Showing only posts in Ars Technica. Show all posts.

Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability

Source

Enlarge (credit: Getty Images ) Thousands of sites running the WordPress content management system have been hacked by a prolific threat actor that exploited a recently patched vulnerability in a widely used plugin. The vulnerable plugin, known as tagDiv Composer, is a mandatory requirement for using two WordPress themes: Newspaper …

23andMe says private user data is up for sale after being scraped

Source

Enlarge / The 23andMe logo displayed on a smartphone screen. Genetic profiling service 23andMe has commenced an investigation after private user data was been scraped off its website Friday’s confirmation comes five days after an unknown entity took to an online crime forum to advertise the sale of private …

Private 23andMe user data is up for sale after online scraping spree

Source

Enlarge / The 23andMe logo displayed on a smartphone screen. Genetic profiling service 23andMe has confirmed that private user data is circulating for sale online after being scraped off its website. Friday’s confirmation comes five days after an unknown entity took to an online crime forum to advertise the …

Vulnerabilities in Supermicro BMCs could allow for unkillable server rootkits

Source

Enlarge (credit: Getty Images) If your organization uses servers that are equipped with baseboard management controllers from Supermicro, it’s time, once again, to patch seven high-severity vulnerabilities that attackers could exploit to gain control of them. And sorry, but the fixes must be installed manually. Typically abbreviated as …

They’ve begun: Attacks exploiting vulnerability with maximum 10 severity rating

Source

Enlarge (credit: Getty Images) Ransomware hackers have started exploiting one or more recently fixed vulnerabilities that pose a grave threat to enterprise networks around the world, researchers said. One of the vulnerabilities has a severity rating of 10 out of a possible 10 and another 9.9. They reside …

Vulnerable Arm GPU drivers under active exploitation. Patches may not be available

Source

Enlarge (credit: Getty Images) Arm warned on Monday of active ongoing attacks targeting a vulnerability in device drivers for its Mali line of GPUs, which run on a host of devices, including Google Pixels and other Android handsets, Chromebooks, and hardware running Linux. “A local non-privileged user can make …

Critical vulnerabilities in Exim threaten over 250k email servers worldwide

Source

Enlarge (credit: Getty Images) Thousands of servers running the Exim mail transfer agent are vulnerable to potential attacks that exploit critical vulnerabilities, allowing remote execution of malicious code with little or no user interaction. The vulnerabilities were reported on Wednesday by Zero Day Initiative, but they largely escaped notice …

A new Chrome 0-day is sending the Internet into a new chapter of Groundhog Day

Source

Enlarge (credit: Getty Images) A critical zero-day vulnerability Google reported on Wednesday in its Chrome browser is opening the Internet to a new chapter of Groundhog Day. Like a critical zero-day Google disclosed on September 11, the new exploited vulnerability doesn’t affect just Chrome. Already, Mozilla has said …

Backdoored firmware lets China state hackers control routers with “magic packets”

Source

Enlarge (credit: Getty Images) Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday. The hacking group, tracked under names including BlackTech, Palmerworm, Temp …

Google quietly corrects previously submitted disclosure for critical webp 0-day

Source

Enlarge (credit: Getty Images) Google has quietly resubmitted a disclosure of a critical code-execution vulnerability affecting thousands of individual apps and software frameworks after its previous submission left readers with the mistaken impression that the threat affected only the Chrome browser. The vulnerability originates in the libwebp code library …

GPUs from all major suppliers are vulnerable to new pixel-stealing attack

Source

Enlarge GPUs from all six of the major suppliers are vulnerable to a newly discovered attack that allows malicious websites to read the usernames, passwords, and other sensitive visual data displayed by other websites, researchers have demonstrated in a paper published Tuesday. The cross-origin attack allows a malicious website …

3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone

Source

Enlarge (credit: Getty Images) Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential candidate with sophisticated spyware developed by a commercial exploit seller, Google and researchers from Citizen Lab said Friday. The previously unknown vulnerabilities, which Apple patched …

Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters

Source

Enlarge (credit: Getty Images) Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s causing a large number of offerings from other developers to go unpatched, researchers said Thursday. Two weeks ago …

The Signal Protocol used by 1+ billion people is getting a post-quantum makeover

Source

Enlarge (credit: Aurich Lawson | Getty Images) The Signal Foundation, maker of the Signal Protocol that encrypts messages sent by more than a billion people, has rolled out an update designed to prepare for a very real prospect that’s never far from the thoughts of just about every security …

Chinese hackers have unleashed a never-before-seen Linux backdoor

Source

Enlarge Researchers have discovered a never-before-seen backdoor for Linux that’s being used by a threat actor linked to the Chinese government. The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said …

How Google Authenticator made one company’s network breach much, much worse

Source

Enlarge (credit: Getty Images ) A security company is calling out a feature in Google’s authenticator app that it says made a recent internal network breach much worse. Retool, which helps customers secure their software development platforms, made the criticism on Wednesday in a post disclosing a compromise of …

A phone call to helpdesk was likely all it took to hack MGM

Source

Enlarge / Gamblers and hotel guests at MGM casinos on the Las Vegas Strip, including the Bellagio, were affected by the security breach. (credit: Ethan Miller/Getty Images) A cyber criminal gang proficient in impersonation and malware has been identified as the likely culprit for an attack that paralized networks …

With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe?

Source

Enlarge (credit: Getty Images ) End users, admins, and researchers better brace yourselves: The number of apps being patched for zero-day vulnerabilities has skyrocketed this month and is likely to get worse in the following weeks. People have worked overtime in recent weeks to patch a raft of vulnerabilities actively …

Password-stealing Linux malware served for 3 years and no one noticed

Source

Enlarge / A digital Trojan horse. (credit: Getty Images | posteriori) A download site surreptitiously served Linux users malware that stole passwords and other sensitive information for more than three years until it finally went quiet, researchers said on Tuesday. The site, freedownloadmanager[.]org, offered a benign version of a Linux …

Cisco security appliance 0-day is under attack by ransomware crooks

Source

Enlarge / Cisco Systems headquarters in San Jose, California, US, on Monday, Aug. 14, 2023. Cisco Systems Inc. is scheduled to release earnings figures on August 16. Photographer: David Paul Morris/Bloomberg via Getty Images Cisco on Thursday confirmed the existence of a currently unpatched zero-day vulnerability that hackers are …

The International Criminal Court will now prosecute cyberwar crimes

Source

Enlarge / Karim Khan speaks at Colombia's Special Jurisdiction for Peace during the visit of the Prosecutor of the International Criminal Court in Bogota, Colombia, on June 6, 2023. (credit: Long Visual Press/Getty ) For years, some cybersecurity defenders and advocates have called for a kind of Geneva Convention for …

North Korea-backed hackers target security researchers with 0-day

Source

Enlarge (credit: Dmitry Nogaev | Getty Images) North Korea-backed hackers are once again targeting security researchers with a zero-day exploit and related malware in an attempt to infiltrate computers used to perform sensitive investigations involving cybersecurity. The presently unfixed zero-day—meaning a vulnerability that’s known to attackers before the …

How China gets free intel on tech companies’ vulnerabilities

Source

Enlarge (credit: Wired staff; Getty Images) For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they're revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them …

Microsoft finally explains cause of Azure breach: An engineer’s account was hacked

Source

Enlarge (credit: Getty Images) Microsoft said the corporate account of one of its engineers was hacked by a highly skilled threat actor that acquired a signing key used to hack dozens of Azure and Exchange accounts belonging to high-profile users. The disclosure solves two mysteries at the center of …

4 Okta customers hit by campaign that gave attackers super admin control

Source

Enlarge (credit: Getty Images) Authentication service Okta said four of its customers have been hit in a recent social-engineering campaign that allowed hackers to gain control of super administrator accounts and from there weaken or entirely remove two-factor authentication protecting accounts from unauthorized access. The Okta super administrator accounts …

« newer articles | page 11 | older articles »