Security News > 2023 > April

VMware has fixed two vulnerabilities in VMware Aria Operations for Logs, a widely used cloud solution for log analysis and management. CVE-2023-20864, a deserialization vulnerability, could be exploited by an unauthorized, malicious actor who has network access to VMware Aria Operations for Logs.

As currently drafted, the Bill could break end-to-end encryption,opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves, which would fundamentally undermine everyone's ability to communicate securely. The Bill provides no explicit protection for encryption, and if implemented as written, could empower OFCOM to try to force the proactive scanning of private messages on end-to-end encrypted communication services - nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users.

"Looking at it today, one of the biggest changes is that we understand that product security is a practice with its own people, its own budgets, and so on. These teams are usually made of those who view themselves as peers to IT security teams within the organization." "So I think a lesson that we learned is that we need to build a product that will cover the product security aspects that are common across industries with the right processes, the right reports, the right dashboards, and the right workflows. That will be the same pretty much across all verticals. On the other hand, we also understand that each customer is a project unto itself. You need to understand each customer's proprietary bill of materials because every customer has different ones. You need to understand the architecture of specific devices and how to recognize specific stages in their lifecycle."

Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack.Black Basta ransomware and extortion gang claims responsibility for the attack and has posted sensitive documents and data over the weekend.

A new "All-in-one" stealer malware named EvilExtractor is being marketed for sale for other threat actors to steal data and files from Windows systems. The network security company said it has observed a surge in attacks spreading the malware in the wild in March 2023, with a majority of the victims located in Europe and the U.S. While marketed as an educational tool, EvilExtractor has been adopted by threat actors for use as an information stealer.

Print management software provider PaperCut said that it has "Evidence to suggest that unpatched servers are being exploited in the wild," citing two vulnerability reports from cybersecurity company Trend Micro. "PaperCut has conducted analysis on all customer reports, and the earliest signature of suspicious activity on a customer server potentially linked to this vulnerability is 14th April 01:29 AEST / 13th April 15:29 UTC," it further added.

Although interest in passwordless technology, which aims to eliminate the need for passwords, is relatively low, 65% of consumers are receptive to using new technology that simplifies their lives, according to 1Password. Passkeys, the newest and most secure passwordless technology, are poised to do just that, transforming our online lives by making logging in simpler to navigate and far more secure.

In the complex and fast-moving world of cybersecurity-meets-regulations, working with third parties requires diligent third-party risk management oversight to monitor data management and processes. Improving InfoSec risk management can provide insights into how data is handled, the security safeguards in place to protect that data, potential security weaknesses, and better adherence to the multitude of data, security, and privacy regulations.

Due to the increasing importance of multi-cloud and the intricate nature of cloud infrastructure, obtaining a comprehensive understanding of the various cloud workloads operating within your system, and ensuring their security, can be challenging. In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix discusses how in today's complex multi-cloud landscape, the role of CISOs is more crucial than ever.

Across all industries, these vulnerabilities, composed of unprotected or compromised assets, data and credentials, have proven to be an increasing challenge for organizations to detect and secure. Almost 1 in 10 of all detected internet-facing assets had an associated unpatched vulnerability.