Showing only posts in Ars Technica. Show all posts.

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets

Source

Enlarge (credit: Getty Images) Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability resides in WordPress Automatic, a plugin with more than 38,000 paying customers. Websites running the WordPress content management …

Millions of IPs remain infected by USB worm years after its creators left it for dead

Source

Enlarge (credit: Getty Images) A now-abandoned USB worm that backdoors connected devices has continued to self-replicate for years since its creators lost control of it and remains active on thousands, possibly millions, of machines, researchers said Thursday. The worm—which first came to light in a 2023 post published …

Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks

Source

Enlarge (credit: Getty Images ) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Cisco firewalls in a five-month-long campaign that breaks into government networks around the world, researchers reported Wednesday. The attacks against Cisco’s Adaptive Security Appliances firewalls are the latest in a rash …

Hackers infect users of antivirus service that delivered updates over HTTP

Source

Enlarge (credit: Getty Images) Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service delivered updates over HTTP, a protocol vulnerable to attacks that corrupt or tamper with data as it travels over the Internet. The unknown …

Windows vulnerability reported by the NSA exploited to install Russian malware

Source

Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed Monday. When Microsoft patched the vulnerability in October 2022—at least two years after it …

LastPass users targeted in phishing attacks good enough to trick even the savvy

Source

Enlarge (credit: Getty Images) Password-manager LastPass users were recently targeted by a convincing phishing campaign that used a combination of email, SMS, and voice calls to trick targets into divulging their master passwords, company officials said. The attackers used an advanced phishing-as-a-service kit discovered in February by researchers from …

Kremlin-backed actors spread disinformation ahead of US elections

Source

Enlarge (credit: da-kuk/Getty ) Kremlin-backed actors have stepped up efforts to interfere with the US presidential election by planting disinformation and false narratives on social media and fake news sites, analysts with Microsoft reported Wednesday. The analysts have identified several unique influence-peddling groups affiliated with the Russian government seeking …

Attackers are pummeling networks around the world with millions of login attempts

Source

Enlarge (credit: Matejmo | Getty Images) Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s indiscriminately assailing networks with login attempts aimed at gaining unauthorized access to VPN, SSH, and web application accounts. The login attempts use both generic usernames and valid usernames targeted …

Why the US government’s overreliance on Microsoft is a big problem

Source

Enlarge (credit: Joan Cros via Getty ) When Microsoft revealed in January that foreign government hackers had once again breached its systems, the news prompted another round of recriminations about the security posture of the world’s largest tech company. Despite the angst among policymakers, security experts, and competitors, Microsoft …

Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M

Source

Enlarge (credit: Getty Images) Federal prosecutors indicted a Nebraska man on charges he perpetrated a cryptojacking scheme that defrauded two cloud providers—one based in Seattle and the other in Redmond, Washington—out of $3.5 million. The indictment, filed in US District Court for the Eastern District of …

Framework’s software and firmware have been a mess, but it’s working on them

Source

Enlarge / The Framework Laptop 13. (credit: Andrew Cunningham) Since Framework showed off its first prototypes in February 2021, we've generally been fans of the company's modular, repairable, upgradeable laptops. Not that the company's hardware releases to date have been perfect—each Framework Laptop 13 model has had quirks and …

Change Healthcare faces another ransomware threat—and it looks credible

Source

Enlarge (credit: iStock / Getty Images Plus ) For months, Change Healthcare has faced an immensely messy ransomware debacle that has left hundreds of pharmacies and medical practices across the United States unable to process claims. Now, thanks to an apparent dispute within the ransomware criminal ecosystem, it may have just …

“Highly capable” hackers root corporate networks by exploiting firewall 0-day

Source

Enlarge (credit: Getty Images ) Highly capable hackers are rooting multiple corporate networks by exploiting a maximum-severity zero-day vulnerability in a firewall product from Palo Alto Networks, researchers said Friday. The vulnerability, which has been under active exploitation for at least two weeks now, allows the hackers with no authentication …

Hackable Intel and Lenovo hardware that went undetected for 5 years won’t ever be fixed

Source

Enlarge (credit: Intel) Hardware sold for years by the likes of Intel and Lenovo contains a remotely exploitable vulnerability that will never be fixed. The cause: a supply chain snafu involving an open source software package and hardware from multiple manufacturers that directly or indirectly incorporated it into their …

AT&T: Data breach affects 73 million or 51 million customers. No, we won’t explain.

