Security News

Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be weaponized to achieve remote code execution. The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass and impact Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035.

Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based buffer overflow weaknesses. A third Windows-specific flaw impacting the Git GUI tool caused by an untrusted search path weakness enables unauthenticated threat actors to run untrusted code low-complexity attacks.

As opening paragraphs go, this one is pretty straightforward, and contains uncomplicated if potentially time-consuming advice: someone other than you probably knows your Norton account password; they may have been able to peek into your password manager as well; please change all passwords as soon as you can. In LastPass's case the stolen passwords weren't of direct and immediate use to the attackers, because each user's password vault was protected by a master password, which wasn't stored by LastPass and therefore wasn't stolen at the same time.

"The increase in data breach incidents across North America is troubling and must be prioritized as employees continue to return in-person to their corporate offices," said Kuljit Chahal, Practice Lead, Data Security at Adastra North America. Awareness of data security best practices among employees is essential-according to the 2022 Verizon Data Breach Investigations Report, 82% of data breaches are caused by human error and companies of all sizes are at risk.

DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month. The CI/CD service CircleCI said the "Sophisticated attack" took place on December 16, 2022, and that the malware went undetected by its antivirus software.

Starting now, for just $1, you can get comprehensive agentless and runtime cloud security coverage for all of 2023, covering up to 1,000 eligible assets. Steve Shedlock, Incident Response Team Lead at SEIC, says, "I would not want to do security anywhere without the level of visibility that Uptycs provides."

What will the security landscape in 2023 look like? Here's my take. 2023 will also be the year organizations take a good, hard look in the mirror to understand all the assets in their physical and digital environments and ensure holistic security.

Their report found that flaw build-up over time is such that 32% of applications are found to have flaws at the first scan and by the time they have been in production for five years, 70% contain at least one security flaw. After the initial scan, apps quickly enter a 'honeymoon period' of stability, and 80% do not take on any new flaws at all for the first 1.5 years.

Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data. "The issue arose from the way the browser interacted with symlinks when processing files and directories," Imperva researcher Ron Masas said.

A financially motivated threat actor tracked as Scattered Spider was observed attempting to deploy Intel Ethernet diagnostics drivers in a BYOVD attack to evade detection from EDR security products. The BYOVD technique involves threat actors using a kernel-mode driver known to be vulnerable to exploits as part of their attacks to gain higher privileges in Windows.