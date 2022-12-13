Read full article on original website
VMware Patches VM Escape Flaw Exploited at Geekpwn Event
The leader in virtualization technology, VMware, released emergency updates on Tuesday to address three security flaws in various software programs, including a virtual machine escape bug that was used in the GeekPwn 2022 hacking competition. Yuhao Jiang, an Ant Security researcher, exploited the VM escape vulnerability, referred to as CVE-2022-31705,...
Security Companies Alert Microsoft about Signed Drivers Applied to Kill EDR, AV Processes
Several cybersecurity firms have warned Microsoft that cybercriminals have been utilizing signed malicious drivers to terminate antivirus (AV) and endpoint detection and response (EDR) processes. Microsoft released an advisory to inform users about drivers approved by its Windows Hardware Developer Program being used by threat actors in post-exploitation activity, such...
New Python-Based Backdoor Intended to Target VMware ESXi Servers
Researchers at the Threat Labs of Juniper Networks have discovered a new Python-based backdoor that targets VMware ESXi virtualization servers. Although the targeted servers were affected by well-known security flaws (like CVE-2019-5544 and CVE-2020-3992) that were probably used for the initial compromise, the researchers were more interested in the backdoor’s ease of use, persistence, and capabilities. To ensure the persistent execution of a Python script at startup, the threat actor modified a total of four files on the target, which the system backs up and restores after a reboot.
Don’t Click on Emails With These Subject Lines
A scammer’s best friend is a sense of urgency. If they can get you to do something before rousing suspicion, whether you eventually uncover the scam doesn’t really matter — it’s already too late to stop it. The danger can be in something as simple as...
CISA Warns of Vulnerabilities in Veeam Backup & Replication Used in Attacks
Two vulnerabilities affecting Veeam’s Backup & Replication product have been added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) list of known exploited vulnerabilities. On Tuesday, CISA added five vulnerabilities to its database, including ones that affect products from Veeam, Fortinet, Microsoft, and Citrix. The list now...
Core Aspects of Digital Immune Systems
Many cybersecurity experts are exploring opportunities to strengthen their cybersecurity posture by ingraining digital immunity into their business operations. Businesses-critical operations are becoming increasingly dependent on technology. This is especially true in hybrid work environments where success is dependent on providing seamless digital experiences across every device, no matter where employees are based. Irrespective of the immense benefits of hybrid work models and large-scale adoption of the cloud, it has also exposed businesses to various threats and risks. There is a tremendous amount of data generated in the cybersecurity field today. Previously enterprises used to operate on very few insights from their data. Enterprises that want to develop a resilient business network need to have a data-driven defense strategy that acts as a digital immune system that enables them to stay secure from various sophisticated threats.
Google Launches Vulnerability Scanner for Open Source Developers
This week, Google unveiled OSV-Scanner, a free scanner that open-source programmers can use to get information on vulnerabilities that are pertinent to their projects. Software projects are more susceptible to supply chain attacks and the exploitation of undiscovered vulnerabilities due to their numerous dependencies. Google last year launched an open source vulnerability database and is now offering a front-end for that database in the form of the OSV-Scanner in an effort to increase the ecosystem’s security by assisting the community in classifying vulnerabilities in open source software.
NSA Exposes Chinese Hackers Exploiting Zero-Day Citrix Flaw
Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that a Chinese hacking group has already been caught exploiting the vulnerability. Citrix alerted users to CVE-2022-27518, a pre-auth remote code execution bug affecting the Citrix ADC...
Interpres Security Strenghtens Executive Team With Leaders From Devo Technology, the NSA and Mandiant
Interpres Security (Interpres), a company dedicated to helping companies optimize their security performance with a comprehensive new approach to managing the defense surface, today announced the appointment of three top executive hires. The expanded team will help Interpres pursue its mission of helping companies optimize the effectiveness of their current security stack.
Wiz Introduces Free Cloud Framework to Drive Community-Backed Security
Wiz, the leading cloud security platform that rapidly enables customers to find and remove critical cloud risks, today announced its newest project, The PEACH framework, a tenant isolation framework for cloud applications. This framework will enable industry-wide collaboration and provide cloud customers and cloud application developers with the necessary guidance to build cloud services securely and prevent critical risks in the implementation process.
Vulcan Cyber and Four Inc. Collaborate to Bring Cyber Risk Management SaaS Platform to the Public Sector
Vulcan Cyber, developers of the cyber risk management platform for infrastructure, application and cloud vulnerabilities, today announced a partnership with Four Inc., a leading federal IT resale, financing, and contracts administration provider. Four Inc. will provide the Vulcan Cyber unified cyber risk and security posture management platform to the public sector through Four Inc.’s NASA Solutions for Enterprise-Wide Procurement (SEWPV), Information Technology Enterprise Solutions-Software 2 (ITES-SW2) contracts and its network of channel partners as part of Four Inc.’s boutique aggregation program. The program offers key elements to support and grow Vulcan Cyber business in the public sector.
Critical Challenges of Security Operations Centers (SOCs)
The first layer of protection for the firm is the Security Operations Centers (SOCs) analysts. To protect their company from cyber-attacks, enterprises must properly train their employees and give them the right tools. Cyberattacks is also constantly getting more sophisticated; and the modern CISO is now accepting this reality and...
Lacework appoints Niels Provos as Head of Security Efficacy
Lacework®, the data-driven cloud security company, today announced the appointment of Niels Provos as the company’s first Head of Security Efficacy. Provos brings nearly two decades of industry experience in creating healthy engineering teams that build security infrastructure and systems that solve cloud security problems at scale. He puts a particular emphasis on treating security as an engineering problem.
CyberData Pros collaborates with Mastercard’s RiskRecon to launch global cybersecurity protection for businesses around the world
Cybersecurity experts, CyberData Pros, collaborate with RiskRecon, a Mastercard Company, to provide threat prevention services for clients worldwide. Specializing in data security, compliance, consulting and due diligence, CDP analysts provide solution-oriented awareness and implementation routes to improve and eliminate security risks for clients. RiskRecon is a SaaS platform that analyzes...
Twitter Reacts to Recent Reports of Data Breach
In response to recent reports of data leaks, Twitter confirmed that the information exposed is the same as the one that circulated earlier this year. The social media juggernaut disclosed in August that user data was obtained using a vulnerability that had been patched in January but hadn’t yet been fixed. The admission followed reports that the vulnerability had been used to gather information on 5.4 million users. The flaw, which was discovered in June 2021, made it possible for hackers to find out whether a particular phone number or email address was connected to an active Twitter account, even for accounts where this information was supposed to be private.
