Hackers are attempting to infect a consumer-grade Wi-Fi router model with Mirai botnet malware following the discovery of zero-days in the device in a December hacking competition. TP-Link released a patch in mid-March. Telemetry shows infections in Eastern Europe and elsewhere.
Hackers have seized on the API revolution to drive a surge in attacks that exploit poorly coded applications, reports Akamai, in a warning echoed by other cybersecurity experts. The vector driving the most growth in API attacks is local file inclusion.
Silicon Valley giant Google called on tech companies to be more robust in their approach to patching vulnerabilities in an afternoon marked by announcements designed to boost vulnerability research. Google money is supporting the Hacking Policy Council and the Security Research Legal Defense Fund.
Cybersecurity authorities issued a road map Thursday detailing how software manufacturers should go about baking security into their design processes. The document details how manufacturers should adjust their design and development programs to ensure software is secure.
Microsoft has issued fixes for 114 vulnerabilities, including patching a zero-day flaw being actively exploited by a ransomware group and updating guidance to block a vulnerability from 2013 that was recently exploited for the software supply chain attack on 3CX users, attributed to North Korea.
Security experts are urging users of IBM's Aspera Faspex file-exchange application to take it offline immediately unless they've patched a flaw being actively exploited by ransomware groups, including Buhti and IceFire. Separately, QNAP is warning customers to prepare for emergency security fixes.
A hacking group with apparent ties to Russia or Belarus has been using "simple yet effective attack techniques and tools" to gain access to multiple governments' email systems as part of apparent cyberespionage operations in support of Russia's invasion of Ukraine, researchers warn.
The Food and Drug Administration on Wednesday said that starting immediately, medical device makers must include cybersecurity plans with new product applications. Beginning on Oct. 1, the FDA intends to issue "refuse to accept" determinations for submissions lacking the cyber requirements.
Cisco plans to purchase its second cloud security startup in two months to deliver context, prioritization and remediation recommendations for cloud-native resources. The networking giant said its proposed buy of Lightspin will allow clients to identify and address key cloud security risks.
Hackers have been actively exploiting vulnerabilities in ColdFusion to remotely compromise servers, Adobe warns. Since at least early January, attackers have been dropping web shells via ColdFusion, but it's unclear if only now-known vulnerabilities are being exploited, security researchers say.
A financially motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows operating system to deliver ransomware. Google Threat Analysis Group attributed the campaign to Magniber ransomware group. Microsoft issued a patch in its March dump of fixes.
Microsoft's March dump of patches fixes two actively exploited zero-day vulnerabilities, including a critical issue in Outlook that Russian threat actor APT28 has used to target European companies. The vulnerability can be exploited before a user views the email in the Preview Pane.
U.S. cybersecurity officials on Thursday issued an alert about a 4-year-old software vulnerability that has been exploited by hackers, including one APT group, in a federal civilian agency. Users are advised to immediately apply the software patch to the Progress Telerik UI for ASP.NET AJAX.
Cybersecurity software giant Rubrik has joined the ranks of organizations that fell victim to attackers who have been exploiting a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT. The Clop ransomware gang claims to have exploited at least 130 victims.
Eset researchers discovered the first in-the-wild bootkit malware, BlackLotus, bypassing security and booting up on fully up-to-date Windows 11 systems. Researchers found the Unified Extensible Firmware Interface bootkit in 2022, being sold on hacking forums for $5,000.