Security News
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084, the vulnerability concerns an OGNL injection flaw that could be exploited to achieve arbitrary code execution on a Confluence Server or Data Center instance.
Companies are spending more than ever on cybersecurity but, despite a plethora of new security systems, they continue to be vulnerable to attacks, which are not only becoming more numerous but are also taking a greater financial and business toll on organizations. To truly protect themselves, organizations need to get past the belief that the more money they spend, and the more security systems they implement, the better protected they will be.
Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream public repositories, and a fascinating dichotomy pertaining to the level of known vulnerabilities present in popular and non-popular project versions. Open source supply, demand, and security dynamics Supply increased 20%. The top four open source ecosystems now contain a combined 37,451,682 different versions of components.
Millions of devices running the HP Omen Gaming Hub were using on a driver with a bug that could give attackers kernel-mode access without administrator privileges. HP has since released a patch, but a new report on the flaw from researchers from SentinelLabs details how the gaming software was built in part by copying code from a problematic open-source driver called WinRing0.
For CISOs, juggling the vast scale of a tech stack and the attackers using increasingly sophisticated techniques calls for a new approach to security to keep systems, data, and devices safe. We get alerts from our development platforms, the Continuous Integration system, the security monitoring tools, even our watches.
A just-patched, critical remote code-execution vulnerability in the Atlassian Confluence server platform is suffering wide-scale exploitation, the Feds have warned - as evidenced by an attack on the popular Jenkins open-source automation engine. Atlassian Confluence is a collaboration platform where business teams can organize its work in one place: "Dynamic pages give your team a place to create, capture, and collaborate on any project or idea," according to the website.
With COVID-19 variants on the rise, widespread remote work may be sticking around longer than IT leaders would like, which comes with a heightened risk for cyberattacks that could expose customer data, steal company information, or take control of internal operations. Three out of four "Common" data security breaches are caused by privilege misuse - when employees have unrestricted access to a system even when it's not needed to do their job.
On Tuesday, the FBI and CISA released an advisory, warning organizations to "Remain vigilant" to cybersecurity threats heading toward the holiday weekend. The federal advisory makes note of "Recent holiday targeting," stating that "Cyber actors have conducted increasingly impactful attacks against U.S. entities on or around holiday weekends." Neither FBI nor CISA has information about a cyberattack "Coinciding with upcoming holidays and weekends," per the advisory, but the document says cybercriminals may see holidays and weekends as "As attractive timeframes" to "Target potential victims."
Hackers can easily access devices through mobile apps. Mobile app security threats have arisen over the years.
The Boston Public Library has disclosed today that its network was hit by a cyberattack on Wednesday, leading to a system-wide technical outage. It is the third-largest public library in the United States behind the federal Library of Congress and the New York Public Library, based on the total number of items it holds.