Recently, CISA, the FBI, and MS-ISAC issued a joint advisory urging all organizations that use Confluence Data Center and Confluence Server to update the software immediately due to a major vulnerability. Heres what the problem is and why this advisory is on point. CVE-2023-22515 in Confluence Data Center and show more ...
A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 story here about the emergence of “violence-as-a-service” offerings, where random show more ...
How do we improve software quality and end the epidemic of shoddy, exploitable software harming consumers, communities and businesses? To start, we need to change the way we think and talk about software-based risks. Related StoriesSickened by Software? Changing The Way We Talk About 0DaysGitGuardian’s show more ...
How do we improve software quality and end the epidemic of shoddy, exploitable software harming consumers, communities and businesses? To start, we need to change the way we think and talk about software-based risks. Related StoriesGitGuardian’s HasMySecretLeaked Is HaveIBeenPwned for DevOpsEpisode 253: DevSecOps Worst Practices With Tanya Janca of We Hack PurpleAttacks on APIs demand a Security Re-Think
A spoofed version of an Israeli rocket-attack alerting app is targeting Android devices, in a campaign that shows how cyber-espionage attacks are shifting to individual, everyday citizens.
A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a flurry of speculation over the weekend — but it turns out the malicious implants were just hiding.
To protect themselves from threats, companies also need proactive cybersecurity.
Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.
Looking at the top 10 priorities of state CIOs underscores the importance of securing applications and APIs in complex environments.
The investigation is ongoing, and the city will contact those who may have potentially been affected by the breach, it said.
Brasileiro cybercrime has been on the rise. Now, one campaign targeting bank customers has reached beyond the Americas, into Europe.
US DoJ: Beware of hiring freelance and temporary workers that could be operatives working to funnel money to North Korea's WMD program.
Organizations should be careful that the workers they hire on a freelance and temporary basis are not operatives working to funnel money to North Korea's WMD program, US DOJ says.
Despite warnings that sending one-time passwords via text messages is a flawed security measure, companies continue to roll out the approach, especially in consumer-facing applications.
Law enforcement agencies from 11 countries collaborated to arrest a key member of the Ragnar Locker ransomware group, leading to the takedown of their infrastructure and data leak website.
Venture capital investments in cybersecurity firms have decreased, with $1.9 billion raised in the third quarter, a 30% drop from the previous year, according to new data released by Crunchbase.
Hackers gained access to Okta's customer support management system, allowing them to view private customer information, including sensitive data such as cookies and session tokens.
The company aims to provide businesses with a comprehensive understanding of AI adoption within their enterprises, offering risk assessments for all AI applications and identifying compliance, security, and privacy issues.
The attack is seen as an attempt to undermine the Court's mandate. Dutch law enforcement authorities are currently investigating the incident, but it is unclear if any information was stolen.
According to a report by cybersecurity company Nixu, over 80% of organizations in northern Europe prioritize business resilience as the main driver for their cybersecurity investments.
The attack involves the deployment of a trojanized version of the UTetris application, which acts as a loader for malware and facilitates the spread of the attack to potentially air-gapped systems.
The increased investment in security, driven by concerns associated with AI and risk, is expected to be the top category for increased spending, with 4 in 5 CIOs planning to increase security investments, according to Gartner.
It is speculated that the threat actors behind the attacks may be deploying an update to hide their presence, or a grey-hat hacker could be rebooting the devices to clear the implant.
A recent study by Commvault shows that many senior executives are not actively involved in their company's cybersecurity initiatives. Only 33% of CEOs and 21% of other senior leaders are heavily engaged in cyber preparedness.
The infrastructure of the Al-Qassam Brigades website has been moved between different providers to keep it online amidst Israeli airstrikes and constant attacks from hackers.
A potential data breach in Philadelphia's email system may have exposed protected health information, including names, addresses, birth dates, Social Security numbers, medical information, and some financial information.
