Security News > 2023 > November

Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications - Kubernetes clusters, Docker API, Redis, Jenkins and Openfire servers, cloud-hosted Apache NiFi instances, and so on - to deploy cryptominers.

The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE described the campaign as multi-platform, with the attacks also designed to infiltrate Linux systems with a compatible version of Ares RAT. SideCopy, active since at least 2019, is known for its attacks on Indian and Afghanistan entities.

Cloud computing company VMware rolled out new cloud, AI, edge and data services at VMware Explore Barcelona 2023 on November 7. "We truly believe private AI will become the default architecture for enabling generative AI in the enterprise," said Chris Wolf, vice president of VMware AI Labs, in a pre-briefing for the media on November 2.

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber ransomware. Both vulnerabilities are critical, allowing threat actors to create unauthorized Confluence administrator accounts and lead to data loss.

Cyber threat maps are one of the most visually engaging tools in the arsenal of cybersecurity professionals. These real-time visualizations provide a global perspective on digital threats, showcasing the intensity and frequency of attacks as they happen.

Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Reporting on the vulnerabilities of all the images in a cluster: This provides a comprehensive view of the security posture of all the images in a cluster and helps organizations prioritize remediation efforts.

Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. Fixes for the issues are available in the below versions -.

Consumers are concerned about their privacy with AI. Cisco discovered that 60% had lost trust in organizations due to their AI use. In this Help Net Security video, Robert Waitman, Director of Cisco's Privacy Center of Excellence, discusses consumers' perceptions and behaviors on data privacy.

Security organizations have responded to the recent rise in ransomware attacks by implementing zero trust and microsegmentation strategies. Respondents overwhelmingly agreed that microsegmentation is an effective tool to keep assets protected, but deployment was lower than expected, with only 30% of organizations segmenting across more than two business critical areas.

Examining more than 200 terabytes of network traffic - or the total sum of all packets, for all connections, between all pairs - up to 80% was found to have some defeatable flaw in its encryption and 61% of the traffic unencrypted. Persistent use of outdated cryptographic protocols raises concerns.