Security News

Attackers can create components with names that resemble those of legitimate open-source or system components. Relying on an immature component or project can pose significant operational risks.

Webinar Trying to keep on top of all the hype and complexity in cybersecurity can be more than an just an uphill struggle and more like a veritable mountain to climb every morning. So IT staff can be forgiven for wanting to change their security setups over and over again.

Microsoft has released out-of-band security updates for 'Memory Mapped I/O Stale Data' information disclosure vulnerabilities in Intel CPUs.The Mapped I/O side-channel vulnerabilities were initially disclosed by Intel on June 14th, 2022, warning that the flaws could allow processes running in a virtual machine to access data from another virtual machine.

DOUG. Scambaiting, rogue 2FA apps, and we haven't heard the last of LastPass. Alright, let's stay on the subject of 2FA. We are seeing a spike in rogue 2FA apps in both app stores.

The report also details the top browser security threats of 2022, which include phishing attacks via high reputation domains, malware distribution via file sharing systems, data leakage exploiting personal browser profiles, outdated browsers, compromised passwords, vulnerable unmanaged devices, high-risk extensions, shadow IT, and account takeovers with phishing credentials. In addition to the stats and analysis of the prominent threats, the report provides a retrospect of the main news stories that left a mark in the world of browser security in 2022.

ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. "Our investigation started with a few hits on what turned out to be the BlackLotus user-mode component - an HTTP downloader - in our telemetry late in 2022. After an initial assessment, code patterns found in the samples brought us to the discovery of six BlackLotus installers. This allowed us to explore the whole execution chain and to realize that what we were dealing with here is not just regular malware," says Martin Smolár, the ESET researcher who led the investigation into the bootkit.

Interview It's a tough economy to ask for a bigger security team or larger budget to buy technology to protect against cyberattacks. Organizations moving to the cloud and shifting to a decentralized IT environment requires security teams adapt and change these processes.

Cybercriminals are disguising the PlugX remote access trojan as a legitimate open-source Windows debugging tool to evade detection and compromise systems. In a recent case detailed by Trend Micro, miscreants used a PlugX variant to hijack the popular x64dbg debugging tool to go undetected.

Developers care about the quality and security of their code, and when empowered to help, developers make great security advocates who can help harden your supply chain security while reducing the burden on DevOps and security teams. Introducing security tools that allow developers to own code security within their existing development process can increase early risk identification and simplify the process of mitigating risks, slowing the growth of vulnerability backlogs.

What's more dangerous than Chinese spy balloons? Unsafe software and other technology products, according to America's Cybersecurity and Infrastructure Agency Director Jen Easterly. "Government can work to advance legislation to prevent technology manufacturers from disclaiming liability by contract, establishing higher standards of care for software in specific critical infrastructure entities, and driving the development of a safe harbor framework to shield from liability companies that securely develop and maintain their software products and services," Easterly said.