Security News

Microsoft announced on Wednesday it would provide all customers free access to cloud security logs - a service usually reserved for premium clients - within weeks of a reveal that government officials' cloud-based emails were targets of an alleged China-based hack. Microsoft wrote on its blog it was expanding the service's access beginning in September 2023 to "Increase the secure-by-default baseline" of its cloud platforms "In response to the increasing frequency and evolution of nation-state cyber threats."

U.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats. "The threat landscape in 5G is dynamic; due to this, advanced monitoring, auditing, and other analytical capabilities are required to meet certain levels of network slicing service level requirements over time," the U.S. Cybersecurity and Infrastructure Security Agency and the National Security Agency said.

CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks.Under the binding operational directive issued in November 2021, U.S. Federal Civilian Executive Branch Agencies are now required to secure Windows devices on their networks against attacks exploiting CVE-2023-36884.

The U.S. Cybersecurity and Infrastructure Security Agency has shared a factsheet providing details on free tools and guidance for securing digital assets after switching to the cloud from on-premises environments. The highlighted tools complement the built-in tools provided by cloud service providers and help reinforce the resilience of network infrastructures, strengthen security measures, promptly identify malicious compromises, meticulously map potential threat vectors, and effectively pinpoint malicious activity in the aftermath of a breach.

CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month's Android security updates. With this month's security updates for the Android operating system, Google patched two more security flaws tagged as being exploited in attacks.

CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada. The bug impacts the Netwrix Auditor server and the agents installed on monitored network systems and enables unauthorized attackers to execute malicious code with the SYSTEM user's privileges.

The U.S. Cybersecurity and Infrastructure Security Agency has placed a set of eight flaws to the Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices.

The U.S. Cybersecurity and Infrastructure Security Agency warned today of ongoing distributed denial-of-service attacks after U.S. organizations across multiple industry sectors were hit. "CISA is aware of open-source reporting of targeted denial-of-service and distributed denial-of-service attacks against multiple organizations in multiple sectors," the cybersecurity agency said.

Censys researchers have discovered hundreds of Internet-exposed devices on the networks of U.S. federal agencies that have to be secured according to a recently issued CISA Binding Operational Directive. All Internet-exposed management interfaces found by Censys on the networks of U.S. federal agencies have to be secured according to CISA's Binding Operational Directive 23-02 within 14 days after being identified.

Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. The attacks started in 2019 and are still ongoing, according to the company, and they use iMessage zero-click exploits that exploit the now-patched iOS zero-day bugs.