Security News

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
2024-03-27 11:02

Attackers are leveraging a vulnerability in Anyscale's Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells."We observed hundreds of compromised clusters in the past three weeks alone. Each cluster uses a public IP address, and most clusters contain hundreds to thousands of servers. There are hundreds of servers that are still vulnerable and exposed."

Attribute-based encryption could spell the end of data compromise
2024-01-18 06:00

The future of data privacy is the end of compromise. With the world producing data at astounding rates, we need ways to put data to the best use while protecting against breaches and ensuring privacy, data protection and access control.

Passive SSH server private key compromise is real ... for some vulnerable gear
2023-11-14 02:38

OpenSSL, LibreSSL, OpenSSH users, don't worry – you can sit this one out An academic study has shown how it's possible for someone to snoop on certain devices' SSH connections and, with a bit of...

The 3 key stages of ransomware attacks and useful indicators of compromise
2023-11-08 06:00

For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary ransomware attack stages. Instead, there are often many different indicators of compromise at different stages of the attack that seem benign when looked at individually.

New Critical Zero-Day Vulnerability Affects Web UI of Cisco IOS XE Software & Allows Attackers to Compromise Routers
2023-10-18 09:00

Cisco Talos discovered a new critical zero-day vulnerability in the Web User Interface feature of Cisco IOS XE software that's currently being used in the wild. The vulnerability used to access the system and create those accounts is CVE-2023-20198; it received the highest Common Vulnerability Scoring System score of 10.

Cybercriminals can go from click to compromise in less than a day
2023-10-10 03:00

"The driver for the reduction in median dwell time is likely due to the cybercriminals' desire for a lower chance of detection. The cybersecurity industry has become much more adept at detecting activity that is a precursor to ransomware. As a result, threat actors are focusing on simpler and quicker to implement operations, rather than big, multi-site enterprise-wide encryption events that are significantly more complex. But the risk from those attacks is still high," said Don Smith, VP Threat Intelligence, Secureworks Counter Threat Unit. "While we still see familiar names as the most active threat actors, the emergence of several new and very active threat groups is fuelling a significant rise in victim and data leaks. Despite high-profile takedowns and sanctions, cybercriminals are masters of adaptation, and so the threat continues to gather pace," Smith continued.

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
2023-09-22 10:05

Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities exploited "Against versions of iOS before iOS 16.7.". Earlier this month, Apple closed two zero-day vulnerabilities that have been chained together by attackers to deliver NSO Group's Pegasus spyware.

Mobile Verification Toolkit: Forensic analysis of Android and iOS devices to identify compromise
2023-09-14 03:30

Mobile Verification Toolkit is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. MVT supports using public indicators of compromise to scan mobile devices for potential traces of targeting or infection by known spyware campaigns.

From unsuspecting click to data compromise
2023-09-06 03:00

Phishing attacks typically take the form of seemingly legitimate communication, often via email, but can also occur through text messages, phone calls, or social media messages. In this Help Net Security round-up, we bring insights from cybersecurity experts who share their knowledge about phishing attacks and the evolving strategies employed by cybercriminals to deceive and compromise unsuspecting victims.

Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
2023-09-04 14:13

An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance.