Showing only posts in Ars Technica. Show all posts.

It’s a hot 0-day summer for Apple, Google, and Microsoft security fixes

Source

Enlarge (credit: WIRED staff ) The summer patch cycle shows no signs of slowing down, with tech giants Apple, Google, and Microsoft releasing multiple updates to fix flaws being used in real-life attacks. July also saw serious bugs squashed by enterprise software firms SAP, Citrix, and Oracle. Here’s everything …

Multiple Chinese APTs establish major beachheads inside sensitive infrastructure

Source

Enlarge (credit: Steve McDowell / Agefotostock ) Hacking teams working for the Chinese government are intent on burrowing into the farthest reaches of sensitive infrastructure, much of it belonging to the US, and establishing permanent presences there if possible. In the past two years, they have scored some wins that could …

Android malware steals user credentials using optical character recognition

Source

Enlarge (credit: Getty Images) Security researchers have unearthed a rare malware find: malicious Android apps that use optical character recognition to steal credentials displayed on phone screens. The malware, dubbed CherryBlos by researchers from security firm Trend Micro, has been embedded into at least four Android apps available outside …

US senator blasts Microsoft for “negligent cybersecurity practices”

Source

Enlarge (credit: Getty Images) A US senator is calling on the Justice Department to hold Microsoft responsible for “negligent cybersecurity practices” that enabled Chinese espionage hackers to steal hundreds of thousands of emails from cloud customers, including officials in the US Departments of State and Commerce. “Holding Microsoft responsible …

Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix

Source

Enlarge (credit: AMD) A recently disclosed bug in many of AMD's newer consumer, workstation, and server processors can cause the chips to leak data at a rate of up to 30 kilobytes per core per second, writes Tavis Ormandy, a member of Google's Project Zero security team. Executed properly …

Researchers find deliberate backdoor in police radio encryption algorithm

Source

Enlarge (credit: Evgen_Prozhyrko via Getty ) For more than 25 years, a technology used for critical data and voice radio communications around the world has been shrouded in secrecy to prevent anyone from closely scrutinizing its security properties for vulnerabilities. But now it’s finally getting a public airing thanks …

Zyxel users still getting hacked by DDoS botnet emerge as public nuisance No. 1

Source

Enlarge (credit: Aurich Lawson / Ars Technica ) Organizations that have yet to patch a 9.8-severity vulnerability in network devices made by Zyxel have emerged as public nuisance No. 1 as a sizable number of them continue to be exploited and wrangled into botnets that wage DDoS attacks. Zyxel patched …

Firmware vulnerabilities in millions of computers could give hackers superuser status

Source

Enlarge (credit: Getty Images ) Two years ago, ransomware crooks breached hardware-maker Gigabyte and dumped more than 112 gigabytes of data that included information from some of its most important supply-chain partners, including Intel and AMD. Now researchers are warning that the leaked information revealed what could amount to critical …

Attackers find new ways to deliver DDoSes with “alarming” sophistication

Source

Enlarge (credit: Aurich Lawson / Getty) The protracted arms race between criminals who wage distributed denial-of-service attacks and the defenders who attempt to stop them continues, as the former embraces “alarming” new methods to make their online offensives more powerful and destructive, researchers from content-delivery network Cloudflare reported Wednesday. With …

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns

Source

Enlarge (credit: Getty Images) Organizations big and small are once again scrambling to patch critical vulnerabilities that are already under active exploitation and cause the kind of breaches coveted by ransomware actors and nation-state spies. The exploited vulnerabilities—one in Adobe ColdFusion and the other in various Citrix NetScaler …

JumpCloud, an IT firm serving 200,000 orgs, says it was hacked by nation-state

Source

Enlarge JumpCloud, a cloud-based IT management service that lists Cars.com, GoFundMe, and Foursquare among its 5,000 paying customers, experienced a security breach carried out by hackers working for a nation-state, the company said last week. The attack began on June 22 as a spear-phishing campaign, the company …

