FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFro.....»»
Why cloud vulnerabilities need CVEs
When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk within these different paradigms and environments (e.g., the cloud). Patch net.....»»
UK outlaws awful default passwords on connected devices
The law aims to prevent global-scale botnet attacks. Enlarge (credit: Getty Images) If you build a gadget that connects to the Internet and sell it in the United Kingdom, you can no longer make the default password "pass.....»»
Study reveals cancer vulnerabilities in popular dog breeds
Medium-sized dogs have a higher risk of developing cancer than the very largest or smallest breeds, according to a UC Riverside study......»»
Extraordinary Vietnam fraud case exposes the inherent vulnerabilities of banks
The financial crisis of 2008 showed just how much the world depends on banks being well run. Since then, regulators have been given new powers to keep some of the biggest institutions on a much shorter leash to stamp out risk, greed and corruption......»»
Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco T.....»»
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Enlarge (credit: Getty Images) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Ci.....»»
Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The integration be.....»»
Global attacker median dwell time continues to fall
While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time – the time attackers remain undetected within a target environm.....»»
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher.....»»
Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
Windows vulnerability reported by the NSA exploited to install Russian backdoor
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
MITRE breached by nation-state threat actor via Ivanti zero-days
MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network’s VMware i.....»»
How to optimize your bug bounty programs
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He off.....»»
Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation While it initially seemed that protecting Palo Alto Network firewalls f.....»»
Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
The newest version of Ivanti Avalanche – the company’s enterprise mobile device management (MDM) solution – carries fixes for 27 vulnerabilities, two of which (CVE-2024-29204, CVE-2024-24996) are critical and may allow a remote unau.....»»
92% of enterprises unprepared for AI security challenges
Most industries continue to run almost two or more months behind in patching software vulnerabilities, endpoints remain vulnerable to threats, and most enterprise PCs must be replaced to support AI-based technologies, according to the Absolute Securi.....»»
Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device tele.....»»
Damn Vulnerable RESTaurant: Open-source API service designed for learning
Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developer.....»»
Stopping security breaches by managing AppSec posture
Many security vulnerabilities result from human error, and the majority of these are reflected in the application layer. These errors may occur at any stage in the software development life cycle, from code to cloud. In this Help Net Security video,.....»»
Eclypsium Automata discovers vulnerabilities in IT infrastructure
Eclypsium launches Automata, a new AI-assisted feature for its digital supply chain security platform. Available now, Automata is an automated binary analysis system that replicates the knowledge and tooling of expert security researchers to discover.....»»