The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based on the protection of the browser itself, which offers bothView the full article
Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner.
Tenable has given the vulnerability the name ConfusedFunction.
"An attacker could escalate their privileges to the Default Cloud Build Service Account andView the full article
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances.
Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.
"An attacker could exploit a bypass using an API request with Content-Length setView the full article
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could be exploited to trigger a denial-of-service (DoS) condition.
"A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition," the U.S. Cybersecurity andView the full article
Google said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser.
"We have replaced our previous warning messages with more detailed ones that convey more nuance about the nature of the danger and can help users make more informed decisions," Jasika Bawa, Lily Chen, and Daniel Rubery from the Chrome Security team said.
To thatView the full article
A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos.
The exploit appeared for ***** for an unknown price in an underground forum on June 6, 2024, ESET said. Following responsible disclosure on June 26, the issue was addressed by Telegram in version 10.14.5 released on July 11.
"View the full article
Security questionnaires aren’t just an inconvenience — they’re a recurring problem for security and sales teams.
They bleed time from organizations, filling the schedules of professionals with monotonous, automatable work. But what if there were a way to reduce or even altogether eliminate security questionnaires? The root problem isn’t a lack of great questionnaire products — it’s theView the full article
There is one simple driver behind the modern ********** in SaaS adoption: productivity. We have reached an era where purpose-built tools exist for almost every aspect of modern business and it’s incredibly easy (and tempting) for your workforce to adopt these tools without going through the formal IT approval and procurement process.
But this trend has also increased the ******* surface—and withView the full article
The threat actor known as Patchwork has been linked to a cyber ******* targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework and an updated version of a ********* called PGoShell.
The development marks the first time the adversary has been observed using the red teaming software, the Knownsec 404 Team said in an analysis published last week.
The activity cluster, alsoView the full article
Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to ****** as part of a widespread outage late last week.
"On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques," the companyView the full article
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza.
Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using ******-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1).
The high-severityView the full article
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities are listed below -
CVE-2012-4792 (CVSS score: 9.3) - Microsoft Internet Explorer Use-After-Free Vulnerability
CVE-2024-39891 (CVSS score: 5.3) - Twilio Authy Information DisclosureView the full article
Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools.
The campaign is a sign that the group "also engages in internal espionage," Symantec's Threat Hunter Team, part of Broadcom, said in a new report published today. "In the ******* onView the full article
Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber ******* targeting an energy company in the Ukrainian city of Lviv earlier this January.
Industrial cybersecurity firm Dragos has dubbed the malware FrostyGoop, describing it as the first malware strain to directly use Modbus TCPView the full article
The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice of sharing temporary first-day passwords, which can expose organizations to security risks.
Traditionally, IT departments have been cornered into either sharing passwords in plain text via email or SMS, or arranging in-person meetings to verbally communicate theseView the full article
Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information.
The sneaky technique, observed by Sucuri on a Magento e-commerce site's checkout page, allowed the malware to survive multiple cleanup attempts, the company said.
The skimmer is designed to capture all the data into the credit card form on theView the full article
Meta has been given time till September 1, 2024, to respond to concerns raised by the ********* Commission over its "pay or consent" advertising model or risk-facing enforcement measures, including sanctions.
The ********* Commission said the Consumer Protection Cooperation (CPC) Network has notified the social media giant of the model adopted on Facebook and Instagram of potentially violatingView the full article
The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY.
The agency attributed the ******* to a threat actor it tracks under the name UAC-0063, which was previously observed targeting various government entities to gather sensitive information usingView the full article
Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years after it introduced the option as part of a larger set of a controversial proposal called the Privacy Sandbox.
"Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their webView the full article
The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user
A ******** organized ****** syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that runs the whole cybercrime supply chain spectrum to spearhead its operations.
Infoblox is tracking the proprietorView the full article
A ****** America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the ****** of the cloud computing model for malicious purposes.
"Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use," GoogleView the full article
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service.
Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have alreadyView the full article
As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to ********** to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO engagement, along withView the full article
The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access ******* called AsyncRAT as well as a legitimate open-source project called BOINC.
BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source "volunteer computing" platform maintained by the University of California with an aim to carry out "large-scaleView the full article
Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that's designed to target VMWare ESXi environments.
"This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations," Trend Micro researchers said in aView the full article
Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.
