Security News

How to do that efficiently and effectively is no small task - but with a small investment of time, you can master threat hunting and save your organization millions of dollars. This article offers a detailed explanation of threat hunting - what it is, how to do it thoroughly and effectively, and how cyber threat intelligence can bolster your threat-hunting efforts.

Automattic, the company behind the open-source WordPress content management system, has started force installing a security patch on millions of websites today to address a critical vulnerability in the Jetpack WordPress plug-in. According to the official WordPress plug-in repository, the plug-in is maintained by Automattic, and it now has over 5 million active installations.

Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative said in a report published last week. The list of four flaws, which impact Sonos One Speaker 70.3-35220, is below -.

A critical security vulnerability has been disclosed in the Open Authorization implementation of the application development framework Expo.io. API security firm Salt Labs said the issue rendered services using the framework susceptible to credential leakage, which could then be used to hijack accounts and siphon sensitive data.

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws - CVE-2023-33009 and CVE-2023-33010 - are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system.

Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. CVE-2023-33009: A buffer overflow vulnerability in the notification function in some Zyxel products, allowing an unauthenticated attacker to perform remote code execution or impose DoS conditions.

A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without being detected, Microsoft and the "Five Eyes" nations said on Wednesday. The tech giant's threat intelligence team is tracking the activity, which includes post-compromise credential access and network system discovery, under the name Volt Typhoon.

Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at least mid-2021. "Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the Microsoft Threat Intelligence team said.

Cisco rolled out patches for four critical security vulnerabilities in several of its network switches for small businesses that can be exploited to remotely hijack the equipment. The networking giant this week said in an advisory that organizations with service contracts that include regular software updates should get fixes for the security holes through their usual update channels.

Nine vulnerabilities - 4 of them critical - have been found in a variety of Cisco Small Business Series Switches. The remaining five vulnerabilities are high-risk, and allow attackers either to trigger denial of service or read unauthorized information on an affected device.