US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
News
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV)...
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure...
University websites using MediaWiki, TWiki hacked to serve Fortnite spam
Websites of multiple U.S. universities are serving Fortnite and 'gift card' spam. Researchers observed Wiki and documentation pages being hosted by universities including Stanford, MIT, Berkeley,...
The Week in Ransomware – April 21st 2023 – Macs in the Crosshairs
A lot of news broke this week related to ransomware, with the discovery of LockBit testing macOS encryptors to an...
Kubernetes RBAC abused to create persistent cluster backdoors
Hackers use a novel method involving RBAC (Role-Based Access Control) to create persistent backdoor accounts on Kubernetes clusters and hijack...
American Bar Association data breach hits 1.4 million members
Image: Bing Create The American Bar Association (ABA) has suffered a data breach after hackers compromised its network and gained...
Critical infrastructure also hit by supply chain attack behind 3CX breach
The X_Trader software supply chain attack that led to last month's 3CX breach has also impacted at least several critical...
GhostToken GCP flaw let attackers backdoor Google accounts
Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat...
Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors...
N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company,...
14 Kubernetes and Cloud Security Challenges and How to Solve Them
Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These...
Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by...
3CX hack caused by trading software supply chain attack
An investigation into last month's 3CX supply chain attack discovered that it was caused by another supply chain compromise where...
Lazarus hackers now push Linux malware via fake job offers
A new Lazarus campaign considered part of "Operation DreamJob" has been discovered targeting Linux users with malware for the first...
Google: Ukraine targeted by 60% of Russian phishing attacks in 2023
Google’s Threat Analysis Group (TAG) has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine’s critical infrastructure in 2023. Google...
VMware fixes vRealize bug that let attackers run code as root
VMware addressed a critical vRealize Log Insight security vulnerability that allows remote attackers to gain remote execution on vulnerable appliances....
Attackers use abandoned WordPress plugin to backdoor websites
Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an...
Capita confirms hackers stole data in recent cyberattack
London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at...
Two Critical Flaws Found in Alibaba Cloud’s PostgreSQL Databases
A chain of two critical flaws has been disclosed in Alibaba Cloud's ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL...
