Entries by Sjir Bagmeijer

Cybersecurity Updates For Week 17 of 2022

New Nimbuspwn Linux vulnerability gives hackers root privileges A new set of vulnerabilities collectively tracked as Nimbuspwn could let local attackers escalate privileges on Linux systems to deploy malware ranging from backdoors to ransomware. Read more: https://www.bleepingcomputer.com/news/security/new-nimbuspwn-linux-vulnerability-gives-hackers-root-privileges/ Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators On April 12, GitHub […]

Cybersecurity Updates For Week 16 of 2022

CVE-2021-3970, CVE-2021-3971, CVE-2021-3972: Lenovo UEFI Firmware Vulnerabilities Security company ESET discovered 3 new vulnerabilities in the UEFI firmware of Lenovo laptops which affected hundreds of Lenovo models including Lenovo Flex; IdeaPads; Legion; V14, V15, and V17 series; and Yoga laptops. Read more: https://securityonline.info/cve-2021-3970-lenovo-uefi-firmware-vulnerabilities/ Hackers Are Getting Caught Exploiting New Bugs More Than Ever A pair […]

Cybersecurity Updates For Week 15 of 2022

Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities Microsoft’s Patch Tuesday updates for the month of April have addressed a total of 128 security vulnerabilities spanning across its software product portfolio, including Windows, Defender, Office, Exchange Server, Visual Studio, and Print Spooler, among others. Read more: https://thehackernews.com/2022/04/microsoft-issues-patches-for-2-windows.html Menswear Brand Zegna Reveals Ransomware […]

Cybersecurity Updates For Week 14 of 2022

Cado Discovers Denonia: The First Malware Specifically Targeting Lambda Cado Labs routinely analyses cloud environments to look for the latest threats. As part of ongoing research, we found the first publicly-known case of malware specifically designed to execute in an AWS Lambda environment. Read more: https://www.cadosecurity.com/cado-discovers-denonia-the-first-malware-specifically-targeting-lambda/ VMware Patches Multiple Vulnerabilities in Workspace ONE, Identity and […]

Cybersecurity Updates For Week 13 of 2022

Spring Core on JDK9+ is vulnerable to remote code executio Spring Core on JDK9+ is vulnerable to remote code execution due to a bypass for CVE-2010-1622. At the time of writing, this vulnerability is unpatched in Spring Framework and there is a public proof-of-concept available. As we have remediation advice for customers (see below), we […]

Cybersecurity Updates For Week 12 of 2022

Okta’s Investigation of the January 2022 Compromise On March 22, 2022, nearly 24 hours ago, a number of screenshots were published online that were taken from a computer used by one of Okta’s third-party customer support engineers. Read more: https://www.okta.com/blog/2022/03/oktas-investigation-of-the-january-2022-compromise/ Microsoft confirms Lapsus$ breach after hackers publish Bing, Cortana source code Microsoft has confirmed that […]

Cybersecurity Updates For Week 11 of 2022

High-Severity DoS Vulnerability Patched in OpenSSL OpenSSL updates announced on Tuesday patch a high-severity denial-of-service (DoS) vulnerability related to certificate parsing. Read more: https://www.securityweek.com/high-severity-dos-vulnerability-patched-openssl CISOs face ‘perfect storm’ of ransomware and state-supported cybercrime With not just ransomware gangs raiding network after network, but nation states consciously turning a blind eye to it, today’s chief information […]

Cybersecurity Updates For Week 10 of 2022

Intel and Arm CPUs have a major security flaw A new Spectre class speculative execution vulnerability, called Branch History Injection (BHI) or Spectre-BHB, was jointly disclosed on Tuesday by VUSec security research group and Intel. Read more: https://www.techspot.com/news/93706-arm-intel-cpus-vulnerable-new-spectre-style-attack.html Microsoft tests new cloud-based Microsoft Defender for home users Microsoft has announced that the company’s new cloud-based […]

Cybersecurity Updates For Week 9 of 2022

DORA’s Global Reach and Why Enterprises Need to Prepare A new cybersecurity regulation is coming to the European financial services sector, and its authority will be felt worldwide. Read more: https://www.darkreading.com/risk/dora-s-global-reach-and-why-enterprises-need-to-prepare Shadowserver Special Reports – Cyclops Blink On 2022-03-03 we sent out a second special report with an additional 673 IPs likely infected with Cyclops […]

Cybersecurity Updates For Week 8 of 2022

New Data-Wiping Malware Discovered on Systems in Ukraine Researchers were scrambling to analyze a newly discovered piece of data-wiping malware found in the wild. Read more: https://www.darkreading.com/attacks-breaches/new-data-wiping-malware-discovered-on-systems-in-ukraine Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its […]