A recently identified malware family is abusing Microsoft Internet Information Services (IIS) to deploy a backdoor and monitor all HTTP traffic to the infected system, Symantec reports. Dubbed Frebniis, the malware injects code into a DLL that an IIS feature called Failed Request Event Buffering (FREB) uses when troubleshooting failed requests. FREB collects data about the tracked requests, … [Read more...]
Security Experts Warn of Foreign Cyber Threat to 2024 Voting
Top state election and cybersecurity officials on Thursday warned about threats posed by Russia and other foreign adversaries ahead of the 2024 elections, noting that America’s decentralized system of thousands of local voting jurisdictions creates a particular vulnerability. Russia and Iran have meddled in previous elections, including attempts to tap into internet-connected electronic voter … [Read more...]
SolarWinds Announces Upcoming Patches for High-Severity Vulnerabilities
SolarWinds this week published multiple advisories describing high-severity vulnerabilities expected to be patched with a SolarWinds Platform update by the end of February. Out of a total of seven security defects, five are described as deserialization of untrusted data issues that could be exploited to achieve command execution. Four of them have a CVSS score of 8.8. Tracked as CVE-2023-23836, … [Read more...]
EU Organizations Warned of Chinese APT Attacks
The European Union Agency for Cybersecurity (ENISA) and CERT-EU are warning of multiple Chinese advanced persistent threat (APT) actors targeting businesses and government organizations in the EU. The observed malicious activity, the agencies say in a joint advisory (PDF), can be attributed to several known Chinese hacking groups, including APT27, APT30, APT31, Ke3chang, Gallium, and Mustang … [Read more...]
Hackers Earn $180,000 for ICS Exploits at Pwn2Own Miami 2023
White hat hackers received a total of $180,000 at the Pwn2Own Miami 2023 hacking contest this week for exploits targeting widely used industrial control system (ICS) products. At the ICS edition of Pwn2Own, hackers have been invited to demonstrate exploits against OPC UA, data gateway and edge products made by Aveva, Inductive Automation, ProSys, PTC, Softing Industrial Automation, Triangle … [Read more...]
Data Security Startup CommandK Raises $3 Million in Seed Funding
Early-stage cybersecurity startup CommandK has raised $3 million in seed funding for a solution designed to help organizations protect their sensitive data. The investment round was led by Lightspeed and received additional participation from various angel investors. Founded in 2022, the San Francisco, California-based company provides organizations with an all-in-one sensitive data manager … [Read more...]
Atlassian Investigating Security Breach After Hackers Leak Data
Enterprise software giant Atlassian has launched an investigation after a hacker group leaked information belonging to the company. A threat actor named SiegedSec, whose members have claimed to be hacktivists, announced on its Telegram channel and hacking forums that it “hacked the software company Atlassian”. They made 35 Mb of files public. This includes two image files apparently … [Read more...]
How Ukraine War Has Shaped US Planning for a China Conflict
As the war rages on in Ukraine, the United States is doing more than supporting an ally. It’s learning lessons — with an eye toward a possible future clash with China. No one knows what the next U.S. major military conflict will be or whether the U.S. will send troops — as it did in Afghanistan and Iraq — or provide vast amounts of aid and expertise, as it has done with Ukraine. But China remains … [Read more...]
Published XIoT Vulnerabilities Trend Down, but Vigilance Must Remain High: Report
Published XIoT vulnerabilities are trending down and have been since 2021. At the same time, the percentage of vulnerabilities published by the device manufacturer rather than third-party researchers is trending up. The clear implication is device manufacturers are taking greater responsibility for the security of their own devices. The reason is probably twofold: government pressure and … [Read more...]
Chris Inglis Steps Down as US National Cyber Director
Former NSA deputy director Chris Inglis on Thursday announced he was retiring from government and leaving his job as the U.S. government’s first National Cyber Director. The departure of Inglis, which was widely expected, comes just 17 months after he was unanimously confirmed as President Joe Biden’s top advisor on cybersecurity issues and ahead of the release of the government’s National Cyber … [Read more...]
