Security News > 2023 > November
Please turn on your JavaScript for this page to function normally. Active Directory is a prime target for threat actors, and companies must act now to eliminate it as a threat vector permanently.
18 months in the slammer no laughing matter, but the rest... maybe A 34-year-old woman has been jailed for 18 months after trying to use Rentahitman.com – no, really – to pay a contract killer to...
"Specifically, we found mobile device management issues that put ICE mobile devices - and potentially other mobile devices demonstrating similar issues - and sensitive data at greater risk of potential espionage, leaks, and attacks from viruses," wrote Inspector General Joseph Cuffari in a redacted report [PDF]. While we don't know which of these naughty-list apps auditors found on ICE employees phones, it's probably safe to assume one of the offenders was TikTok - banned from US federal government staff and contractors' devices because of espionage concerns, due to the influence the Chinese government can exert over Beijing-based parent ByteDance.
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical."A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database," an advisory published today says about the bug tracked as CVE-2023-38547.
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. In a report from cloud security company Aqua Nautilus, researchers describe a Kinsing malware attack where the threat actor exploited CVE-2023-4911 to elevate permissions on a compromised machine.
Microsoft will roll out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365,...
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware. Described by Atlassian as an improper authorization vulnerability and tracked as CVE-2023-22518, this bug received a 9.1/10 severity rating, and it affects all versions of Confluence Data Center and Confluence Server software.
An updated version of an information stealer malware known as Jupyter has resurfaced with "simple yet impactful changes" that aim to stealthily establish a persistent foothold on compromised...
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals,...
QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8),...