Security News

Cybersecurity expert discusses the many ways attackers could have gotten access to the Colonial Pipeline company and reminds us why the threat always looms. TechRepublic's Karen Roby spoke with Vyas Sekar, a professor in electrical and computer engineering at Carnegie Mellon University, about the Colonial Pipeline ransomware attack by the hacker group Darkside.

Microsoft's monthly security patch release for May 2021 includes cover for 55 documented vulnerabilities, some serious enough to expose Windows users to remote code execution attacks. Microsoft on Tuesday shipped another massive Patch Tuesday bundle with cover for at least 55 documented security vulnerabilities affecting products in the Windows ecosystem.

Siemens' May 2021 Patch Tuesday advisories address roughly 60 vulnerabilities introduced by the use of third-party components. The German industrial giant has released more than a dozen advisories to inform customers about tens of vulnerabilities affecting RUGGEDCOM, SCALANCE, SIMATIC, SINEMA, SINAMICS and other products.

Google this week announced yet another set of patches for Chrome, to address a total of 19 vulnerabilities affecting the web browser. In its advisory, Google made no mention of any of these vulnerabilities being exploited in live attacks.

Researchers at security biz Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain "a full remote unauthenticated code execution and gain root privileges on the Exim Server." Exim is a mail transfer agent, responsible for receiving and forwarding email messages.

A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerabilities, some of which can be chained together to achieve unauthenticated remote code execution on the Exim Server. They have all been fixed in Exim v4.94.2, and the software maintainers advise users to update their instances as soon as possible, as all versions of Exim previous to version 4.94.2 are now obsolete.

In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof of concepts for vulnerabilities and associated patches. While publishing PoC exploits for patched vulnerabilities is common practice, this one came with an increased risk of threat actors using them to attack the thousands of servers not yet protected.

The Android operating system updates released by Google for May 2021 patch a total of 42 vulnerabilities, including four considered critical severity. In addition to these critical bugs, five other vulnerabilities were addressed in Android System, all rated high severity.

Owners of Dell devices were informed on Tuesday that a firmware update driver present on a large number of systems is affected by a series of high-severity vulnerabilities. Dell says the vulnerabilities, caused by insufficient access control issues, can be exploited by a local, authenticated attacker for privilege escalation, denial of service, or information disclosure.

A strong case can be made that shoring up defenses requires "Automating out" the weakest link - i.e., humans - from any cloud that companies are entrusting with their data. In "Automating out the weak link," the ability of superusers or IT administrators - or of bad actors who have gained access to valid admin credentials - to manually interfere with sensitive data becomes non-existent, because human interaction is eliminated.