Microsoft takes pains to obscure role in 0-days that caused email breach

Source

Enlarge (credit: Getty Images | Aurich Lawson) On Friday, Microsoft attempted to explain the cause of a breach that gave hackers working for the Chinese government access to the email accounts of 25 organizations—reportedly including the US Departments of State and Commerce and other sensitive organizations. In a post …

WordPress plugin installed on 1 million+ sites logged plaintext passwords

Source

Enlarge (credit: Getty Images) All-In-One Security, a WordPress security plugin installed on more than 1 million websites, has issued a security update after being caught three weeks ago logging plaintext passwords and storing them in a database accessible to website admins. The passwords were logged when users of a …

Hackers exploit gaping Windows loophole to give their malware kernel access

Source

Enlarge (credit: Getty Images) Hackers are using open source software that’s popular with video game cheaters to allow their Windows-based malware to bypass restrictions Microsoft put in place to prevent such infections from occurring. The software comes in the form of two software tools that are available on …

MOVEit app mass-exploited last month patches new critical vulnerability

Source

Enlarge (credit: Lino Mirgeler/picture alliance via Getty Images ) MOVEit, the file-transfer software exploited in recent weeks in one of the biggest cyberattacks ever, has received yet another security update that fixes a critical vulnerability that could be exploited to give hackers access to vast amounts of sensitive data …

Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

Source

Enlarge The maintainers of the open source software that powers the Mastodon social network published a security update on Thursday that patches a critical vulnerability making it possible for hackers to backdoor the servers that push content to individual users. Mastodon is based on a federated model. The federation …

Actively exploited vulnerability threatens hundreds of solar power stations

Source

Enlarge (credit: Getty Images) Hundreds of Internet-exposed devices inside solar farms remain unpatched against a critical and actively exploited vulnerability that makes it easy for remote attackers to disrupt operations or gain a foothold inside the facilities. The devices, sold by Osaka, Japan-based Contec under the brand name SolarView …

336,000 servers remain unpatched against critical Fortigate vulnerability

Source

Enlarge Researchers say that nearly 336,000 devices exposed to the Internet remain vulnerable to a critical vulnerability in firewalls sold by Fortinet because admins have yet to install patches the company released three weeks ago. CVE-2023-27997 is a remote code execution in Fortigate VPNs, which are included in …

TSMC says some of its data was swept up in a hack on a hardware supplier

Source

Enlarge (credit: Getty Images ) Chipmaker TSMC said on Friday that one of its hardware suppliers experienced a “security incident” that allowed the attackers to obtain configurations and settings for some of the servers the company uses in its corporate network. The disclosure came a day after the LockBit ransomware …

Torrent of image-based phishing emails are harder to detect and more convincing

Source

Enlarge / Man hand holding a mobile phone with QR code. (credit: Getty Images) Phishing mongers have released a torrent of image-based junk emails that embed QR codes into their bodies to successfully bypass security protections and provide a level of customization to more easily fool recipients, researchers said. In …

Brave aims to curb practice of websites that port scan visitors

Source

Enlarge The Brave browser will take action against websites that snoop on visitors by scanning their open Internet ports or accessing other network resources that can expose personal information. Starting in version 1.54, Brave will automatically block website port scanning, a practice that a surprisingly large number of …

Brave will soon control which sites can access your local network resources

Source

Enlarge The Brave browser will take action against websites that snoop on visitors by scanning their open Internet ports or accessing other network resources that can expose personal information. Starting in version 1.54, Brave will automatically block website port scanning, a practice that a surprisingly large number of …

Fears grow of deepfake ID scams following Progress hack

Source

Enlarge / The number of deepfakes used in scams in just the first three months of 2023 outstripped all of 2022. (credit: FT Montage/Getty Images) When Progress Corp, the Massachusetts-based maker of business software, revealed its file transfer system had been compromised this month, the issue quickly gathered global …

Casualties keep growing in this month’s mass exploitation of MOVEit 0-day

Source

Enlarge (credit: Getty Images ) The dramatic fallout continues in the mass exploitation of a critical vulnerability in a widely used file-transfer program, with at least three new victims coming to light in the past few days. They include the New York City Department of Education and energy companies Schneider …

« newer articles | page 13 | older articles »