February 27, 2024 at 09:37AM Malicious JavaScript code found in a Tornado Cash governance proposal has been leaking deposit data for 2 months, compromising fund transaction privacy and security. Security researcher Gas404 discovered the code and urged stakeholders to veto the proposals. Tornado Cash, an Ethereum mixer, uses SNARKs for anonymity, but has also been … Read more
February 14, 2024 at 08:51AM Cybersecurity researchers discovered a vulnerability in the ‘command-not-found’ utility on Ubuntu systems that could allow threat actors to recommend and install their own malicious packages. The vulnerability stems from the utility’s reliance on the snap repository, potentially leading to deceptive recommendations and software supply chain attacks. Users are urged to … Read more
February 9, 2024 at 10:39PM Over 70,000 legitimate websites have been compromised to form VexTrio, a network utilized by cybercriminals for distributing malware and conducting phishing activities. The operation has been growing in sophistication since its establishment in 2017. Check Point and Infoblox have both flagged VexTrio as a significant security threat, emphasizing its impact … Read more
February 7, 2024 at 04:40AM The blog entry discusses the critical Atlassian Confluence vulnerability CVE-2023-22527, which facilitates remote code execution. Update to Confluence version 8.5.4 or 8.5.5 to address the flaw. The vulnerability’s technical breakdown, exploitation scenarios, and available security solutions are detailed, underscoring the urgency for patching and utilizing security measures. The meeting notes … Read more
February 5, 2024 at 06:06PM The Biden administration has implemented a new policy allowing visa restrictions on individuals involved in misusing commercial spyware to target journalists, activists, and marginalized communities. This action aims to address privacy and human rights concerns. Notably, the policy could affect citizens of any country and reflects growing international concerns about … Read more
January 3, 2024 at 06:08AM Prisma uncovered a critical exploit within an undocumented Google OAuth endpoint, enabling attackers to hijack user sessions and maintain continuous unauthorized access to Google services. The exploit has been integrated into various malware and has continued to evolve, posing a significant threat. CloudSEK has emphasized the need for enhanced cybersecurity … Read more
January 3, 2024 at 03:37AM Emsisoft advocates for a total ban on ransom payments following a surge in ransomware attacks on US organizations, costing nearly $1.5 million each on average to rectify. It pointed to record-breaking attacks in 2023, including those on hospitals, schools, and government bodies. The report also highlights concerns about the need … Read more
December 29, 2023 at 09:47AM Palo Alto Networks has successfully acquired Talon Cyber Security, enhancing its SASE solution to provide ironclad security and data protection for users on any device. The integration of Talon’s Enterprise Browser with Prisma SASE aims to address security risks associated with web browser usage on unmanaged devices, contributing to a … Read more
December 15, 2023 at 02:37AM The blog discusses CVE-2023-50164, a critical vulnerability in Apache Struts 2 that enables unauthorized path traversal and remote code execution. It advises users to upgrade to Struts 2.5.33, 6.3.0.2, or higher to mitigate the risk. The vulnerability is exploited by various threat actors and can be mitigated using security solutions … Read more
December 10, 2023 at 10:39AM Around 38% of Apache Log4j applications are still vulnerable to security issues, including the critical Log4Shell flaw (CVE-2021-44228) allowing unauthenticated remote code execution. Despite available patches for over two years, many organizations continue to use insecure versions. It’s recommended that companies scan their environment and develop an emergency upgrade plan … Read more