Source

Enlarge (credit: Getty Images) AT&T is notifying millions of current or former customers that their account data has been compromised and published last month on the dark web. Just how many millions, the company isn't saying. In a mandatory filing with the Maine Attorney General’s office, the …

Thousands of LG TVs are vulnerable to takeover—here’s how to ensure yours isn’t one

Source

Enlarge (credit: Getty Images) As many as 91,000 LG TVs face the risk of being commandeered unless they receive a just-released security update patching four critical vulnerabilities discovered late last year. The vulnerabilities are found in four LG TV models that collectively comprise slightly more than 88,000 …

Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation

Source

Enlarge (credit: Getty Images) Hackers are actively exploiting a pair of recently discovered vulnerabilities to remotely commandeer network-attached storage devices manufactured by D-Link, researchers said Monday. Roughly 92,000 devices are vulnerable to the remote takeover exploits, which can be remotely transmitted by sending malicious commands through simple HTTP …

Ivanti CEO pledges to “fundamentally transform” its hard-hit security model

Source

Enlarge (credit: Getty Images) Ivanti, the remote-access company whose remote-access products have been battered by severe exploits in recent months, has pledged a "new era," one that "fundamentally transforms the Ivanti security operating model" backed by "a significant investment" and full board support. CEO Jeff Abbott's open letter promises …

Microsoft blamed for “a cascade of security failures” in Exchange breach report

Source

Enlarge (credit: Getty Images) A federal Cyber Safety Review Board has issued its report on what led to last summer's capture of hundreds of thousands of emails by Chinese hackers from cloud customers, including federal agencies. It cites "a cascade of security failures at Microsoft" and finds that "Microsoft's …

Missouri county declares state of emergency amid suspected ransomware attack

Source

Enlarge / Downtown Kansas City, Missouri, which is part of Jackson County. (credit: Eric Rogers ) Jackson County, Missouri, has declared a state of emergency and closed key offices indefinitely as it responds to what officials believe is a ransomware attack that has made some of its IT systems inoperable. "Jackson …

What we know about the xz Utils backdoor that almost infected the world

Source

Enlarge (credit: Getty Images) On Friday, a lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open source data compression utility available on almost all installations of Linux and other Unix-like operating systems. The person or people behind this …

Backdoor found in widely used Linux utility breaks encrypted SSH connections

Source

Enlarge / Internet Backdoor in a string of binary code in a shape of an eye. (credit: Getty Images) Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. The compression utility, known as …

Backdoor found in widely used Linux utility targets encrypted SSH connections

Source

Enlarge / Internet Backdoor in a string of binary code in a shape of an eye. (credit: Getty Images) Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. The compression utility, known as …

PyPI halted new users and projects while it fended off supply-chain attack

Source

Enlarge / Supply-chain attacks, like the latest PyPI discovery, insert malicious code into seemingly functional software packages used by developers. They're becoming increasingly common. (credit: Getty Images) PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads …

Thousands of servers hacked in ongoing attack targeting Ray AI framework

Source

Enlarge (credit: Getty Images) Thousands of servers storing AI workloads and network credentials have been hacked in an ongoing attack campaign targeting a reported vulnerability in Ray, a computing framework used by OpenAI, Uber, and Amazon. The attacks, which have been active for at least seven months, have led …

« newer articles | page 6 | older articles »