Quasar RAT, an open-source remote access trojan also known as CinaRAT or Yggdrasil, has been spotted leveraging a new Microsoft file as part of its DLL sideloading process to stealthily drop malicious payloads on compromised Windows systems. Once the Quasar RAT payload is executed in the computer's memory, it show more ...
The personal information of D.C. voters, including partial Social Security numbers and driver's license numbers, may have been exposed in a data breach affecting the Board of Elections' voter roll.
The attack chain involves renaming legitimate files, injecting malicious code, and leveraging DLL sideloading to ultimately deploy the Quasar RAT payload, highlighting the sophistication of the attack.
A recent report from WithSecure has highlighted a surge in DarkGate malware infection attempts. Multiple Vietnamese threat groups have been found to deploy info-stealer campaigns using Malware-as-a-Service (MaaS), honing in on specific sectors or groups. Their modus operandi displays notable similarities, with recurring themes in lures and delivery methods.
The cyberattack caused outages in the company's phone service, building connectivity, and online services, impacting customers' ability to pay bills and file claims online.
Researchers have linked DoNot Team, a threat actor believed to be of Indian origin, to a .NET-based backdoor called Firebird. The backdoor has been used to target victims in Pakistan and Afghanistan.
Researchers suspect that Meta was either tricked into providing access to the threat actor or the threat actor obtained credentials for a legitimate law enforcement account.
QNAP urges customers to implement security measures such as changing default access port numbers, using strong passwords, and updating firmware to protect against future attacks.
Proofpoint researchers have discovered a new version of the Grandoreiro malware that is targeting victims in both Mexico and Spain. This is unusual as the malware has historically only targeted Portuguese and Spanish speakers in Brazil and Mexico.
Debian Linux Security Advisory 5531-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to load arbitrary JavaScript code.
Debian Linux Security Advisory 5530-1 - Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injection.
Moodle version 4.3 suffers from a cross site scripting vulnerability.
Red Hat Security Advisory 2023-5982-01 - An update for foreman_ygg_worker, puppet-agent, qpid-proton, and yggdrasil is now available for Satellite Client 6 for RHEL 6, Satellite Client 6 for RHEL 7, Satellite Client 6 for RHEL 8, and Satellite Client 6 for RHEL 9. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2023-5980-01 - Updated Satellite 6.11 packages that fix several bugs are now available for Red Hat Satellite. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2023-5979-01 - Updated Satellite 6.12 packages that fixes important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5978-01 - JBoss EAP XP 4.0.0.GA security release on the EAP 7.4.13 base is now available. See references for release notes. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5976-01 - An update is now available for Service Telemetry Framework 1.5.2. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5974-01 - An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-operator-container is now available for NETWORK-OBSERVABILITY-1.4.0-RHEL-9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5973-01 - Red Hat AMQ Streams 2.5.1 is now available from the Red Hat Customer Portal. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5971-01 - An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 17.1.1. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5970-01 - An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 17.1.1. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5969-01 - An update for collectd-libpod-stats, etcd, and python-octavia-tests-tempest is now available for Red Hat OpenStack Platform 17.1.1. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5967-01 - An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.1.9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5965-01 - An update for collectd-libpod-stats and etcd is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5964-01 - An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5715-01 - An update for the nginx:1.20 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5712-01 - An update for the nginx:1.20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5701-01 - An update is now available for Red Hat Ansible Automation Platform 2.3. Issues addressed include a denial of service vulnerability.
PowerVR suffers from a multitude of memory management bugs including out-of-bounds access and information leakage.
What cloud service providers need to know to prepare for FedRAMP Baselines Rev. 5, as documented in the new Transition Guide.
With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence—formerly the realm of data science and engineering teams—has become a resource available to every employee. From a productivity perspective, that’s fantastic. Unfortunately for IT and security teams, it also means you may have hundreds of people in your organization using a new tool in
The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are also configured to deliver a downloader named CSVtyrei, so named for its resemblance to Vtyrei. "Some
The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan said in a report published last week,
Why use and keep track of a zillion discrete accounts when you can log into so many apps and websites using your Facebook or Google credentials, right? Not so fast. What’s the trade-off?
