Cybersecurity News
May 17th, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA) on May 16 added two end-of-life D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, pointing out that security teams should patch immediately and retire the devices if possible because the bugs were exploited in the wild. CISA said the first bug — CVE-2014-100005 — was on D-Link DIR-600 routers that contained a cross-site request forgery (CSRF) flaw that lets attackers change router configurations by ... [Read More]
Source: scmagazine.com
May 17th, 2024 - Experts have identified a way to "confuse" your device when it tries to connect to a trusted Wi-Fi network. As a result, the device is instead connected to a rogue network, where threat actors can snoop in on network traffic and possibly even steal sensitive information passing through. A report from The Hacker News found the IEEE 802.11 Wi-Fi standard is vulnerable to a flaw tracked as CVE-2023-52424. It affects all operating systems and all Wi-Fi clients, and home networks, mesh ... [Read More]
Source: techradar.com
May 16th, 2024 - ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of compromised servers in its at least 15-year-long operation. The Ebury group and botnet have been involved in the spread of spam, web traffic redirections, and credential stealing over the years. In recent years, they have diversified to credit card and cryptocurrency theft. Additionally, Ebury has been deployed as a backdoor ... [Read More]
Source: helpnetsecurity.com
May 16th, 2024 - New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a "clone" operation. About Git Git is a widely-popular distributed version control system for collaborative software development. It can be installed on machines running Windows, macOS, Linux, and various *BSD distributions. Web-based software development platforms GitHub and GitLab are based on Git. Visual Studio , Microsoft's ... [Read More]
Source: helpnetsecurity.com
May 15th, 2024 - System administrators have over 60 CVEs to address in the latest Microsoft Patch Tuesday, including three zero-day vulnerabilities. Of these three zero-day bugs, two have been actively exploited in the wild, the most prominent of which ( CVE-2024-30051 ) has been used to deliver QuakBot and other malware. It is an elevation of privilege vulnerability which stems from a heap-based buffer overflow in the Windows Desktop Window Manager (DWM) Core Library. Action1 president, Mike Walters, warned ... [Read More]
Source: infosecurity-magazine.com
May 15th, 2024 - In the realm of cybersecurity, vigilance is paramount. Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) flagged a critical vulnerability in GitLab , a popular platform for collaborative software development. This GitLab password exploit tracked as CVE-2023-7028, has been actively exploited in the wild, posing significant risks to organizations utilizing GitLab for their development workflows. The GitLab Password Exploit: CVE-2023-7028 Reports claim that ... [Read More]
Source: securityboulevard.com
May 15th, 2024 - Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach. Infrastructure used to maintain and distribute the Linux operating system kernel was infected for two years, starting in 2009, by sophisticated malware that managed to get a hold of one of the developers' most closely guarded resources: the /etc/shadow files that stored encrypted password data for more than 550 system users, researchers said Tuesday. The unknown attackers behind the compromise infected at ... [Read More]
Source: arstechnica.com
May 14th, 2024 - Kaspersky Says It Spotted QakBot Operators Exploiting the Flaw in April Microsoft issued a patch Tuesday for a Windows zero-day vulnerability that security researchers say operators of the QakBot botnet and other hackers actively exploited. U.S. authorities in August dismantled the botnet, also known as Qbot, and told reporters that it "ceased to operate" as a result of an antimalware campaign dubbed Operation Duck Hunt. Malware analysts within months observed a resurgence - a comeback that ... [Read More]
Source: databreachtoday.com
May 14th, 2024 - Google has suddenly issued another critical warning—the second in just a few days—as an active threat is discovered; here's what you need to do... Google has issued another urgent update, bringing Chrome's Stable channel to 124.0.6367.207/.208 for Mac and Windows, as another zero day is anonymously reported and patched. Just as last week, users are warned that "Google is aware that an exploit for CVE-2024-4761 exists in the wild." This vulnerability impacts Chrome's V8 JavaScript ... [Read More]
Source: forbes.com
May 14th, 2024 - Threat actors are using DNS tunneling to scan for network vulnerabilities and check the success of phishing campaigns, according to new research from Palo Alto Networks. The security vendor's Unit 42 explained in a blog post yesterday that DNS tunneling is usually deployed as a means to bypass security filters by hiding malicious traffic in DNS packets. In this way, hackers can smuggle stolen data out from a target infrastructure, or hide inbound malware or command-and-control (C&C) ... [Read More]
Source: infosecurity-magazine.com
May 17th, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA) on May 16 added two end-of-life D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, pointing out that security teams should patch immediately and retire the devices if possible because the bugs were exploited in the wild. CISA said the first bug — CVE-2014-100005 — was on D-Link DIR-600 routers that contained a cross-site request forgery (CSRF) flaw that lets attackers change router configurations by ... [Read More]
