Author: nlqip
Other Attempts to Take Over Open Source Projects After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to…
Read More
Incident response plan The healthcare industry has proven to be a high-value target for cybercriminals, with organizations in possession of sensitive data such as patients’ medical information, hospital bills, and other financial documents. Healthcare organizations must adopt a comprehensive incidence response plan to defend against growing ransomware threats, advised Azeem Aleem, MD of the UK…
Read More
Apr 18, 2024NewsroomContainer Security / Cryptocurrency Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That’s according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024. OpenMetadata is an open-source platform…
Read More
Cybersecurity is still a relatively new profession that has battled to be heard and respected, she says, driving some cyber pros to feel insecure and overcompensate with arrogant, “messiah complex” antics. She says security is often viewed within the business as “a tax”, which chips away at the morale of cyber teams and their leaders.…
Read More
Apr 18, 2024NewsroomMalvertising / Endpoint Security A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push these domains to the top of search…
Read MoreApply appropriate patches or appropriate mitigations provided by Oracle to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read More
Take That’s Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn – for both the person being scammed and an innocent participant – in Ohio. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-041 DATE(S) ISSUED: 04/17/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Ivanti Avalanche, the most severe of which could allow for remote code execution. Ivanti Avalanche is a mobile device management system. Network security features allow one to manage wireless settings (including encryption and authentication), and apply those settings on a schedule…
Read More
According to the Orca researchers, it is a common practice to store credentials needed by these commands to execute successfully in environment variables in the Linux command-line environments used by these CLIs. The problem is that some of the AWS and Gcloud CLI commands also return these environment variables to stdout (standard output on Unix…
Read More
Advisory ID: VMSA-2024-0008 CVSSv3 Range: 7.4-4.8 Issue Date: 2024-04-02 Updated On: 2024-04-02 (Initial Advisory) CVE(s): CVE-2024-22246, CVE-2024-22247, CVE-2024-22248 Synopsis: VMware SD-WAN Edge and SD-WAN Orchestrator updates address multiple security vulnerabilities. Source link wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3 wse3…
Read More