Author: Admin
November 11, 2024Ravi LakshmananVulnerability / Risk Reduction Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities affecting Aruba Networking Access Point products, including two critical bugs that could lead to unauthenticated command execution. The vulnerabilities affect access points running Instant AOS-8 and AOS-10 – AOS-10.4.xx: 10.4.1.4 and below Instant AOS-8.12.xx: 8.12.0.2 and below Instant AOS-8.10.xx: 8.10.0.13 and below The most serious of the six recently patched vulnerabilities are CVE-2024-42509 (CVSS score: 9.8) and CVE-2024-47460 (CVSS score: 9.0), two critical flaws in the unauthenticated command injection into the service CLI, which can lead to arbitrary code execution. “Command…
Cyber threats are increasing and cyber security has become critical to business operations. As security budgets grow, CEOs and boardrooms demand concrete evidence that cybersecurity initiatives deliver value beyond regulatory compliance. Just as you wouldn’t buy a car without knowing it’s been crash tested, safety systems should also be tested to prove their value. There is a growing shift toward security testing as it allows cyber practitioners to safely deploy real-world exploits in production environments to accurately assess the effectiveness of their security systems and identify critical areas of impact at scale. We sat down with Sean Baird, Associate Director…
November 11, 2024Ravi LakshmananMachine Learning / Vulnerability Cybersecurity researchers have discovered nearly two dozen security flaws in 15 different machine learning (ML) open source projects. These include both server-side and client-side vulnerabilities, software supply chain security firm JFrog said in an analysis published last week. Server-side vulnerabilities “allow attackers to hijack critical servers in an organization, such as ML model registries, ML databases, and ML pipelines.” said. The vulnerabilities identified in Weave, ZenML, Deep Lake, Vanna.AI, and Mage AI have been broken down into broader subcategories that allow remote hijacking of model registries, ML database structures, and hijacking of ML…
Cyber security researchers have discovered a new phishing campaign that distributes a new fileless variant of a known commercial malware called Remcos RAT. The Remcos RAT “provides purchases with a broad set of advanced features for remote control of customer-owned computers,” said Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week. “However, threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious activities.” The starting point of the attack is a phishing email that uses purchase order-themed lures to convince recipients to open a Microsoft Excel…
November 9, 2024Ravi LakshmananVulnerability / Network Security Palo Alto Networks on Friday issued an advisory urging customers to ensure that access to the PAN-OS management interface is secured due to a potential remote code execution vulnerability. Palo Alto Networks is aware of a remote code execution vulnerability through the PAN-OS management interface. said. “At the moment, we do not know the specifics of the reported vulnerability. We are actively monitoring for signs of any exploitation.” Meanwhile, the network security vendor advised users to properly configure the management interface according to best practices and ensure that it can only be accessed…
November 9, 2024Ravi LakshmananCryptocurrency / Cybercrime The 36-year-old founder of cryptocurrency mixer Bitcoin Fog was sentenced to 12 years and six months in prison for aiding and abetting money laundering between 2011 and 2021. Roman Sterlingov, citizen of Russia and Sweden, pleaded guilty on charges of money laundering and operating an unlicensed money transfer business earlier this March. The US Department of Justice (DoJ) has described Bitcoin Fog as the longest running darknet cryptocurrency mixerallowing cybercriminals to hide the source of their cryptocurrency income. “During its ten years of operation, Bitcoin Fog has gained notoriety as a money-laundering service for…
Friday’s Squid Blog: Squid-A-Rama in Des Moines Squid-A-Rama will be in Des Moines at the end of the month. Visitors will be able to dissect a squid, learn interesting facts about the species and witness a live squid release by local divers. How do they release live squid? Simple: It’s Des Moines, Washington; not Des Moines, Iowa. Blog Moderation Policy. tags: squid Posted on November 8, 2024 at 5:04 pm • Bruce Schneier sidebar photo by Joe McInnis. Source link
November 8, 2024Hacker newsCyber Resilience / Compliance We’ve all heard it a million times: the growing demand for robust cybersecurity in the face of growing cyber threats is undeniable. Around the world, small and medium-sized businesses (SMBs) are increasingly being targeted by cyberattacks, but they often lack the resources for dedicated chief information security officers (CISOs). This gap is fueling the growth of the virtual CISO (vCISO) model, which offers a cost-effective solution and gives SMBs access to strategic security leadership. For MSPs and MSSPs, this shift represents both a challenge and an opportunity. More than 94% of service providers…
November 8, 2024Ravi LakshmananIoT Security / Vulnerability The threat actors behind the AndroxGh0st malware are now exploiting a wider set of security flaws affecting various Internet applications, as well as deploying the Mozi botnet malware. “This botnet uses remote code execution and credential theft techniques to maintain constant access, using unpatched vulnerabilities to infiltrate critical infrastructures.” – CloudSEK said in a new report. AndroxGh0st is the name given to a Python-based cloud attack tool known for targeting Laravel applications in order to obtain sensitive data from services such as Amazon Web Services (AWS), SendGrid, and Twilio. Active since at least…
November 8, 2024Ravi LakshmananOpen source / malware The new campaign targeted an npm package repository with malicious JavaScript libraries designed to infect Roblox users with open source malware such as Indebtedness and Blank-grabber. “This incident highlights the alarming ease with which threat actors can attack supply chains by exploiting trust and human error in the open source ecosystem and using readily available malware, public platforms such as GitHub to host malicious executables, and communication channels such as Discord and Telegram for C2 operations to bypass traditional security measures.” — Socket security researcher Kirill Boichenko said in a report shared with…