The security of DigitalOcean customers and their data is a responsibility we approach with utmost dedication. When our customers' security is threatened we respond swiftly, communicate with transpa...
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
Increased targeting of developing and middle-income countries by ransomware actors presents a challenge to political resilience, economic development and global cyber security.
Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user’s operating system (via MacRumors). In an update on its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can (and should) download now.
In macOS 12.0.1 Monterey, Apple fixed CVE-2021-30873. This was a process injection vulnerability affecting (essentially) all macOS AppKit-based applications. We reported this vulnerability to Apple, along with methods to use this vulnerability to escape the sandbox, elevate privileges to root and bypass the filesystem restrictions of SIP.
Its IT provider says it may take three or four weeks to fully recover from the cyber-attack.
Cisco confirmed on Wednesday that it was attack by the Yanluowang ransomware group in May, but said the hackers were not able to steal sensitive data or impact the company’s operations.
In a statement to The Record, Cisco said the incident occured on their corporate network in late May and that they “immediately took action to contain and eradicate the bad actors.”
Unusually resourced threat actor has targeted multiple companies in recent days.
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.
Lockdown Mode is a new Apple feature you should hope you’ll never need to use. But for those who do, like journalists, politicians, lawyers and human rights defenders, it’s a last line of defense against nation-state spyware designed to punch through an iPhone’s protections. The new security feature was announced earlier this year as an […]
With a recent market cap of over $100 billion and the genericization of its name, the popularity of Zoom is undeniable. But what about its security? This imperative question is often quite personal, as who amongst us isn't jumping on weekly (daily?) Zoom calls?
In this talk, we’ll explore Zoom’s macOS application to uncover several critical security flaws. Flaws, that provided a local unprivileged attacker a direct and reliable path to root.
The first flaw, presents itself subtly in a core cryptographic validation routine, while the second is due to a nuanced trust issue between Zoom’s client and its privileged helper component.
After detailing both root cause analysis and full exploitation of these flaws, we’ll end the talk by showing how such issues could be avoided …both by Zoom, but also in other macOS applications.
A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.
A high-severity Palo Alto Networks denial-of-service (DoS) vulnerability has been exploited by miscreants looking to launch DDoS attacks, and several of the affected products won't have a patch until next week
The way that many of our systems currently focus on engagement makes them particularly vulnerable to the incoming wave of content from bots like GPT-3
It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.
DGA is one of the classic techniques for botnets to hide their C2s, attacker
only needs to selectively register a very small number of C2 domains, while for
the defenders, it is difficult to determine in advance which domain names will
be generated and registered.
In June 2022, FortiGuard Labs encountered IoT malware samples with SSH-related strings, something not often seen in other IoT threat campaigns. What piqued our interest more was the size of the code referencing these strings in relation to the code used for DDoS attacks, which usually comprises most of the code in other variants.
The head of Greek intelligence told a parliamentary committee his agency had spied on a journalist, two sources present said, in a disclosure that coincides with growing pressure on the government to shed light on the use of surveillance malware.
