Security News

ConnectWise has released security updates to address a critical vulnerability in the ConnectWise Recover and R1Soft Server Backup Manager secure backup solutions.Affected software versions include ConnectWise Recover or earlier and R1Soft SBM v6.16.3 or earlier.

ConnectWise has released security updates to address a critical vulnerability in the ConnectWise Recover and R1Soft Server Backup Manager secure backup solutions. Affected software versions include ConnectWise Recover or earlier and R1Soft SBM v6.16.3 or earlier.

A new publication from Symantec, a Broadcom software company, reveals details about a new method used by the Cranefly threat actor to communicate with its malware in ongoing attack campaigns. The malware uses PyInstaller, which is a known tool to compile Python code into an executable file.

Google has released an emergency security update for the Chrome desktop web browser to address a single vulnerability known to be exploited in attacks. The high-severity flaw is a type confusion bug in the Chrome V8 Javascript engine discovered and reported to Google by analysts at Avast.

For organizations to thrive in this era of technology, they must develop robust security strategies to detect and mitigate attacks. Defense in depth is a strategy in which companies use multiple layers of security measures to safeguard assets.

Microsoft says a threat group tracked as DEV-0950 used Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm. "Beginning on September 19, 2022, Microsoft identified Raspberry Robin worm infections deploying IcedID and-later at other victims-Bumblebee and TrueBot payloads," Microsoft Security Threat Intelligence analysts said.

Australian Clinical Labs has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. While the firm says it's not aware of any misuse of the stolen information, it is notifying all impacted clients individually of what data was exposed in the attack.

Cisco says miscreants are exploiting two vulnerabilities in its AnyConnect Secure Mobility Client for Windows, which is supposed to ensure safe VPN access for remote workers. One of the pair of flaws, tracked as CVE-2020-3433, is a privilege-escalation issue: an authenticated, local user can exploit AnyConnect to execute code with SYSTEM-level privileges.

A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors. "Shifting ransomware payloads over time from BlackCat, Quantum Locker, and Zeppelin, DEV-0832's latest payload is a Zeppelin variant that includes Vice Society-specific file extensions, such as.v-s0ciety,.v-society, and, most recently,.locked," the tech giant's cybersecurity division said.

Cisco warned customers today that two security vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows are being exploited in the wild. [...]