Unpatched NGINX ingress controller bugs can be abused to steal Kubernetes cluster secrets

October 30, 2023 at 04:09PM Three high-severity bugs in the NGINX ingress controller for Kubernetes have been identified. These vulnerabilities, listed as CVE-2023-5043, CVE-2023-5044, and CVE-2022-4886, can potentially enable attackers to steal credentials and other sensitive information from Kubernetes clusters. The flaws have yet to be patched and it is unknown if they have been … Read more

Cybercrim claims fresh 23andMe batch takes leaked records to 5 million

October 19, 2023 at 12:05PM A cybercriminal using the alias “Golem” has uploaded a second batch of stolen profile data from biotech company 23andMe. The new leak contains an additional 4.1 million records, mainly from UK users, and appears to have a religious motivation. Golem targeted the Ashkenazi Jewish ethnic group in the first leak … Read more

Microsoft plans to kill off NTLM authentication in Windows 11

October 13, 2023 at 12:50PM Microsoft has announced that the NTLM authentication protocol will be phased out in Windows 11. Kerberos has replaced NTLM as the default authentication protocol since Windows 2000. Despite being used in older versions, NTLM is still vulnerable to attacks such as relay attacks and pass-the-hash attacks. Microsoft is working on … Read more

Calls for Visual Studio security tweak fall on deaf ears despite one-click RCE exploit

October 13, 2023 at 11:38AM A single-click exploit has raised concerns about the security of Microsoft’s Visual Studio IDE once again. Developed by security researcher Zhiniang Peng, the exploit takes advantage of the default implementation of the IDE’s “trusted locations” feature. Peng argues that enabling this feature by default would protect users from potential attacks, … Read more

Apple fixes iOS Kernel zero-day vulnerability on older iPhones

October 12, 2023 at 12:46PM Apple has released security updates for older iPhones and iPads to address two zero-day vulnerabilities that were being exploited in attacks. The first vulnerability allows local attackers to elevate privileges on vulnerable devices, while the second vulnerability could allow threat actors to execute arbitrary code. Although Apple has not confirmed … Read more

How to Scan Your Environment for Vulnerable Versions of Curl

October 12, 2023 at 09:59AM The recently fixed vulnerabilities in the command-line tool curl and the libcurl library require security teams to identify and remediate impacted systems. The vulnerabilities can only be exploited under specific conditions. Organizations should scan their environment using software analysis tools to assess which systems are using curl and libcurl. Additionally, … Read more

Pan-African Financial Apps Leak Encryption, Authentication Keys

October 12, 2023 at 06:26AM Researchers at Approov have discovered that encryption, authentication, and signing keys are frequently exposed in mobile fintech apps used in Africa. The study found that when the top 10 revenue and download-generating apps were reverse-engineered, passwords, API keys, and private keys for cryptography were exposed. The researchers also identified that … Read more

Addressing a Breach Starts With Getting Everyone on the Same Page

October 11, 2023 at 01:01PM Cyberattacks are on the rise, with a 38% increase in global incidents last year. Businesses need to focus on prevention and mitigation, which requires having plans in place. These plans include a business continuity plan, a crisis communications plan, and an incident response plan. It is crucial to align and … Read more

Payment Card Data Stolen in Air Europa Hack

October 11, 2023 at 10:07AM Spanish airline Air Europa is urging customers to cancel their payment cards due to a recent hack. The company detected unauthorized access to a system storing payment card data, potentially compromising partial card numbers, expiration dates, and CVV codes. Impacted customers are advised to contact their bank and watch out … Read more