Firefox Updates Patch 10 High-Severity Vulnerabilities
Mozilla this week announced the release of Firefox 110 and Firefox ESR 102.8 with patches for 10 high-severity vulnerabilities. Tracked as CVE-2023-25728, the first of the security defects could result in an attacker being able to leak a child iframe’s unredacted URI, provided that a redirect is triggered when interacting with that iframe. The latest Firefox releases also resolve a flaw related to … [Read more...]
Mirai Variant V3G4 Targets 13 Vulnerabilities to Infect IoT Devices
During the second half of 2022, a variant of the Mirai malware called V3G4 was seen targeting 13 vulnerabilities to ensnare Internet of Things (IoT) devices into a botnet, Palo Alto Networks reports. Following the successful exploitation of the targeted security flaws, the malware takes full control of the vulnerable devices and then abuses them to conduct various types of malicious activities, … [Read more...]
Critical Vulnerability Patched in Cisco Security Products
Cisco on Wednesday announced updates for endpoint, cloud, and web security products to address a critical vulnerability in third-party scanning library ClamAV. An open-source cross-platform antimalware toolkit, ClamAV can detect trojans, viruses, and other types of malware. On February 15, ClamAV’s maintainers announced critical patches that address two vulnerabilities in the library, the most … [Read more...]
Surge in ESXiArgs Ransomware Attacks as Questions Linger Over Exploited Vulnerability
There has been a surge in ESXiArgs ransomware attacks in the past days, but it’s still not clear exactly which vulnerability is being exploited by threat actors. In fact, questions linger over several aspects of these attacks, including who may be behind them and the origins of the malware delivered by the hackers. In ESXiArgs attacks, an unidentified threat group has been delivering … [Read more...]
PE Firm Francisco Partners to Take Sumo Logic Private in $1.7B Deal
Cloud monitoring, log management and SIEM solutions provider Sumo Logic is set to become a private company after it has entered into a definitive agreement to be acquired by affiliates of private equity firm Francisco Partners for $1.7 billion. Francisco Partners is prepared to pay $12.05 per share in cash. The law firm Kahn Swick & Foti has announced that it’s investigating the deal to … [Read more...]
Ransomware Attack Pushes City of Oakland Into State of Emergency
The city of Oakland, California issued a local state of emergency late Tuesday as a result of the ongoing impact following a ransomware attack that first hit city IT systems on Wednesday, February 8. According to an update, the city “continues to experience a network outage that has left several non-emergency systems including phone lines within the City of Oakland impacted or offline.” City … [Read more...]
Splunk Enterprise Updates Patch High-Severity Vulnerabilities
Splunk on Tuesday announced Splunk Enterprise updates that resolve multiple high-severity vulnerabilities, including security defects impacting third-party packages used by the product. The most severe vulnerabilities are CVE-2023-22939 and CVE-2023-22935 (CVSS score of 8.1), two issues that could lead to the bypass of search processing language (SPL) safeguards for risky commands. Both flaws … [Read more...]
Dozens of Vulnerabilities Patched in Intel Products
Intel this week announced patches for dozens of vulnerabilities across its product portfolio, including critical- and high-severity issues. The most severe of these flaws is CVE-2021-39296 (CVSS score of 10), which impacts the Integrated Baseboard Management Controller (BMC) and OpenBMC firmware of several Intel platforms. The bug was identified in 2021 in the netipmid (IPMI lan+) interface and … [Read more...]
Descope Targets Customer Identity Market with Massive $53M Seed Round
Rishi Bhargava and the team of entrepreneurs behind Demisto’s $560 million exit are back at it with a new startup jostling for space in the red-hot customer identity market. The new company, called Descope, emerged from stealth Wednesday with an abnormally large $53 million seed-stage funding round and ambition plans to take on Okta’s Auth0 and a wave of rivals big and small in the customer … [Read more...]
Recently Patched IBM Aspera Faspex Vulnerability Exploited in the Wild
Organizations using IBM’s Aspera Faspex file transfer solution have been warned that a recently patched vulnerability is being exploited in the wild. The security hole, tracked as CVE-2022-47986 and classified as ‘high severity’, is a YAML deserialization flaw that can be exploited by a remote attacker for arbitrary code execution using specially crafted API calls. The issue was discovered … [Read more...]
- « Previous Page
- 1
- …
- 140
- 141
- 142
- 143
- 144
- …
- 146
- Next Page »