A vulnerability in GitLab’s email verification process could allow attackers to hijack the password reset process. The issue, tracked as CVE-2023-7028 (CVSS score of 10) and introduced in GitLab 16.1.0, can be exploited to have password reset messages sent to an unverified email address. GitLab 16.1.0 was released with the option to have password reset emails sent to a secondary email address, to … [Read more...]
Cloud Server Abuse Leads to Huge Spike in Botnet Scanning
Malicious actors are increasingly abusing free cloud services, which has led to a significant spike in botnet scanning activity, according to performance and security solutions provider Netscout. Netscout typically sees 10,000-20,000 IP addresses conducting internet scans every day. However, the company observed an increase to more than 35,000 devices on December 8 and another spike that … [Read more...]
Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches
Juniper Networks has published more than two dozen security advisories to inform customers about well over 100 vulnerabilities affecting its products, with a majority of the flaws impacting third-party components. The company has released patches and mitigations for the vulnerabilities, most of which affect its Junos operating system. The most serious of the flaws appears to be CVE-2024-21591, … [Read more...]
Brad Arkin is New Chief Trust Officer at Salesforce
Veteran cybersecurity executive Brad Arkin has left Cisco and will join Salesforce as Chief Trust Officer. Arkin, a longtime practitioner who was most recently Chief Security and Trust Officer at Cisco, is joining the San Francisco-based Salesforce to take responsibility for building confidence around the company’s use of customer data. Arkin will replace Vikram Rao, who recently left Salesforce … [Read more...]
Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach
Laptop computer maker Framework is notifying users that personal information was stolen in a data breach at its primary external accounting partner. The California-based company said the incident occurred on Thursday, January 11, and was the result of a phishing attack targeting an employee at Keating Consulting. According to the notification that Framework sent to the impacted individuals, a copy … [Read more...]
In Other News: WEF’s Unsurprising Cybersecurity Findings, KyberSlash Cryptography Flaw
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy … [Read more...]
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
A newly disclosed class of CI/CD attacks could have allowed attackers to inject malicious code into the PyTorch repository, leading to massive supply chain compromise, Praetorian security researcher John Stawinski says. Initially detailed in December 2023, the attack method targets GitHub repositories with self-hosted runners attached and allows a threat actor to execute arbitrary code without … [Read more...]
Russian Hackers Likely Not Involved in Attacks on Denmark’s Critical Infrastructure
Russian state-sponsored APT actor Sandworm might have not been involved in last year’s massive attack campaign against Denmark’s critical infrastructure, cybersecurity firm Forescout says. The assaults occurred in May 2023 and resulted in the compromise of 22 Danish energy organizations, non-profit cybersecurity center for critical sectors SektorCERT revealed in a November 2023 report. As part of … [Read more...]
Apple Patches Keystroke Injection Vulnerability in Magic Keyboard
Apple this week announced Magic Keyboard firmware updates that patch a vulnerability potentially allowing attackers to inject keystrokes over Bluetooth. The issue was disclosed in December by SkySafe software engineer Marc Newlin, who warned that an attacker within Bluetooth range could exploit the bug without authentication. Newlin warned that an adversary would only need a Linux machine and a … [Read more...]
Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout
The recently discovered Ivanti Connect Secure zero-day vulnerabilities could impact thousands of systems and the threat actors caught exploiting them appear to have been preparing for the release of patches. Threat intelligence and incident response firm Volexity warned on January 10 that it had seen threat actors likely connected to China — tracked by the company as UTA0178 — exploiting two … [Read more...]
Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services
Malware hunters at SentinelOne on Thursday flagged a newly discovered Python-based hacking tool being used by cybercriminals to hijack cloud platforms and payment services. The tool, called FBot, is capable of credential harvesting for spamming attacks, AWS account hijacking and functions to enable attacks against PayPal and various SaaS accounts. According to documentation from the company’s … [Read more...]
Microsoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy Fears
Microsoft said Thursday that it is upgrading its cloud computing service to let customers store all personal data within the European Union instead of having it flow to the U.S. where national privacy laws don’t exist. The changes apply to services including Azure, Microsoft 365, Power Platform, and Dynamics 365, the Seattle-based tech company said. Cloud computing companies have been moving to … [Read more...]
Coming Soon to a Network Near You: More Shadow IoT
News of former Microsoft head of product Panos Panay’s exit caused a small stir in the tech industry when it was learned he would join Amazon to lead that company’s product division. Closely associated with Microsoft’s Surface line, Panay is now the strategic architect for what Amazon envisions as a “device ecosystem” that today consists of the Alexa, Echo, and Fire TV brands. Precisely what … [Read more...]
China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments
Chinese state-sponsored hackers are targeting old vulnerabilities in Cisco routers in new attacks apparently aimed at government entities in the US, UK, and Australia, cybersecurity firm SecurityScorecard reports. As part of the observed attacks, the adversaries exploited CVE-2019-1653 and CVE-2019-1652, two critical-severity bugs in discontinued Cisco small business RV320/325 VPN routers, which … [Read more...]
AI-Powered Misinformation is the World’s Biggest Short-Term Threat, Davos Report Says
False and misleading information supercharged with cutting-edge artificial intelligence that threatens to erode democracy and polarize society is the top immediate risk to the global economy, the World Economic Forum said in a report Wednesday. In its latest Global Risks Report, the organization also said an array of environmental risks pose the biggest threats in the longer term. The report was … [Read more...]
Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories
Intel, AMD, Zoom and Splunk have each released security advisories on the first Patch Tuesday of 2024 to inform customers about vulnerabilities found in their products. Intel has published three new advisories announcing patches. Two of them describe a total of six high-severity and one medium-severity local privilege escalation vulnerabilities in NUC BIOS firmware. The chip giant has also … [Read more...]
CISA Urges Patching of Exploited SharePoint Server Vulnerability
The US cybersecurity agency CISA on Wednesday issued a warning on threat actors exploiting a critical Microsoft SharePoint Server vulnerability in the wild. The security defect, tracked as CVE-2023-29357 (CVSS score of 9.8) and patched on June 2023 Patch Tuesday, is described as an elevation of privilege (EoP) flaw that allows unauthenticated attackers to gain administrator privileges. An attacker … [Read more...]
Cisco Patches Critical Vulnerability in Unity Connection Product
Cisco on Wednesday announced patches for a critical-severity vulnerability in the Unity Connection unified messaging and voicemail solution. The issue, tracked as CVE-2024-20272, can be exploited remotely, without authentication, to upload arbitrary files to a system, execute commands on the underlying operating system, and elevate privileges to root. “This vulnerability is due to a lack of … [Read more...]
Mandiant Details How Its X Account Was Hacked
Mandiant revealed on Wednesday that its account on the social media platform X, formerly Twitter, was hacked as part of a cryptocurrency theft campaign that generated at least $900,000 for cybercriminals. The X account of Mandiant, which is part of Google Cloud, was hijacked in early January and abused to promote a link to a fake website claiming to be affiliated with the legitimate Phantom … [Read more...]
Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days
Malware hunters at Volexity on Wednesday warned that suspected Chinese nation-state hackers are actively exploiting a pair of unauthenticated remote zero-day vulnerabilities in Ivanti Connect Secure VPN devices. The vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887, affect fully patched Internet-facing Ivanti Connect Secure VPN appliances (formerly known as Pulse Secure) and were … [Read more...]
- « Previous Page
- 1
- …
- 36
- 37
- 38
- 39
- 40
- …
- 140
- Next Page »