Author: Admin
August 14, 2024Ravi LakshmananWindows Security/Vulnerabilities Microsoft on Tuesday sent patches to address the total number 90 security flawsincluding 10 zero days, six of which were actively exploited in the wild. Of the 90 bugs, seven were rated Critical, 79 were rated Important, and one was rated Medium. This is also in addition to 36 vulnerabilities that the tech giant has decided on its Edge browser since last month. Patch Tuesday’s updates are notable for addressing six actively exploited zero-days – CVE-2024-38189 (CVSS Score: 8.8) – Microsoft Project remote code execution vulnerability CVE-2024-38178 (CVSS Score: 7.5) – A vulnerability in the…
August 13, 2024Ravi LakshmananHealthcare / Vulnerability Cybersecurity researchers have discovered two security flaws in Microsoft’s Azure Health Bot service that, if exploited, could allow malicious actors to achieve lateral movement in a client environment and gain access to sensitive patient data. Critical issues now fixed by Microsoft could have allowed resource access between tenants on the service, Tenable said in a new the report shared with The Hacker News. The Azure AI Health Bot service is a cloud platform enabling developers in healthcare organizations to create and deploy AI-powered virtual healthcare assistants and create co-pilots to manage administrative workloads and…
August 13, 2024Ravi LakshmananVulnerability / hardware security A team of researchers from CISPA’s Helmholtz Center for Information Security in Germany discovered an architectural flaw in the XuanTie C910 and C920 of the Chinese company T-Head. RISC-V CPU which could allow attackers to gain unrestricted access to sensitive devices. The vulnerability was codenamed GhostWrite. This was described as a direct processor bug built into the hardware, as opposed to a side-channel attack or transient execution. “This vulnerability allows an unprivileged attacker, even with limited access, to read and write any part of a computer’s memory and control peripheral devices such as…
August 13, 2024Hacker newsCyber Defense / Compliance Traditionally, the focus has been on protecting against digital threats, such as malware, ransomware and phishing attacks, by detecting and responding to them. However, cyber threats are becoming more sophisticated. There is growing recognition of the importance of measures to stop new attacks before they are recognized. For valuable assets, it is not good enough to have protection, it is essential to have some confidence in the effectiveness of the protection. With software, this kind of assurance is hard work, and this has led to an additional approach called hardsec. What is Hardsec?…
The US Federal Bureau of Investigation (FBI) on Monday announced a failure in the Internet infrastructure linked to a group of ransomware called Dispossessor (aka Radar). In the course of this work, three servers in the US, three servers in the UK, 18 German servers, eight criminal domains in the US and one criminal domain in Germany were dismantled. Dispossessor is said to be operated by an individual(s) who go by the internet alias “The Brain”. “Since its inception in August 2023, Radar/Dispossessor has rapidly evolved into an international ransomware group that targets and attacks small and medium-sized businesses and…
August 13, 2024Ravi LakshmananThreat Intelligence / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign masquerading as the Security Service of Ukraine to distribute malware with the ability to remotely access the desktop. The agency is tracking activity called UAC-0198. It is estimated that since July 2024, more than 100 computers have been infected, including those related to government agencies in the country. The attack chains involve mass email distribution to deliver a ZIP archive containing an MSI installer file that, when opened, deploys a malware called ANONVNC. ANONVNC, which is based on…
August 12, 2024Ravi LakshmananCyber Security / Network Security The FreeBSD project has released security updates to address critical flaws in OpenSSH that attackers could potentially use to execute arbitrary code remotely with elevated privileges. Vulnerability, tracked as CVE-2024-7589has a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity. “The signal handler in sshd(8) may call a logging function that is not asynchronous signal safe,” the advisory says released last week. “The signal handler is called if the client is not authenticated within LoginGraceTime seconds (120 by default). This signal handler executes in the context of privileged…
After a good year of steady wealth, the hangover finally hit. This is a delicate option (for now) as the market adjusts the stock price of major players (like Nvidia, Microsoft and Google) while other players re-evaluate the market and adjust their priorities. Gartner calls this the trough of frustrationwhen interest wanes and implementations do not bring the promised breakthroughs. Technology makers shake up or fail. Investments continue only if the surviving vendors improve their products to the satisfaction of early adopters. Let’s make it clear that this will always be the case: the post-human revolution promised by AI proponents…
At least 94 percent of businesses will be affected by phishing attacks in 2023, a 40 percent increase from the previous year. study with Egress. What’s behind the surge in phishing? One popular answer is artificial intelligence, specifically generative artificial intelligence, which has made it significantly easier for threat actors to create content they can use in phishing campaigns, such as malicious emails and, in more sophisticated cases, deepfake video. Also, AI can help write malicious software that threat actors often install on their victims’ computers and servers as part of phishing campaigns. Phishing as a serviceor PhaaS, is another…
August 12, 2024Ravi LakshmananCritical Infrastructure / Vulnerability Cybersecurity researchers have discovered a series of security flaws in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could allow attackers to cause failures and power outages. “If exploited, these vulnerabilities could allow an attacker to control inverter settings that could disable part of the network, potentially causing outages,” Bitdefender researchers said. said in an analysis published last week. The vulnerabilities were patched by Solarman and Deye as of July 2024 following a responsible disclosure on May 22, 2024. A Romanian cybersecurity vendor that analyzed two PV monitoring and…