Security News

Generative-AI apps & ChatGPT: Potential risks and mitigation strategies
2023-06-22 13:15

The rise of Generative-AI apps and GPT services exacerbates this issue, with employees of all departments rapidly adding the latest and greatest AI apps to their productivity arsenal, without the security team's knowledge. From engineering apps such as code review and optimization to marketing, design and sales apps such as content & video creation, image creation and email automation apps.

More MOVEit mitigations: new patches published for further protection
2023-06-09 21:54

Even if you're not a MOVEit customer, and even if you'd never heard of the MOVEit file sharing software before the end of last month. As you can imagine, because this security hole existed in the web front-end to the MOVEit software, and because MOVEit is all about uploading, sharing and downloading corporate files with ease, these criminals abused the bug to grab hold of trophy data to give themselves blackmail leverage over their victims.

Corporate boards pressure CISOs to step up risk mitigation efforts
2023-04-26 03:00

The top challenges when implementing an effective cyber/IT risk management program include an increase in the quantity and severity of cyber threats, a lack of funding and a lack of staffing/cyber risk talent. Given the financial and reputational consequences of cyberattacks, corporate board rooms are putting pressure on CISOs to identify and mitigate cyber/IT risk.

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations
2022-12-21 07:41

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution through Outlook Web Access. "The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint," CrowdStrike researchers Brian Pitchford, Erik Iker, and Nicolas Zilio said in a technical write-up published Tuesday.

Sneaky hackers reverse defense mitigations when detected
2022-12-05 20:08

A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. The attacks have been attributed with low confidence to hackers tracked as 'Scattered Spider,' who demonstrate persistence in maintaining access, reversing mitigations, evading detection, and pivoting to other valid targets if thwarted.

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
2022-10-08 05:13

Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from ".

Microsoft updates mitigation for ProxyNotShell Exchange zero days
2022-10-05 12:58

Microsoft has updated the mitigations for the latest Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, also referred to ProxyNotShell.Reported privately to Microsoft three weeks ago, CVE-2022-41040 is a server-side request forgery that enables privilege escalation and works with CVE-2022-41082 to trigger remote code execution on on-premise Exchange server deployments.

Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
2022-10-05 05:31

Microsoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was found that they could be trivially bypassed. The two vulnerabilities, tracked as CVE-2022-41040 and CVE-2022-41082, have been codenamed ProxyNotShell due to similarities to another set of flaws called ProxyShell, which the tech giant resolved last year.

Microsoft Exchange server zero-day mitigation can be bypassed
2022-10-03 14:21

Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough. Threat actors are already chaining both of these zero-day bugs in active attacks to breach Microsoft Exchange servers and achieve remote code execution.

Duo Helps Organizations with ACSC Mitigation Strategies
2022-09-01 00:00

Cyberattacks in Australia continue to rise year after year. Over the 2020-21 financial year, Australia saw a 13% increase in reported cybercrime.