Security News > 2024 > January

Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the...

We examine the benefits of adopting a proactive cybersecurity approach, particularly in terms of cost efficiency and crisis management, and explore the impact of offensive security testing on compliance and zero-day response. A zero trust approach to cybersecurity has become the go-to model for many organizations because it embraces a framework that layers nicely across every possible threat vector.

Making developers accept the importance of security in their software development process comes with numerous challenges. Finally, there's the people-related challenges: developers may have difficulties with the imminent changes that DevSecOps bring to the development process, and may lack security skills required to carry out certain security practices in DevSecOps.

Ransomware attacks are increasing again as cybercriminals' motivation shifts to data exfiltration, according to Delinea. The familiar tactics of crippling a company and holding it hostage have been replaced by new strategies that use stealth to exfiltrate private and sensitive data.

"Catering for different use cases, adding flexibility and achieving cost savings are the driving factors behind the escalating pace of change toward a multi-platform database landscape," said David Gummer, Redgate CPO. "However, the sheer volume of platform choices, with respondents citing usage of 16 different database types, highlights why it's critical that IT teams are upskilled and have the right tools in place. It's clear that organizations are currently scrambling to keep up with increased complexity, the pressures of compliance and emerging technologies like AI and the cloud, and are seeking solutions to narrow the skills gap," added Gummer. Skill diversification is also cited as a top need by 31% when dealing with data management processes across multiple database types.

Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation vulnerability in the GNU C Library. The bug is due to a heap-based buffer overflow weakness accidentally introduced in glibc 2.37 in August 2022 and later backported to glibc 2.36 when addressing a less severe vulnerability tracked as CVE-2022-39046.

CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The online version has a file size limit of 10MB, so if you're looking to decrypt larger files or virtual machines, the GitHub version is the only way to go.

The U.S. Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in a November 2022 credential stuffing attack. One month later, DraftKings said it had refunded hundreds of thousands of dollars stolen from 67,995 customers whose accounts were hijacked in the incident.

GCHQ has released new images of the WWII Colossus code-breaking computer, celebrating the machine’s eightieth anniversary (birthday?). News article.

Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was allegedly identified by tracing what has been believed to be untraceable Monero transactions. Finnish investigators from the National Bureau of Investigation, with the help of Binance, followed the trail of payments to Kivimäki, who exchanged the funds for Monero and then exchanged them back to Bitcoin.