Security News

CISA issues advisory on top-10 attack vectors, finds hackers exploiting poor cyber practices. Cybersecurity and Infrastructure Security Agency has released a news advisory stating that cyber criminals have been taking advantage of users' "Poor security configurations, weak controls and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim's system." Additionally, the agency as part of the statement reviews the 10 most prevalent ways hackers breach networks and the methods companies can use to help mitigate the risk faced by potential attacks.

Cybersecurity Advisory warns of Russian-backed cyber threats to infrastructure. The cybersecurity authorities of the U.S., Australia, Canada, New Zealand, and the U.K. released a joint Cybersecurity Advisory on April 20, warning organizations based in these countries that Russia's invasion of Ukraine could expose them to increased rates of malicious cyber activity.

Security researchers have created exploit code for CVE-2022-24086, the critical vulnerability affecting Adobe Commerce and Magento Open Source that Adobe that patched in an out-of-band update last Sunday. The vulnerability, which Adobe saw being "Exploited in the wild in very limited attacks," received a severity score of 9.8 out of 10 and adversaries exploiting it can achieve remote code execution on affected systems without the need to authenticate.

Cybersecurity authorities from Australia, the U.K., and the U.S. have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021. "Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors' growing technological sophistication and an increased ransomware threat to organizations globally," the agencies said in the joint bulletin.

Ransomware attacks are proliferating as criminals turn to gangs providing turnkey post-compromise services, Britain's National Cyber Security Centre has warned. The warning comes hot on the heels of several high-profile attacks against oil distribution companies and also businesses that operate ports in the West - though today's note insists there was a move by criminals away from "Big game hunting" against US targets.

While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. Patterns observed include irregular domain names, domain resolving to an untrusted web app, SSL not enabled.

Cybersecurity agencies from Australia, Canada, New Zealand, the U.S., and the U.K. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries. "Sophisticated cyber threat actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. These vulnerabilities are likely to be exploited over an extended period."

Microsoft has published an advisory regarding a security feature bypass vulnerability impacting Surface Pro 3 tablets which could allow threat actors to introduce malicious devices within enterprise environments. Device Health Attestation is a cloud and on-premises service that validates TPM and PCR logs for endpoints and informs Mobile Device Management solutions if Secure Boot, BitLocker, and Early Launch Antimalware are enabled, Trusted Boot is correctly signed, and more.

The addition of Reveal(x) Advisor services to the Reveal(x) 360 network detection and response tools helps organizations proactively manage cybersecurity hygiene and accelerate incident response. ExtraHop announced Tuesday expanded Reveal(x) Advisor services to include threat detection and threat hunting services as well as network assurance analysis.

Privacy-centric communications specialist Proton, best known for its ProtonMail encrypted email platform, has announced the appointment of web daddy Sir Tim Berners-Lee to its advisory board. "I'm delighted to join Proton's advisory board and support Proton on their journey," Sir Tim said of the appointment.