Heimadal Security

DECEMBER 17, 2021

These past few days have been about the most important vulnerability discovered lately. The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 beta9 through 2.14.1.

Cybersecurity 107

Cybersecurity 107

Heimadal Security

DECEMBER 16, 2021

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 The post The Log4j Vulnerability Is Now Used by State-Backed Hackers appeared first on Heimdal Security Blog.

Cryptocurrency 98

Cryptocurrency Cybersecurity 98

NetSpi Technical

MARCH 11, 2024

In 2023 NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost. What makes that determination?”

Authentication 145

Authentication Penetration Testing Technology Phishing 145

Security Affairs

APRIL 13, 2022

The Apache Software Foundation urges organizations to address a vulnerability, tracked as CVE-2021-31805, affecting Struts versions ranging 2.0.0 An attacker could trigger this vulnerability to take control of an affected system. Apache Struts is an open-source web application framework for developing Java EE web applications.

Software 129

Software Hacking Cybersecurity Information Security 129

Security Boulevard

MARCH 12, 2024

The goal is to eliminate a broad class of software defects that make up to 70 percent of all vulnerabilities, according to researchers at Microsoft and Google. The post A Faster Path to Memory Safety: CHERI, Memory Tagging, and Control Flow Integrity appeared first on Security Boulevard.

Software 59

Software 59

Anton on Security

JANUARY 10, 2024

So, we ( Tim and Anton , the crew behind the podcast ) wanted to post another reflections blog based on our Cloud Security Podcast by Google being almost 3 (we will be 3 years old on Feb 11, 2024, to be precise), kind of similar to this one. EP109 How Google Does Vulnerability Management: The Not So Secret Secrets!”

Cloud Migration 130

Cloud Migration Government Network Security Risk 130

Security Affairs

MARCH 29, 2023

Google’s Threat Analysis Group (TAG) discovered several exploit chains targeting Android, iOS, and Chrome to install commercial spyware. Google’s Threat Analysis Group (TAG) shared details about two distinct campaigns which used several zero-day exploits against Android, iOS and Chrome. links sent over SMS to users.

Spyware 85

Spyware Surveillance Firmware Internet 85

The Hacker News

JANUARY 26, 2021

Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development.

Media 98

Media Internet Internet Government 98

SecureWorld News

JANUARY 26, 2021

They are the ones who look for and discover vulnerabilities before anyone else in the world knows about them. Google's TAG team has identified the threat actors behind this campaign as a "government-backed entity based in North Korea.". However, because they are heroes, they are also targets. Let's take a look at four of them.

Social Engineering 92

Social Engineering Engineering Accountability Malware 92

Security Affairs

APRIL 8, 2023

US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report.

Backups 80

Backups Spyware Ransomware Education 80

Malwarebytes

MARCH 22, 2023

After all, if a vulnerability exists one can expect that it will be exploited more than once. Recently, while reading a blog post from security vendor Akamai, we spotted a similar situation. In this blog post, we show how the newly found Kritec skimmer was found along side one of its competitors. They also list nebiltech[.]shop

70

70

Security Boulevard

DECEMBER 12, 2023

Two of the four HotNews Notes are updates on a critical OS Command Injection vulnerability in IS-OIL that was reported to SAP by the Onapsis Research Labs earlier this year. SAP Security Note #3350297 , tagged with a CVSS score of 9.1, was initially released in July 2023 to patch this vulnerability.

Passwords 52

Passwords Technology Mobile Government 52

Security Affairs

JANUARY 26, 2021

Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. ” reads the TAG’s report. ” reads the TAG’s report.

Media 85

Media Social Engineering Engineering Accountability 85

Google Security

NOVEMBER 7, 2023

to develop Memory Tagging Extension (MTE) technology. MTE is now available on some OEM devices (as noted in a recent blog post by Project Zero) with Android 14 as a developer option, enabling developers to use MTE to discover memory safety issues in their application easily.

Software 82

Software Technology Architecture Mobile 82

Krebs on Security

AUGUST 9, 2022

Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows.

Authentication 254

Authentication Internet Internet Cyber threats 254

Security Boulevard

JANUARY 9, 2024

affected Onapsis Research Labs Contribution —Our team supported SAP in patching an In Disclosure vulnerability in SAP ICM and SAP Web Dispatcher The new SAP Security year has started with 12 new and updated SAP Security Notes, including three HotNews Notes and four High Priority Notes. SAP has released the version 8.9.13

Internet 52

Internet Internet Marketing Technology 52

Security Affairs

NOVEMBER 28, 2021

North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported. Google TAG researchers reported that the same group, tracked as Zinc ,” also targeted security researchers in past campaigns. eXplorer.

Malware 122

Malware Phishing Antivirus Hacking 122

Security Affairs

MARCH 31, 2021

Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. Experts noticed that the website used in this campaign has a link to a PGP public key which is the same that was found on attackers’ blog in a campaign spotted in January.

Media 92

Media Antivirus Accountability Internet 92

Security Affairs

APRIL 7, 2023

Apple released emergency security updates to address two actively exploited zero-day vulnerabilities impacting iPhones, Macs, and iPads. Apple has released emergency security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-28205 and CVE-2023-28206, impacting iPhones, Macs, and iPads.

Education 84

Education Media Hacking Accountability 84

eSecurity Planet

MARCH 16, 2023

Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. Two More Critical Flaws Action1 vice president of vulnerability and threat research Mike Walters highlighted two other critical flaws in a blog post.

Energy and Utilities 98

Energy and Utilities Authentication Firewall Engineering 98

Malwarebytes

MARCH 18, 2022

The Google Threat Analysis Group (TAG) has shared their observations about a group of cybercriminals called Exotic Lily. Among these interested parties TAG found the Conti and Diavol ransomware groups. From the TAG blog we can learn that Exotic Lily was very much specialized. Initial access broker. Exotic Lily.

