts that he just happened to have bought the box to run Pi-hole tracker blocking - and that he immediately made a startling discovery. READ MORE...
Three popular WordPress plugins with tens of thousands of active installations are vulnerable to high-severity or critical SQL injection vulnerabilities, with proof-of-concept exploits now publicly available. SQL injection is a website security flaw that allows attackers to input data into form fields or via URLs that modify legitimate database queries to return different data or modify a database. READ MORE...
Threat actors from ransomware group Royal are suspected to have exploited a critical vulnerability in two Citrix products in order to launch an attack against a small business in the U.S., according to researchers from At-Bay. The vulnerability, listed as CVE-2022-27510, allows an attacker to bypass authentication measures in the technology company's Application Delivery Controller and Gateway products. READ MORE...