Blogs - Security
![Blogs - Security 1 nvd nist gov icon](https://heurist.org/wp-content/uploads/2022/11/nvd-nist-gov-icon.png)
![Blogs - Security 1 nvd nist gov icon](https://heurist.org/wp-content/uploads/2022/11/nvd-nist-gov-icon.png)
![Blogs - Security 1 nvd nist gov icon](https://heurist.org/wp-content/uploads/2022/11/nvd-nist-gov-icon.png)
![Blogs - Security 1 nvd nist gov icon](https://heurist.org/wp-content/uploads/2022/11/nvd-nist-gov-icon.png)
![Blogs - Security 1 nvd nist gov icon](https://heurist.org/wp-content/uploads/2022/11/nvd-nist-gov-icon.png)
![Blogs - Security 1 nvd nist gov icon](https://heurist.org/wp-content/uploads/2022/11/nvd-nist-gov-icon.png)
![Blogs - Security 7 packetstorm security com logo](https://heurist.org/wp-content/uploads/2022/11/packetstorm-security-com-logo.png)
![Blogs - Security 8 the hackersnew com logo](https://heurist.org/wp-content/uploads/2022/11/the-hackersnew-com-logo.png)
CISA Blog
- SAFECOM and NCSWIC Publish Fall 2023 Joint SAFECOM-NCSWIC Bi-Annual Meeting Executive Summaries 2024-07-24 CISA
- NCSWIC’s Planning, Training, and Exercise Committee releases “Set Your PACE Plan” Flyer 2024-07-24 CISA
- NCSWIC Planning Training, and Exercise Committee releases the Human Factors Resource Guide 2024-07-22 CISA
- Continued Progress Towards a Secure Open Source Ecosystem 2024-07-08 CISA
- Looking Ahead to Better Prepare Today 2024-07-01 CISA
- Why SMBs Don’t Deploy Single Sign On (SSO) 2024-06-20 CISA
- CISA Releases the FY 2024 Rural Emergency Medical Communications Demonstration Project (REMCDP) Notice of Funding Opportunity 2024-06-18 CISA
- CISA, SAFECOM and NCSWIC Publish SAFECOM Guidance on Emergency Communications Grants 2024-06-18 CISA
- National Internet Safety Month: This June, Take 4 Easy Steps to Stay Safe Online 2024-06-10 CISA
- NCSWIC releases the NCSWIC Video Series 2024-06-07 CISA
CISA News
- Statement from CISA Director Easterly on Leadership Changes at CISA 2024-07-23 CISA
- CISA Releases Playbook for Infrastructure Resilience Planning 2024-07-17 CISA
- CISA Announces Key Leadership Appointments in Cybersecurity and Stakeholder Engagement 2024-07-17 CISA
- CISA Releases Guide to Operational Security for Election Officials 2024-07-05 CISA
- CISA Releases the Marine Transportation System Resilience Assessment Guide 2024-07-02 CISA
- CISA and Fauquier County Hold K-12 Active Shooter Exercise 2024-06-28 CISA
- CISA Releases Guide to Enhance Election Security Through Public Communications 2024-06-17 CISA
- CISA, JCDC, Government and Industry Partners Conduct AI Tabletop Exercise 2024-06-14 CISA
- CISA Hosts First Annual Information and Communications Technology Supply Chain Risk Management Task Force Conference 2024-06-05 CISA
- Readout from CISA’s 2024 Second Quarter Cybersecurity Advisory Committee Meeting 2024-06-05 CISA
CISA Blog
- SAFECOM and NCSWIC Publish Fall 2023 Joint SAFECOM-NCSWIC Bi-Annual Meeting Executive Summaries 2024-07-24 CISA
- NCSWIC’s Planning, Training, and Exercise Committee releases “Set Your PACE Plan” Flyer 2024-07-24 CISA
- NCSWIC Planning Training, and Exercise Committee releases the Human Factors Resource Guide 2024-07-22 CISA
- Continued Progress Towards a Secure Open Source Ecosystem 2024-07-08 CISA
- Looking Ahead to Better Prepare Today 2024-07-01 CISA
- Why SMBs Don’t Deploy Single Sign On (SSO) 2024-06-20 CISA
- CISA Releases the FY 2024 Rural Emergency Medical Communications Demonstration Project (REMCDP) Notice of Funding Opportunity 2024-06-18 CISA
- CISA, SAFECOM and NCSWIC Publish SAFECOM Guidance on Emergency Communications Grants 2024-06-18 CISA
- National Internet Safety Month: This June, Take 4 Easy Steps to Stay Safe Online 2024-06-10 CISA
- NCSWIC releases the NCSWIC Video Series 2024-06-07 CISA
ICS Advisories
- Siemens SICAM Products 2024-07-25As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity […]CISA
- Positron Broadcast Signal Processor 2024-07-25View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Positron S.R.L Equipment: Broadcast Signal Processor TRA7005 Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass authentication and access unauthorized protected areas of the […]CISA
- National Instruments LabVIEW 2024-07-23View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: LabVIEW Vulnerabilities: Out-of-Bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a local attacker to disclose information and execute arbitrary code. 3. TECHNICAL DETAILS 3.1 […]CISA
- Hitachi Energy AFS/AFR Series Products 2024-07-23View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: AFS650, AFS660, AFS665, AFS670, AFS675, AFS677, AFR677 Vulnerabilities: Type Confusion, Use After Free, Double Free, Observable Discrepancy 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to create a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 […]CISA
- National Instruments IO Trace 2024-07-23View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: IO Trace Vulnerability: Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following National Instruments I/O TRACE bundled products are affected: […]CISA
- Subnet Solutions PowerSYSTEM Center 2024-07-18View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Subnet Solutions Inc. Equipment: Subnet PowerSYSTEM Center Vulnerability: Prototype Pollution 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to elevate permissions. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Subnet PowerSYSTEM Center are affected: […]CISA