Source: scmagazine.com
May 17th, 2024 - Experts have identified a way to "confuse" your device when it tries to connect to a trusted Wi-Fi network. As a result, the device is instead connected to a rogue network, where threat actors can snoop in on network traffic and possibly even steal sensitive information passing through. A report from The Hacker News found the IEEE 802.11 Wi-Fi standard is vulnerable to a flaw tracked as CVE-2023-52424. It affects all operating systems and all Wi-Fi clients, and home networks, mesh ... [Read More]
Source: techradar.com
May 16th, 2024 - ESET researchers released its deep-dive investigation into one of the most advanced server-side malware campaigns. It is still growing and has seen hundreds of thousands of compromised servers in its at least 15-year-long operation. The Ebury group and botnet have been involved in the spread of spam, web traffic redirections, and credential stealing over the years. In recent years, they have diversified to credit card and cryptocurrency theft. Additionally, Ebury has been deployed as a backdoor ... [Read More]
Source: helpnetsecurity.com
May 16th, 2024 - New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a "clone" operation. About Git Git is a widely-popular distributed version control system for collaborative software development. It can be installed on machines running Windows, macOS, Linux, and various *BSD distributions. Web-based software development platforms GitHub and GitLab are based on Git. Visual Studio , Microsoft's ... [Read More]
Source: helpnetsecurity.com
May 15th, 2024 - System administrators have over 60 CVEs to address in the latest Microsoft Patch Tuesday, including three zero-day vulnerabilities. Of these three zero-day bugs, two have been actively exploited in the wild, the most prominent of which ( CVE-2024-30051 ) has been used to deliver QuakBot and other malware. It is an elevation of privilege vulnerability which stems from a heap-based buffer overflow in the Windows Desktop Window Manager (DWM) Core Library. Action1 president, Mike Walters, warned ... [Read More]
Source: infosecurity-magazine.com
May 15th, 2024 - In the realm of cybersecurity, vigilance is paramount. Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) flagged a critical vulnerability in GitLab , a popular platform for collaborative software development. This GitLab password exploit tracked as CVE-2023-7028, has been actively exploited in the wild, posing significant risks to organizations utilizing GitLab for their development workflows. The GitLab Password Exploit: CVE-2023-7028 Reports claim that ... [Read More]
Source: securityboulevard.com
May 15th, 2024 - Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach. Infrastructure used to maintain and distribute the Linux operating system kernel was infected for two years, starting in 2009, by sophisticated malware that managed to get a hold of one of the developers' most closely guarded resources: the /etc/shadow files that stored encrypted password data for more than 550 system users, researchers said Tuesday. The unknown attackers behind the compromise infected at ... [Read More]
Source: arstechnica.com
May 14th, 2024 - Kaspersky Says It Spotted QakBot Operators Exploiting the Flaw in April Microsoft issued a patch Tuesday for a Windows zero-day vulnerability that security researchers say operators of the QakBot botnet and other hackers actively exploited. U.S. authorities in August dismantled the botnet, also known as Qbot, and told reporters that it "ceased to operate" as a result of an antimalware campaign dubbed Operation Duck Hunt. Malware analysts within months observed a resurgence - a comeback that ... [Read More]
Source: databreachtoday.com
May 14th, 2024 - Google has suddenly issued another critical warning—the second in just a few days—as an active threat is discovered; here's what you need to do... Google has issued another urgent update, bringing Chrome's Stable channel to 124.0.6367.207/.208 for Mac and Windows, as another zero day is anonymously reported and patched. Just as last week, users are warned that "Google is aware that an exploit for CVE-2024-4761 exists in the wild." This vulnerability impacts Chrome's V8 JavaScript ... [Read More]
Source: forbes.com
May 14th, 2024 - Threat actors are using DNS tunneling to scan for network vulnerabilities and check the success of phishing campaigns, according to new research from Palo Alto Networks. The security vendor's Unit 42 explained in a blog post yesterday that DNS tunneling is usually deployed as a means to bypass security filters by hiding malicious traffic in DNS packets. In this way, hackers can smuggle stolen data out from a target infrastructure, or hide inbound malware or command-and-control (C&C) ... [Read More]
Source: infosecurity-magazine.com
You May Also Like…
Understanding the U.S. Department of Health and Human Services’ Cybersecurity Strategy
The U.S. Department of Health and Human Services (HHS) has recently released a paper that outlines its cybersecurity strategy in healthcare. The paper builds on the National Cybersecurity Strategy...
Fortifying Your Business: The Strategic Edge of Outsourcing Vendor Risk Management
The Case for Outsourcing Your Vendor Risk Management Program The business ecosystem's increasing interconnectivity with third-party suppliers and service providers amplifies the importance of...
GDPR and Vendor Risk Management
Navigating GDPR Compliance and Vendor Risk Management In today's digital age, our personal data is being collected, stored, and processed at an unprecedented rate. This has raised a myriad of...