Ransomware 93

Ransomware Malware Social Engineering Media 93

Krebs on Security

DECEMBER 14, 2022

Six of the update bundles earned Microsoft’s most dire “critical” rating, meaning they fix vulnerabilities that malware or malcontents can use to remotely commandeer an unpatched Windows system — with little to no interaction on the part of the user.

Social Engineering 201

Social Engineering Ransomware Software Engineering 201

Security Boulevard

MARCH 17, 2021

<a href='/blog?tag=Cybersecurity'>Cybersecurity</a> tag=Cybersecurity'>Cybersecurity</a> <a href='/blog?tag=Data tag=Data Loss Prevention'>Data Loss Prevention</a> <a href='/blog?tag=IT Request a Demo. Additional Resources. Featured: .

Data breaches 144

Data breaches Ransomware Financial Services CISO 144

Security Boulevard

JUNE 13, 2023

Cross-Site Scripting (XSS) as the most popular vulnerability, with eight notes released which patch this vulnerability in different components. This month, the Onapsis Research Labs contributed to fixing one vulnerability that affects the Transport Management System and can lead to a Denial of Service.

Manufacturing 52

Manufacturing Phishing Authentication 52

Security Boulevard

AUGUST 30, 2021

<a href='/blog?tag=Endpoint tag=Endpoint Protection'>Endpoint Protection</a> <a href='/blog?tag=Data tag=Data Loss Prevention'>Data Loss Prevention</a> <a href='/blog?tag=File tag=File Transfers'>File Transfers</a> <a href='/blog?tag=Advanced

Social Engineering 101

Social Engineering Cybersecurity Unstructured Data Engineering 101

Malwarebytes

APRIL 3, 2023

Researchers at Orca Security disclosed how they found a remote code execution vulnerability in Azure Service Fabric Explorer. The vulnerability was reported to the Microsoft Security Response Center (MSRC) with responsible disclosure and was included by Microsoft in their March 2023 Patch Tuesday round.

Authentication 87

Authentication Risk Cybersecurity 87

Security Affairs

JANUARY 29, 2021

Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. Researchers from Microsoft monitored a cyber espionage campaign aimed at vulnerability researchers and attributed the attacks to North Korea-linked Zinc APT group.

Malware 111

Malware Antivirus Hacking Accountability 111

Thales Cloud Protection & Licensing

APRIL 17, 2024

By infiltrating systems or exploiting vulnerabilities, adversaries can steal these models, leading to intellectual property theft and competitive disadvantage. Malicious actors exploit vulnerabilities within AI infrastructures to extract confidential data, including customer records, financial transactions, or trade secrets.

Risk 71

Risk Data collection Artificial Intelligence Accountability 71

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 84

Spyware Surveillance Artificial Intelligence Data breaches 84

Security Boulevard

APRIL 17, 2024

By infiltrating systems or exploiting vulnerabilities, adversaries can steal these models, leading to intellectual property theft and competitive disadvantage. Malicious actors exploit vulnerabilities within AI infrastructures to extract confidential data, including customer records, financial transactions, or trade secrets.

Risk 69

Risk Data collection Artificial Intelligence Accountability 69

NopSec

JANUARY 31, 2024

We open up 2024 with an interesting mix of vulnerabilities, some of which have been patched for nearly a year. We begin with a privilege escalation vulnerability that impacts Windows that was discovered through a happy accident. We also cover an Adobe ColdFusion vulnerability that results in unauthenticated RCE.

VPN 59

VPN Government Risk Hacking 59

eSecurity Planet

NOVEMBER 10, 2022

Microsoft’s November 2022 Patch Tuesday includes fixes for more than 60 vulnerabilities affecting almost 40 different products, features and roles – including patches for CVE-2022-41040 and CVE-2022-41082 , the ProxyNotShell flaws disclosed last month. ” Also read: Is the Answer to Vulnerabilities Patch Management as a Service?

Phishing 107

Phishing Malware Cybersecurity Network Security 107

Security Affairs

JUNE 5, 2022

Proof-of-concept exploits for the critical CVE-2022-26134 vulnerability in Atlassian Confluence and Data Center servers are available online. Researchers from cybersecurity firm GreyNoise reported that 23 unique IP addresses were observed exploiting the Atlassian vulnerabilities. 23 unique IPs so far.

VPN 123

VPN IoT Cybersecurity Engineering 123

Security Affairs

MARCH 14, 2019

Security researcher Simon Scannell from RIPS Technologies, has discovered a new CSRF vulnerability in WordPress, that could potentially lead to remote code execution attacks. This means an attacker can create comments in the name of administrative users of a WordPress blog via CSRF attacks. 2019/03/13 WordPress 5.1.1

Hacking 82

Hacking Advertising Technology 82

NetSpi Technical

MARCH 11, 2024

In 2023 NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost. What makes that determination?”

Authentication 52

Authentication Penetration Testing Technology Phishing 52

Cisco Security

APRIL 21, 2021

This blog is co-authored by Mohammad Iqbal and is part four of a four-part series about DevSecOps. Threat modeling is the practice of identifying data flows through systems and various constructs within an architecture that exhibit a security gap or vulnerabilities. Operational View with Grouping Applied by Admin or Customer Tags.

Architecture 90

Architecture Risk Engineering 90

Security Boulevard

FEBRUARY 3, 2021

<a href='/blog?tag='></a> tag='></a> <a href='/blog?tag='></a> tag='></a> <a href='/blog?tag='></a> tag='></a> 2020 was a year of unprecedented challenge for anyone working in public sector cybersecurity. Featured: .

Cybersecurity 78

Cybersecurity Digital transformation Cyber threats Ransomware 78