Security News > 2023 > April

Oxeye discovered a new vulnerability in the HashiCorp Vault Project, an identity-based secrets and encryption management system that controls access to API encryption keys, passwords, and certificates. The vulnerability was an SQL injection vulnerability that potentially could lead to a Remote Code Execution.

It's also suspected that the company abused a zero-click exploit dubbed ENDOFDAYS in iOS 14 to deploy spyware as a zero-day in version 14.4 and 14.4.2. While QuaDream is not directly involved in targeting, it is known to sell its "Exploitation services and malware" to government customers, the tech giant assessed with high confidence.

In this article, we unfold the reasons that have caused service accounts to become one of the most dangerous weaknesses in an Active Directory environment, explain how this weakness power fuels ransomware attacks, and finally, get to know how Silverfort's unified identity protection platform enables organizations to overcome what was until now an insolvable security challenge. High access privileges: Since service accounts are created for machine-to-machine communication, it goes without saying that they must possess the required privileges to access all these machines, meaning that they are an administrative user, no different than any IT admin.

Avoid using free charging stations in airports, hotels, or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices that access these ports.

3CX has released an interim report about Mandiant's findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting cryptocurrency companies. The attackers infected targeted 3CX systems with TAXHAUL malware, which decrypts and executes shellcode containee in a file with a name and location aimed to make it to blend into standard Windows installations.

The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. Instead, an unknown attacker used the account of a legitimate but inactive member of the forum admin team to access the MyBB admin console on two occasions: February 16 and 21, 2023.

Sysdig's 2023 Cloud-Native Security and Usage Report is based on just that: real-world, real-time data. It found that 87 percent of container images have high or critical vulnerabilities, and 90 percent of permissions are unused.

It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild. "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft said in an advisory, crediting researchers Boris Larin, Genwei Jiang, and Quan Jin for reporting the issue.

The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the company's progressive web application client. "Following our Security Incident we've decided to make an update focusing entirely on security," CEO Nick Galea wrote on Monday.

The CISO role is currently fraught with novel challenges and escalating workloads. This includes increased paperwork and time spent on risk assessments, which have surged from two to thirty hours per assessment.