Security News

Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI. The vulnerability was reported by security researchers with Palo Alto's Prisma Cloud. "Customers using the affected CLI commands must update their Azure CLI version to 2.53.1 or above to be protected against the risks of this vulnerability. This also applies to customers with log files created by using these commands through Azure DevOps and/or GitHub Actions."

A new backdoor was this week found implanted in the environments of organizations to exploit the recently disclosed critical vulnerability in Atlassian Confluence. The backdoor provides attackers remote access to a victim, both its Confluence server and other network resources, and is found to persist even after Confluence patches are applied.

The latest warning to CNI operators of what the NCSC said is an enduring and significant threat comes after a year of serious assaults on critical services in the UK. Royal Mail International was the target of a serious attack by the LockBit group in January, and this was after a raid on software supplier Advanced forced the NHS to revert to pen and paper once again. The UK and its intelligence partners have also sought to bring attention to the cyber threat faced by allied CNI over the past year, including alerts covering Russia's cyber-espionage-enabling Snake malware and China's attacks on US organizations.

Danish critical infrastructure faced the biggest online attack in the country's history in May, according to SektorCERT, Denmark's specialist organization for the cybersecurity of critical kit. Zyxel firewalls are used extensively by the organizations protected by SektorCERT and the vulnerabilities in these, announced in April, which allow remote attackers to gain complete control of the firewall without authentication, were blamed for most of the attacks.

Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. Fixes for the issues are available in the below versions -.

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical."A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database," an advisory published today says about the bug tracked as CVE-2023-38547.

Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware. Described by Atlassian as an improper authorization vulnerability and tracked as CVE-2023-22518, this bug received a 9.1/10 severity rating, and it affects all versions of Confluence Data Center and Confluence Server software.

QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8),...

QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system and applications on its network-attached storage devices. It is a command injection vulnerability that a remote attacker can exploit to execute commands via a network.

From Windows 9x to 11: Tracing Microsoft's security evolutionIn this Help Net Security interview, we feature security researcher Alex Ionescu, the co-author of Windows Internals, one of the founding employees of CrowdStrike, now running his consulting company, Winsider Seminars & Solutions, where he continues to do security research focusing on platform security. How human behavior research informs security strategiesIn this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human behavior in cybersecurity.