Security News

Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers. DNS rebinding attacks are used to bypass a browser security measure called Same Origin Policy, which blocks a site from sending requests to websites other than its own origin.

The UK government has published guidance describing what technologies may be caught within the National Security and Investment Act 2021, which is set to give ministers the power to halt mergers and acquisitions. The guidance says that "If an entity you are acquiring performs a certain activity, it could put you in scope of the National Security and Investment Act and you may be legally required to tell the government about it. This guidance tells you what these activities are."

According to SentinelOne's SentinelLabs, the bug in question specifically resides in a message type that allows nodes to send cryptographic keys to each other. According to the researcher, that common header contains a "Header size" allocation, which is the actual header size shifted to the right by two bits; and a "Message size" allocation that is equal to the length of the entire TIPC message.

Vulnerabilities in the Brizy Page Builder plugin for WordPress sites could be chained together to allow attackers to completely take over a website, according to researchers. The two fresh bugs can both be chained with the re-introduced access control vulnerability to allow complete site takeover, researchers explained.

Some perpetrators hire cheap human labor, for staging larger scale account takeover attacks. Hacker intervention can occasionally circumvent standard authentication measures for blocking account takeover fraud.

SonicWall has patched a critical security flaw impacting several Secure Mobile Access 100 series products that can let unauthenticated attackers remotely gain admin access on targeted devices. The SMA 100 series appliances vulnerable to attacks targeting the improper access control vulnerability tracked as CVE-2021-20034 includes SMA 200, 210, 400, 410, and 500v. There are no temporary mitigations to remove the attack vector, and SonicWall strongly urges impacted customers to deploy security updates that address the flaw as soon as possible.

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances services that could have been exploited by a malicious actor "To access other customers' information" in what the researcher described as the "First cross-account container takeover in the public cloud." Azure Container Instances is a managed service that allows users to run Docker containers directly in a serverless cloud environment, without requiring the use of virtual machines, clusters, or orchestrators.

Coldwind verified the vulnerabilities on the Netgear GS110TPV3 Smart Managed Pro Switch using firmware version 7.0.6.3 and below. GS752TPP fixed in firmware version 6.0.8.2.

In part one of a two-part series, Akamai's director of security technology and strategy, Tony Lauro, lays out what orgs need to know to defend against account takeover attacks. With account takeover attacks on the rise, stopping threat actors in the early phases of the kill chain will help today's defenders gain an upper hand against direct fraud campaigns.

A critical security vulnerability in Microsoft's Azure cloud database platform - Cosmos DB - could have allowed full remote takeover of accounts, with admin rights to read, write and delete any information to a database instance. "Azure Cosmos DB built-in Jupyter Notebooks are directly integrated into the Azure portal and your Azure Cosmos DB accounts, making them convenient and easy to use," according to Microsoft's documentation.