Security News > 2022 > August

This is the first—of many, I assume—hack of Starlink. Leveraging a string of vulnerabilities, attackers can access the Starlink system and run custom code on the devices.

Cisco Systems revealed details of a May hack by the Yanluowang ransomware group that leveraged a compromised employee's Google account. "During the investigation, it was determined that a Cisco employee's credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim's browser were being synchronized," wrote Cisco Talos in a lengthy breakdown of the attack.

Statistics collected by cyber-intelligence firm KELA during this year's second quarter show that marketplaces selling initial access to corporate networks have taken a blow. The average price for network access in the recent quarter was only $1,500, whereas, in Q1 '22, access to networks was sold at an average of $3,000, dropping the price by half.

Protecting sensitive data and mission critical applications spread across multiple on- and off-prem cloud environments and different service providers is a tough gig for busy security professionals. The SANS 2022 Cloud Security Exchange on Thursday 25th August aims to do just that, providing an online forum for cloud providers, end user organisations and consultants to put their heads together and build better defenses for their cloud workloads.

Password security is only as strong as the password itself. Let's look at the Zola breach and why it emphasizes the need for organizations to bolster their password security and protect against various types of password attacks.

Cybersecurity researchers have disclosed multiple severe security vulnerabilities asset management platform Device42 that, if successfully exploited, could enable a malicious actor to seize control of affected systems. Even more concerningly, an adversary with any level of access within the host network could daisy-chain three of the flaws to bypass authentication protections and achieve remote code execution with the highest privileges.

Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows. GitHub Actions is a continuous integration and continuous delivery solution that enables users to automate the software build, test, and deployment pipeline.

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wild. It's worth noting that the 121 security flaws are in addition to 25 shortcomings the tech giant addressed in its Chromium-based Edge browser late last month and the previous week.

A wave of cybercriminals spreading malware families - including QakBot, IceID, Emotet, and RedLine Stealer - are shifting to shortcut files for email malware delivery. Shortcuts are replacing Office macros - which are starting to be blocked by default in Office - as a way for attackers to get a foothold within networks by tricking users into infecting their PCs with malware.

In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal Security, Adaptive...