Security News > 2022 > July

Despite how crucial data is to enterprises, there is no denying that enterprise data can also be marred by inaccuracies that may result in dirty data. There is also a concern that dirty data may lead to data security vulnerabilities, which is a top cybersecurity concern for business enterprises.

An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise thousands of downstream desktop apps and websites. As researchers at supply chain security firm ReversingLabs discovered, the threat actors behind this campaign used typosquatting to infect developers looking for very popular packages, such as umbrellajs and ionic.io NPM modules.

A group of politicians and lawmakers in the UK have backed a campaign to ban the sale of CCTV systems made by companies alleged to introduce potential security issues as well as being linked to human rights abuses in China. Organized by campaign group Big Brother Watch, the letter said that partly Chinese state-owned CCTV manufacturers Hikvision and Dahua should be banned from sale or use in the UK. Both manufacturers are banned from trading in the US, owing both to security concerns and alleged evidence of their use in so-called "Re-education" camps in Xinjiang, where China is accused of detaining an estimated 1 million Uyghurs and subjecting them to abuse, torture, and forced sterilization, the campaigners said.

Microsoft has confirmed it fixed a previously disclosed 'ShadowCoerce' vulnerability as part of the June 2022 updates that enabled attackers to target Windows servers in NTLM relay attacks. This NTLM relay attack method can be used by threat actors to force unpatched servers to authenticate against servers under the attacker's control, leading to a takeover of the Windows domain.

How would you describe the biggest security threat to your organization? Perhaps you envision a faceless cybercrime syndicate or hostile state. As SANS Institute senior instructor Lance Spitzner explains in this analysis of Verizon's latest Data Breach Incident Report, your biggest security threat is actually the humans you work with day in, day out.

You don't want that, but how do you prevent such a reality? One way is to enable two-factor authentication on the server. How do you set up SSH 2FA on your Ubuntu Server? Let me show you.

The malware pretends to be a free Bitcoin mining application, which advertises and can be downloaded via a Youtube video. In an additional attempt to appear more legitimate, the threat actor adds a link to VirusTotal which shows antivirus results for a clean file that is not the malware.

Malware used in a crippling cyberattacks against an Iranian steel plants last week is connected to an attack that shut down the country's rail system last year. The overlaps in the code, combined with contextual clues and even recycled jokes, indicate that the same threat actor, dubbed Indra, is behind the attacks impacting Iran's infrastructure.

The guide categorizes the protection requirements of various satellite missions from "Normal" to "Very High" with the goal of covering as many missions as possible. "High" is high-consequence damage that "Can significantly limit the operation of the satellite system." As for "Very High," the attack could result in shutdown and "Reach an existentially threatening, catastrophic extent for the operator or the manufacturer."

While people were celebrating the Fourth of July holiday in the United States, Google quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability, the fourth such flaw the vendor has had to patch in its browser product so far this year. Chrome 103 for Android and Version 103.0.5060.114 for Windows and Mac, outlined in separate blog posts published Monday, fix a heap buffer overflow flaw in WebRTC, the engine that gives the browser its real-time communications capability.