Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. federal agencies from using Kaspersky software, mandating its removal within 90 days.

Malware 256

Malware Antivirus Software DDOS 256

Schneier on Security

APRIL 23, 2025

Beyond such isolation at the software, network, and microarchitectural layers, a Guillotine hypervisor must also provide physical fail-safes more commonly associated with nuclear power plants, avionic platforms, and other types of mission critical systems.

Architecture 240

Architecture Software Healthcare Risk 240

Schneier on Security

FEBRUARY 13, 2025

DOGE personnel are also reported to be feeding Education Department data into artificial intelligence software, and they have also started working at the Department of Energy. But given that DOGE workers have already copied data and possibly installed and modified software, it’s unclear how this fixes anything.

Government 363

Government Artificial Intelligence Banking Software 363

Schneier on Security

APRIL 16, 2025

“CVE naming and assignment to software packages and versions are the foundation upon which the software vulnerability ecosystem is based,” Romanosky said. “Without it, we can’t track newly discovered vulnerabilities. We can’t score their severity or predict their exploitation.

CSO 321

CSO Government Software Cybersecurity 321

SecureList

APRIL 7, 2025

Such software enjoys the trust of monitoring tools and doesn’t raise suspicions. Attackers get round this protection mechanism by using legitimate drivers that have the right signature, but contain vulnerable functions that allow malicious actions in the context of the kernel. But what if a security solution performs unsafe activity?

Software 105

Software Encryption Malware Firmware 105

Schneier on Security

MAY 13, 2025

The case is over : A jury has awarded WhatsApp $167 million in punitive damages in a case the company brought against Israel-based NSO Group for exploiting a software vulnerability that hijacked the phones of thousands of users. I’m sure it’ll be appealed. Everything always is.

Software 204

Software Hacking 204

SecureList

APRIL 22, 2025

ViPNet is a software suite for creating secure networks. We determined that the backdoor was distributed inside LZH archives with a structure typical of updates for the software product in question. Impersonating a ViPNet update Our investigation revealed that the backdoor targets computers connected to ViPNet networks.

Software 80

Software Encryption Architecture Malware 80

Security Affairs

MAY 12, 2025

An attacker can exploit this vulnerability to install malicious software. Researcher MrBruh found that while it only accepts requests with an origin header set to driverhub.asus.com, a flawed wildcard match allowed requests from domains like driverhub.asus.com.mrbruh.com.

Software 81

Software Hacking Information Security 81

Schneier on Security

DECEMBER 17, 2024

. […] Because the vulnerability that allowed him to rewrite the plates’ firmware exists at the hardware level—in Reviver’s chips themselves—Rodriguez says there’s no way for Reviver to patch the issue with a mere software update. Instead, it would have to replace those chips in each display.

Firmware 276

Firmware Hacking Software 276

Schneier on Security

FEBRUARY 3, 2025

Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks. ” It is not clear who was behind the attack.

Spyware 275

Spyware Government Hacking Software 275

Adam Shostack

JANUARY 2, 2025

Software on Microsoft Windows uses an application programming interface (API) called "CreateFile" to access files. Ransomware works by going through files, one by one, and replacing their content with an encrypted version. Sometimes it also sends copies elsewhere, but that turns out to be slow, and sometimes sets off alarms.)

Ransomware 246

Ransomware Encryption Software 246

Schneier on Security

JANUARY 16, 2025

It was that very server that allowed the FBI to finally kill this pesky bit of malicious software. According to the FBI , at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023.

Malware 249

Malware Hacking Software 249

Schneier on Security

APRIL 29, 2025

This seems like an important advance in LLM security against prompt injection: Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police themselves.

Engineering 248

Engineering Architecture Software 248

The Last Watchdog

OCTOBER 23, 2024

INE Security advises businesses to secure their network by using firewalls, encrypting data, and regularly updating security software. Tip 4: Regularly Updating and Patching Systems Keeping software and systems up to date is crucial in protecting against vulnerabilities. Many cyber attacks exploit vulnerabilities in outdated software.