- Mitsubishi Electric MELSOFT MaiLab 2024-07-18View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Corporation Equipment: MELSOFT MaiLab Vulnerability: Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition in the target product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Mitsubishi Electric reports […]CISA
- Rockwell Automation Pavilion 8 2024-07-16View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Pavilion 8 Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to create new users and view sensitive data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions […]CISA
- Siemens RUGGEDCOM 2024-07-11As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity […]CISA
- Siemens Teamcenter Visualization and JT2Go 2024-07-11As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: […]CISA
ICS Medical Advisories
- Philips Vue PACS 2024-07-18View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Philips Equipment: Vue PACS Vulnerabilities: Out-of-bounds Write, Deserialization of Untrusted Data, Uncontrolled Resource Consumption, Improper Privilege Management, Use of Default Credentials, Weak Password Requirements, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these vulnerabilities could […]CISA
- MicroDicom DICOM Viewer 2024-06-11View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Improper Authorization in Handler for Custom URL Scheme, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to both retrieve and plant medical image files on a victim's system and […]CISA
- Baxter Welch Allyn Connex Spot Monitor 2024-05-30View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.1 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Welch Allyn Connex Spot Monitor (CSM) Vulnerability: Use of Default Cryptographic Key 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to modify device configuration and firmware data. Tampering with this data could lead to device compromise, resulting […]CISA
- Baxter Welch Allyn Configuration Tool 2024-05-30View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable remotely Vendor: Baxter Equipment: Welch Allyn Configuration Tool Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the unintended exposure of credentials to unauthorized users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Baxter (formerly Hillrom and Welch Allyn) […]CISA
- Santesoft Sante FFT Imaging 2024-03-05View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante FFT Imaging Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code once a user opens a malicious DCM file on affected FFT Imaging installations. 3. TECHNICAL DETAILS 3.1 […]CISA
- MicroDicom DICOM Viewer 2024-02-29View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Heap-based Buffer Overflow, Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption issues leading to execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions […]CISA
- Santesoft Sante DICOM Viewer Pro 2024-02-27View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of the product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following […]CISA
- Orthanc Osimis DICOM Web Viewer 2024-01-23View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Orthanc Equipment: Osimis Web Viewer Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code inside the victim's browser. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Osimis Web […]CISA
- BD FACSChorus 2023-11-28View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: FACSChorus Vulnerabilities: Missing Protection Mechanism for Alternate Hardware Interface, Missing Authentication for Critical Function, Improper Authentication, Use of Hard-coded Credentials, Insecure Inherited Permissions, 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with […]CISA
- Santesoft Sante FFT Imaging 2023-10-11View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante FFT Imaging Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Santesof products are affected: Sante FFT Imaging: […]CISA
Packet Storm
- Faraday 5.4.1 2024-07-25Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take […]
- Ubuntu Security Notice USN-6914-1 2024-07-25Ubuntu Security Notice 6914-1 - Filip Hejsek discovered that the phpCAS library included in OCS Inventory was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account.
- Ubuntu Security Notice USN-6913-1 2024-07-25Ubuntu Security Notice 6913-1 - Filip Hejsek discovered that phpCAS was using HTTP headers to determine the service URL used to validate tickets. A remote attacker could possibly use this issue to gain access to a victim's account on a vulnerable CASified service. This security update introduces an incompatible API change. After applying this update, […]
- Ubuntu Security Notice USN-6915-1 2024-07-25Ubuntu Security Notice 6915-1 - It was discovered that poppler incorrectly handled certain malformed PDF. An attacker could possibly use this issue to cause a denial of service.
- Prison Management System 1.0 Shell Upload 2024-07-25Prison Management System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.
- Red Hat Security Advisory 2024-4836-03 2024-07-25Red Hat Security Advisory 2024-4836-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features, bug fixes, and updates to patch vulnerabilities.
