Security News

The security community is so focused on attacks relying on software that it often forgets that physical attacks are possible. Physical attacks are also often seen as an attacker having the capability to physically access the targeted computer and then use some hardware to compromise the computer.

Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products. The issue, tracked as CVE-2022-0028, is an URL filtering policy misconfiguration that could allow an unauthenticated, remote attacker to carry out amplified TCP denial-of-service attacks.

Intel has disclosed how it may be able to protect systems against some physical threats by repurposing circuitry originally designed to counter variations in voltage and timing that may occur as silicon circuits age. According to Intel, adding the TRC brings fault injection detection technology to the Converged Security and Management Engine, a part of the Platform Controller Hub chipset in Alder Lake.

Avast released a report revealing a significant increase in global ransomware attacks, up 24% from Q1/2022. After months of decline, global ransomware attacks increased significantly in Q2/2022, up 24% from the previous quarter.

Three different offshoots of the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks. "Three autonomous threat groups have since adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology," cybersecurity firm AdvIntel said in a Wednesday report.

Threat actors associated with the Cuba ransomware have been linked to previously undocumented tactics, techniques and procedures, including a new remote access trojan called ROMCOM RAT on compromised systems. In the intervening months, the ransomware operation has received an upgrade with an aim to "Optimize its execution, minimize unintended system behavior, and provide technical support to the ransomware victims if they choose to negotiate," per Trend Micro.

How credential phishing attacks threaten a host of industries and organizations. A report released Thursday by email security provider Abnormal Security looks at the latest wave of credential phishing attacks and offers advice on how to stop them.

The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation warned US organizations today that attackers deploying Zeppelin ransomware might encrypt their files multiple times. The two federal agencies also shared tactics, techniques, and procedures and indicators of compromise to help security professionals detect and block attacks using this ransomware strain.

Managed service provider Advanced confirmed that a ransomware attack on its systems disrupted emergency services from the United Kingdom's National Health Service. Customers of seven solutions from the British MSP have been impacted either directly or indirectly, the company said.

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wild. It's worth noting that the 121 security flaws are in addition to 25 shortcomings the tech giant addressed in its Chromium-based Edge browser late last month and the previous week.