Five high-severity security flaws in Dell's firmware update driver are impacting potentially hundreds of millions of Dell desktops, laptops, notebooks and tablets, researchers said. The bugs have gone undisclosed for 12 years, and could allow the ability to bypass security products, execute code and pivot to other parts of the network for lateral movement, according to SentinelLabs. READ MORE...
Thousands of Amazon employees, including those who developed private-label goods for the e-commerce giant, enjoyed years of access to sensitive third-party seller data, according to a new report. An internal audit in 2015 traced the issue to lax security protocols, including the use of a tool called "spoofer access," which allowed Amazon employees to view and edit accounts as sellers. The employees had access to profile information, inventory levels, product pricing, and even the ability to cancel orders. READ MORE...
Cloud comms platform Twilio has confirmed its private GitHub repositories were cloned after it became the latest casualty of the compromised credential-stealing Codecov script. Codecov, a cloud-based tool for assessing how much code is covered by software tests, revealed last month that a script called Bash Uploader had been altered by a criminal to export secrets stored in environmental variables to a third-party server. READ MORE...
Two waves of global financial phishing attacks that swamped at least 50 organizations in December have delivered three new malware families, according to a report from FireEye's Mandiant cybersecurity team. On Tuesday, the team said that they've dubbed the hitherto-unseen malware strains Doubledrag, Doubledrop, and Doubleback. What Mandiant called the "trifecta" spear-phishing campaign twice hit a wide swath of industries worldwide. READ MORE...
Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization's own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user's emails and files, both of which are then plundered to launch malware and phishing scams against others. READ MORE...
When normal computer users fall into the nasty habit of recycling passwords, the result is most often some type of financial loss. When cybercriminals develop the same habit, it can eventually cost them their freedom. Our passwords can say a lot about us, and much of what they have to say is unflattering. And yes, hackers get their passwords compromised at the same rate as the rest of us. READ MORE...
Since 2018, an almost endless series of attacks broadly known as Spectre has kept Intel and AMD scrambling to develop defenses to mitigate vulnerabilities that allow malware to pluck passwords and other sensitive information directly out of silicon. Now, researchers say they've devised a new attack that breaks most-if not all-of those on-chip defenses. READ MORE...
Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors. An advisory from Qualys documents a total of 21 security vulnerabilities, 10 serious enough to expose Exim mail servers to remote code execution attacks. Qualys said it reported the flaws to Exim since last October and noted that some of the vulnerabilities have been present in Exim since at least 2004, Qualys warned. READ MORE...