- Red Hat Security Advisory 2024-4831-03 2024-07-25Red Hat Security Advisory 2024-4831-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- Red Hat Security Advisory 2024-4830-03 2024-07-25Red Hat Security Advisory 2024-4830-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a null pointer vulnerability.
- Red Hat Security Advisory 2024-4829-03 2024-07-25Red Hat Security Advisory 2024-4829-03 - An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
- Red Hat Security Advisory 2024-4828-03 2024-07-25Red Hat Security Advisory 2024-4828-03 - An update for freeradius is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
- Red Hat Security Advisory 2024-4827-03 2024-07-25Red Hat Security Advisory 2024-4827-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a null pointer vulnerability.
- Red Hat Security Advisory 2024-4826-03 2024-07-25Red Hat Security Advisory 2024-4826-03 - An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
- Red Hat Security Advisory 2024-4825-03 2024-07-25Red Hat Security Advisory 2024-4825-03 - An update for podman is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include deserialization and memory exhaustion vulnerabilities.
- Red Hat Security Advisory 2024-4824-03 2024-07-25Red Hat Security Advisory 2024-4824-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
- Red Hat Security Advisory 2024-4823-03 2024-07-25Red Hat Security Advisory 2024-4823-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include denial of service, double free, and information leakage vulnerabilities.
- Red Hat Security Advisory 2024-4820-03 2024-07-25Red Hat Security Advisory 2024-4820-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a null pointer vulnerability.
- Red Hat Security Advisory 2024-4746-03 2024-07-25Red Hat Security Advisory 2024-4746-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
- Red Hat Security Advisory 2024-4744-03 2024-07-25Red Hat Security Advisory 2024-4744-03 - An update for resource-agents is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
- Red Hat Security Advisory 2024-4730-03 2024-07-25Red Hat Security Advisory 2024-4730-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
- Red Hat Security Advisory 2024-4715-03 2024-07-25Red Hat Security Advisory 2024-4715-03 - An update for cups is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
The Hacker News
- This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps 2024-07-26A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"
- Offensive AI: The Sine Qua Non of Cybersecurity 2024-07-26"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, […]
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals 2024-07-26The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. "Rim Jong Hyok and his co-conspirators deployed
- Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining 2024-07-26Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security firm Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. "Unbeknownst […]
- CrowdStrike Warns of New Phishing Scam Targeting German Customers 2024-07-26CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter
- Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk 2024-07-26Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. "In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709), […]
- North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks 2024-07-25A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel […]
- 6 Types of Applications Security Testing You Must Know About 2024-07-25Application security testing is a critical component of modern software development, ensuring that applications are robust and resilient against malicious attacks. As cyber threats continue to evolve in complexity and frequency, the need to integrate comprehensive security measures throughout the SDLC has never been more essential. Traditional pentesting provides a crucial snapshot of an
- Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams 2024-07-25Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals," the company said. "They targeted primarily […]
- Webinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser Security 2024-07-25The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based on the protection of the browser itself, which offers […]
- Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform 2024-07-25Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the name ConfusedFunction. "An attacker could escalate their privileges to the Default Cloud Build Service Account and
- Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins 2024-07-25Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances. Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity. "An attacker could exploit a bypass using an API request with […]
- CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software 2024-07-25The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could be exploited to trigger a denial-of-service (DoS) condition. "A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition," the U.S. Cybersecurity […]
- New Chrome Feature Scans Password-Protected Files for Malicious Content 2024-07-25Google said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser. "We have replaced our previous warning messages with more detailed ones that convey more nuance about the nature of the danger and can help users make more informed decisions," Jasika Bawa, Lily Chen, and Daniel Rubery […]
- How a Trust Center Solves Your Security Questionnaire Problem 2024-07-24Security questionnaires aren’t just an inconvenience — they’re a recurring problem for security and sales teams. They bleed time from organizations, filling the schedules of professionals with monotonous, automatable work. But what if there were a way to reduce or even altogether eliminate security questionnaires? The root problem isn’t a lack of great questionnaire products […]
- Telegram App Flaw Exploited to Spread Malware Hidden in Videos 2024-07-24A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale for an unknown price in an underground forum on June 6, 2024, ESET said. Following responsible disclosure on June 26, the issue was addressed by Telegram […]
- How to Reduce SaaS Spend and Risk Without Impacting Productivity 2024-07-24There is one simple driver behind the modern explosion in SaaS adoption: productivity. We have reached an era where purpose-built tools exist for almost every aspect of modern business and it’s incredibly easy (and tempting) for your workforce to adopt these tools without going through the formal IT approval and procurement process. But this trend […]
- Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool 2024-07-24The threat actor known as Patchwork has been linked to a cyber attack targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework and an updated version of a backdoor called PGoShell. The development marks the first time the adversary has been observed using the red teaming software, the Knownsec 404 Team […]
- CrowdStrike Explains Friday Incident Crashing Millions of Windows Devices 2024-07-24Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week. "On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry […]
- Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers 2024-07-24A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1). The […]