In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn’t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple […]
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct […]
In the interconnected world of modern software development, Application Programming Interfaces (APIs) play a pivotal role in enabling systems to communicate and exchange data. As the linchpins that allow diverse applications to work together, APIs have become indispensable to offering rich, feature-complete software experiences. However, this critical position within technology ecosystems also makes APIs prime […]
A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating system used by the Utah-based software company for the device is CentOS 6.4. “Pulse […]
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. “An XML external entity or XXE vulnerability in the SAML component of […]
Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. “Threat actors can also choose to install only scanners and sell the […]
In 2023, the cloud isn’t just a technology—it’s a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration with the esteemed experts from Lacework Labs, The Hacker News proudly presents an exclusive webinar: ‘Navigating the Cloud Attack Landscape: 2023 Trends, Techniques, and Tactics.’ […]
Kubernetes has become the de facto orchestration platform for managing containerized applications, but with its widespread adoption, the security of Kubernetes clusters has come under greater scrutiny. Central to Kubernetes’ architecture is etcd, a highly-available key-value store used to persist the cluster’s state and its configuration details. While etcd is essential for the Kubernetes cluster’s […]
MITRE and the US Cybersecurity and Infrastructure Security Agency (CISA) have collaborated to develop a new open source tool that simulates cyber-attacks on operational technology (OT). The product was published recently. The MITRE Calder for OT is now accessible to the general public as an addition to the open-source Caldera platform that may be found […]
The Federal Communications Commission (FCC) in the United States has recently presented a proposal for a smart device security standard that has been dubbed the “U.S. Cyber Trust Mark.” This proposal was made public by the United States. The objective of the program is to provide assistance to end users in the process of choosing […]
Microsoft reported a previously unknown vulnerability known as a zero-day flaw that was present in many versions of Windows and Office and was being actively exploited in the wild. The vulnerability, which was tracked and given the identifier CVE-2023-36884, was used by nation-state actors and cybercriminals to acquire remote code execution by using infected Office […]
This cybersecurity information sheet (CSI) is being released by the National Security Agency (NSA) in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA). The purpose of this document is to provide recommendations and best practices for improving defenses in cloud implementations of development, security, and operations (DevSecOps). This CSI explains how to integrate security […]
AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows both include a high-severity vulnerability, and proof-of-concept attack code for exploiting the issue has been made public. Users who have not yet applied the patch are strongly encouraged to do so as soon as possible in order to avoid being exploited. […]
Google on Wednesday announced the 0.1 Beta version of GUAC (short for Graph for Understanding Artifact Composition) for organizations to secure their software supply chains. To that end, the search giant is making available the open source framework as an API for developers to integrate their own tools and policy engines. GUAC aims to aggregate […]
Rules_oci, an open-sourced Bazel plugin (“ruleset”) that makes it easier and more secure to create container images using Bazel, has been made generally available by Google. It provides support for both the container community and container image security. Bazel maintains dependencies and caches them according to their integrity hash, making it ideally suited to provide […]
The Money Message extortion group attacked MSI in March, claiming to have taken 1.5TB of data. Firmware, source code, and databases were all included in this material. When the $4 million ransom demand was not met, the ransomware organization began distributing the stolen material on their data leak website. The source code for the firmware […]
The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. The vulnerability, tracked as CVE-2023-27524 (CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a default SECRET_KEY that could be abused […]
The cybersecurity analysts at ESET recently reported that BlackLotus, a sneaky bootkit for UEFI (Unified Extensible Firmware Interface), has gained notoriety as the primary malware known to successfully evade Secure Boot defenses, creating it a formidable danger. Even on the most current Windows 11 systems with UEFI Secure Boot activated, this bootkit has the capability […]
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape. “This bootkit can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled,” Slovak cybersecurity company ESET said in a […]
GoDaddy, a company that provides web hosting services, has now announced a security breach in which the company’s computers were breached and source code was taken. Throughout this multi-year attack, the perpetrators managed to get illegal access to the victim’s cPanel shared hosting environment, which led to the issue at hand. Early in the month […]
By offering industry-driven, adaptable, and efficient data security standards and programs that assist businesses in identifying, mitigating, and preventing cyberattacks and breaches, the PCI Security Standards Council (PCI SSC) is at the forefront of an international, cross-industry effort to strengthen payment security. PCI Secure Software Standard version 1.2 and its related program documentation were both […]