A privilege escalation bug, affecting versions of Windows 10, received a workaround fix by Microsoft Wednesday to prevent attackers from accessing data and creating new accounts on compromised systems. The bug, dubbed SeriousSAM, affects the Security Accounts Manager (SAM) database in all versions of Windows 10. The SAM component in Windows houses user account credentials and network domain information - a juicy target for attackers. READ MORE...
China state hackers are compromising large numbers of home and office routers for use in a vast and ongoing attack against organizations in France, authorities from that county said. The hacking group-known in security circles as APT31, Zirconium, Panda, and other names-has historically conducted espionage campaigns targeting government, financial, aerospace and defense organizations. READ MORE...
Saudi Arabia's state oil giant acknowledged Wednesday that leaked data from the company - files now apparently being used in a cyber-extortion attempt involving a $50 million ransom demand - likely came from one of its contractors. The Saudi Arabian Oil Co., better known as Saudi Aramco, told The Associated Press that it "recently became aware of the indirect release of a limited amount of company data which was held by third-party contractors." READ MORE...
The United States' Federal Bureau of Investigation (FBI) has issued a warning about threat actors potentially attempting to disrupt the upcoming Tokyo 2020 Summer Olympics. It went on to warn that cybercriminals could utilize various flavors of cybercrime such as distributed denial of service (DDoS) attacks, ransomware, social engineering to derail the Olympic games. However, for now, there have been no signs of an attack targeting the popular sporting event. READ MORE...
Patches released this week by Dell for its OpenManage Enterprise product address multiple critical-severity vulnerabilities. A systems management and monitoring application, Dell OpenManage Enterprise provides administrators with a comprehensive view of Dell EMC servers, network switches, and storage in their environment. The most severe of these issues is CVE-2021-21564, an improper authentication vulnerability that could allow a remote attacker to "hijack an elevated session." READ MORE...
Apple this week started rolling out security updates for iOS, macOS, iPadOS, watchOS, tvOS, and Safari, to address tens of vulnerabilities, including some that could result in arbitrary code execution. A total of 37 security holes were resolved with the release of iOS 14.7 and iPadOS 14.7, including a recently detailed bug that attackers could exploit to crash the Wi-Fi functionality of vulnerable devices. READ MORE...
Atlassian is prompting its enterprise customers to patch a critical vulnerability in many versions of its Jira Data Center and Jira Service Management Data Center products. The vulnerability tracked as CVE-2020-36239 can give remote attackers arbitrary code execution abilities, due to a missing authentication flaw in Jira's implementation of Ehcache, an open-source component. READ MORE...
A credentials-stealing code bomb that uses legitimate password-recovery tools in Google's Chrome web browser was found lurking in the npm open-source code repository, waiting to be planted within the sprawling galaxy of apps that pull code from that source. Researchers caught the malware filching credentials from Chrome on Windows systems. The password-stealer is multifunctional: It also listens for incoming commands from the attacker's command-and-control (C2) server and can upload files. READ MORE...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products. Since at least June 2020, Pulse Secure devices at U.S. government agencies, critical infrastructure entities, and various private sector organizations have been the target of attacks from threat actors. READ MORE...