January 15, 2024 at 11:44AM Thousands of WordPress sites are affected by the Balada Injector malware, exploiting a vulnerability in the Popup Builder plugin. The campaign, active since 2017, aims to redirect visitors to fraudulent pages and push notification scams. The attackers establish persistent control by adding backdoors and malicious plugins. The issue was addressed … Read more
January 10, 2024 at 01:06AM In January 2024, Microsoft addressed 48 security flaws in its software, with 2 rated Critical and 46 Important. No evidence indicates active attacks, marking the second consecutive Patch Tuesday with no zero-days. This includes fixes for vulnerabilities in the Chromium-based Edge browser. Other vendors have also released security updates to … Read more
January 4, 2024 at 10:13AM Google announced the first Chrome security update of 2024, resolving six vulnerabilities, including high-severity memory safety flaws reported by external researchers. Bug bounty rewards were handed out for some of the reported flaws. The update strengthens Chrome’s defenses against exploitation and is available for macOS, Linux, and Windows. No current … Read more
December 21, 2023 at 02:45AM Attackers are utilizing an old Microsoft Office vulnerability in phishing campaigns to distribute Agent Tesla malware. The infection chains leverage decoy Excel documents in invoice-themed messages to trick targets into opening them. Once downloaded, the malware initiates communication with a malicious destination to download additional files. Organizations must stay updated … Read more
December 18, 2023 at 11:39AM Security researcher Ben Barnea revealed two security flaws in Microsoft Windows that were patched in 2023. These flaws, CVE-2023-35384 and CVE-2023-36710, could be exploited by threat actors to achieve remote code execution on Outlook without user interaction. Mitigation recommendations include microsegmentation and addressing NTLM vulnerabilities. For further updates, follow the … Read more
November 24, 2023 at 11:30PM The open-source file-sharing software ownCloud has warned users about three critical security flaws that could expose sensitive information and allow for file modification. The vulnerabilities involve disclosure of credentials and configuration, authentication bypass, and subdomain validation bypass. The company recommends specific fixes for each flaw. Additionally, a critical remote code … Read more
November 20, 2023 at 09:42AM Academic researchers have discovered that passive network attackers can retrieve secret RSA keys from errors in SSH connection attempts. These attacks exploit faults during signature computation, allowing attackers to compute the private key. The researchers recommend implementing validation of signatures before sending them to prevent secret key retrieval. Cisco and … Read more
October 30, 2023 at 03:18AM Unpatched security flaws have been discovered in the NGINX Ingress controller for Kubernetes. These vulnerabilities (CVE-2022-4886, CVE-2023-5043, CVE-2023-5044) could allow threat actors to steal secret credentials, execute arbitrary commands, and inject code into the ingress controller. Mitigations have been released, but updating NGINX and enabling strict path validation is recommended. … Read more
October 27, 2023 at 11:43AM The Lazarus Group, a North Korea-linked threat actor, has launched a new cyber attack campaign targeting a software vendor through known security flaws in another software. The attack involved the deployment of malware families such as SIGNBT and LPEClient. The Lazarus Group has demonstrated advanced evasion techniques and targeted other … Read more
October 26, 2023 at 10:06PM Organizations are increasingly adopting threat modeling to identify security flaws in software design, particularly with the rising use of machine learning. Threat modeling helps organizations understand security risks and mitigate them in machine learning systems. IriusRisk offers a threat modeling tool that automates the process and includes an AI & … Read more