Small Business 162

Small Business Data breaches Backups Passwords 162

Krebs on Security

FEBRUARY 11, 2025

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. Windows enterprise administrators would do well to keep an eye on askwoody.com , which often has the scoop on any patches causing problems.

Artificial Intelligence 208

Artificial Intelligence Engineering Software Internet 208

Krebs on Security

NOVEMBER 19, 2024

Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. However, it did reference many of the same banks called out as Finastra customers in the Nov.

Data breaches 304

Data breaches Banking Cybercrime Advertising 304

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. Araneida Scanner. LinkedIn finds this same altugsara[.]com Neither Altug Sara nor Bilitro Yazilim responded to requests for comment.

Hacking 245

Hacking Cybercrime Advertising Data breaches 245

Krebs on Security

JANUARY 31, 2025

The “fud” bit stands for “Fully Un-Detectable,” and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances. “The Cybercrime Team is on the trail of a number of buyers of the tools,” the Dutch national police said. ” U.S.

Phishing 267

Phishing Cybercrime Advertising Malware 267

The Hacker News

MAY 7, 2025

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system.

Wireless 134

Wireless Software 134

Penetration Testing

NOVEMBER 25, 2024

Palo Alto Networks has issued a security advisory warning of a vulnerability in its GlobalProtect app that could allow attackers to install malicious software on endpoints.

Software 137

Software Cybersecurity 137

SecureList

APRIL 23, 2025

We have been tracking the latest attack campaign by the Lazarus group since last November, as it targeted organizations in South Korea with a sophisticated combination of a watering hole strategy and vulnerability exploitation within South Korean software. We found that the malware was running in the memory of a legitimate SyncHost.

Malware 144

Malware Software Encryption Internet 144

Penetration Testing

DECEMBER 3, 2024

Veeam Software, a prominent provider of backup and disaster recovery solutions, has released urgent security updates to address two critical vulnerabilities in its Service Provider Console (VSPC). One of these... The post CVE-2024-42448 (CVSS 9.9): Critical RCE Vulnerability in Veeam VSPC appeared first on Cybersecurity News.

Backups 137

Backups Software Cybersecurity 137

WIRED Threat Level

MAY 5, 2025

The open source software easyjson is used by the US government and American companies. But its ties to Russias VK, whose CEO has been sanctioned, have researchers sounding the alarm.

Risk 121

Risk Government Software Hacking 121

Penetration Testing

DECEMBER 17, 2024

The Apache Software Foundation has released important security updates to address two vulnerabilities in Apache Tomcat, a widely-used open-source web server, and servlet container.

Software 125

Software Cybersecurity 125

Adam Shostack

APRIL 27, 2025

In January, CISA (along with DARPA, NSA and DoD) released Closing the Software Understanding Gap. Understanding is interesting as a framing, but I think some of what they want is understand the software and another part is control what the software can do, and they might do well by reducing that ambiguity.

Software 147

Software 147

Penetration Testing

DECEMBER 22, 2024

The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2024-56337.

Software 141

Software Cybersecurity 141

Malwarebytes

NOVEMBER 15, 2024

Coper is a Malware-as-a-Service which “customers” can spread as they see fit, but they pay for the use of the malicious software and the underlying infrastructure. And QR codes get typically read by mobile devices, which—unfortunately—still get overlooked when it comes to installing security software.

Malware 136

Malware Banking Mobile Software 136

Security Affairs

NOVEMBER 9, 2024

.” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. The study focused on the latest software version (74.00.324A), but experts believe that earlier versions (at least 70.x) x) may also be vulnerable.

Hacking 128

Hacking Firmware Software Manufacturing 128

Security Affairs

DECEMBER 3, 2024

The vulnerability resides in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software, an unauthenticated, remote attacker could exploit the flaw to conduct a cross-site scripting (XSS) attack against a user of WebVPN on the Cisco ASA. ” reads the advisory. ” continues the advisory.

Software 119

Software Hacking Information Security 119

Krebs on Security

NOVEMBER 12, 2024

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today.

Authentication 273

Authentication Engineering Malware Passwords 273