Security News > 2020 > July

About 8,000 users of F5 Networks' BIG-IP family of networking devices are still vulnerable to full system access and remote code-execution, despite a patch for a critical flaw being available for two weeks. Public exploits were made available for it, leading to mass scanning for vulnerable devices by attackers, and ultimately active exploits.

Commentary: Cyral has been on a roll with two open source projects designed to make security a natural part of the development workflow. By open sourcing Approzium, Cyral makes it easier for developers to trust the project precisely because they don't really have to trust it-they can see the code.

Facebook won a significant legal victory on Thursday when the judge hearing the lawsuit against Israeli spyware maker NSO Group declined to dismiss the case - and allowed the crucial discovery process to move forward. Last October, Facebook and its WhatsApp subsidiary sued NSO Group, and its Q Cyber Technologies affiliate, in the Northern District of California.

Blackbaud, a cloud software provider specializing in fundraising suites for charities and educational institutions, quietly paid off a ransomware attacker - and then got around to telling customers about it a full two months later. "After discovering the attack, our Cyber Security team - together with independent forensics experts and law enforcement - successfully prevented the cybercriminal from blocking our system access and fully encrypting files; and ultimately expelled them from our system," said Blackbaud.

"The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts," Twitter wrote. Attackers accessed the Twitter account feature "Your Twitter Data" for eight accounts.

A popular WordPress search engine optimisation plugin with around two million installs could have been abused to hijack a target website, according to a threat intel firm. "This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel's 'all posts' page," said WordPress-focused infosec biz Wordfence in a blog post about the vuln in the All in One SEO Pack plugin.

The latest form of business email phishing attacks involve impersonating familiar senders, a GreatHorn report found. GreatHorn also acknowledged this uptick the report noted that this view isn't fully adequate in understanding how phishing email attacks are evolving, and how security teams are responding to those threats.

The U.S. Cybersecurity and Infrastructure Security Agency is ordering all federal executive branch offices to apply a patch for a wormable Windows Server bug within 24 hours, warning of a "High potential for compromise of agency information systems." "CISA has determined that this vulnerability poses unacceptable significant risk to the Federal Civilian Executive Branch and requires an immediate and emergency action," the agency said in the directive.

If you're looking for a platform to help with the collection and sharing of cybersecurity events, you need not look any further than MISP. Jack Wallen shows you how to install this tool. Malware Information Sharing Platform is a tool for the collection, storing, distributing, and sharing of cybersecurity indicators and threats.

The US Cybersecurity and Infrastructure Security Agency has instructed government agencies to immediately address a vulnerability affecting Windows DNS servers. The flaw, which impacts Windows Server versions released in the past 17 years, allows a remote, unauthenticated attacker to run arbitrary code on affected Windows DNS servers using specially crafted requests.