Recent Security News
-
Apple Patches Keystroke Injection Vulnerability in Magic Keyboard
January 12, 2024 at 06:15AM Apple announced a firmware update for the Magic Keyboard to fix a Bluetooth vulnerability disclosed by SkySafe engineer. The vulnerability could allow attackers to inject keystrokes without authentication. The update, version 2.0.6, is being rolled out and reportedly mitigates the attack. Users can check for the update in their system…
-
Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout
January 12, 2024 at 06:15AM The recently discovered Ivanti Connect Secure zero-day vulnerabilities are being exploited by threat actors linked to China, aiming to steal valuable data. These vulnerabilities, CVE-2023-46805 and CVE-2024-21887, pose a serious threat, with over 7,000 internet-exposed instances vulnerable to attacks. Patches are expected by the week of January 22, but CISA…
-
While we fire the boss, can you lock him out of the network?
January 12, 2024 at 03:42AM In this week’s edition of On Call, “Alvin” faced a predicament when a client suspected their network engineer of improperly accessing HR files. Alvin’s astute handling of the situation led to the engineer’s dismissal and the discovery of unauthorized servers in his apartment, ultimately vindicating the decision to let him…
-
Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks
January 12, 2024 at 03:09AM Cybersecurity researchers have discovered a new attack using misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners and conceal them with rootkits. The attackers exploit flaws to run remote code on targeted systems and hide mining processes. Mitigations include deploying agent-based security solutions to detect and prevent such attacks.…
-
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
January 12, 2024 at 02:38AM This blog summarizes the exploitation of CVE-2023-36025 by the Phemedrone Stealer campaign, which targets web browsers, cryptocurrency wallets, and messaging apps. The malware bypasses Windows Defender SmartScreen, allowing threat actors to execute malicious scripts. Despite Microsoft’s patch, the vulnerability continues to be exploited, posing a risk to organizations. Advanced security…