Recent Security News
-
Majorca city Calvià extorted for $11M in ransomware attack
January 16, 2024 at 01:52PM Calvià City Council in Majorca was hit by a ransomware attack, affecting municipal services. With a population of 50,000 and a major tourism destination, it formed a crisis committee to assess the damage. IT specialists are conducting forensic analysis while administrative deadlines have been suspended till Jan 31, 2024. The…
-
Double trouble for VMware and Atlassian admins – there are critical flaws to fix
January 16, 2024 at 01:12PM Critical vulnerabilities in Atlassian and VMware products have been revealed. Atlassian’s Confluence Data Center and Server have a flaw allowing remote code execution, and Jira Software Data Center and Server are susceptible to XML external entity attacks. VMware’s Aria Automation faces a missing access control issue, all requiring immediate patching…
-
Patch ASAP: Max-Critical Atlassian Bug Allows Unauthenticated RCE
January 16, 2024 at 01:10PM A critical unauthenticated remote code execution (RCE) vulnerability affects Atlassian Confluence Data Center and Confluence Server versions released before Dec. 5 (CVE-2023-22527). The bug carries a 10/10 severity rating and affects versions 8.0.x to 8.5.3. Organizations should update to the latest versions to defend against potential cyber-attacks, as no mitigations…
-
Africa, Middle East Lead Peers in Cybersecurity, But Lag Globally
January 16, 2024 at 01:10PM Africa and the Middle East stand out in cybersecurity compared to their economic peers, but fall short in overall cyber resilience. Despite this, efforts to improve cybersecurity in the regions are underway, including investing in replacing outdated technology and creating stronger workflows for identifying threats. Sustaining these efforts will require…
-
FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials
January 16, 2024 at 12:41PM CISA and the FBI warn about Androxgh0st malware, which is being used to create a botnet targeting cloud credential theft. The botnet exploits vulnerabilities in frameworks and servers. Additionally, it steals sensitive information, deploys malicious tools, and conducts spam campaigns. The agencies advise on mitigation measures to limit the impact…