Mozilla Rushes to Fix Critical Vulnerability in Firefox and Thunderbird
Mozilla Foundation strongly advises all users of these products to update to the latest versions to ensure their systems are protected against this critical security…
Month: September 2023
Millions of Exim mail servers exposed to zero-day RCE attacks
A critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers.…
Lazarus APT Exploiting LinkedIn to Target Spanish Aerospace Firm
KEY FINDINGS An aerospace firm in Spain is the target of an organized attack where scammers contact the company’s employees as recruiters from LinkedIn. The…
Exploit released for Microsoft SharePoint Server auth bypass flaw
Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation. Tracked as CVE-2023-29357, the security flaw…
Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an “evolved version” of another loader malware known as…
NIST Publishes Final Version of 800-82r3 OT Security Guide
NIST announced on Thursday that it has published the final version of its latest guide to operational technology (OT) security. NIST published the first draft…
The Role of DevOps in Streamlining Cloud Migration Processes
DevOps streamlines cloud migration by automating deployment and operations, ensuring a seamless transition and efficient management of cloud resources, leading to faster and more reliable…
AWS Using MadPot Decoy System to Disrupt APTs, Botnets
Cloud computing giant AWS says an internal threat intel decoy system called MadPot has been used successfully to trap malicious activity, including nation state-backed APTs…
How The Growing Adoption of Cloud Is Giving Rise to New Security Challenges
By Joseph Carson, Chief Security Scientist & Advisory CISO, Delinea The cloud has become a necessity for modern businesses. More and more organizations are seeing…
Facial Recognition Banned By New York Education Department
The authentication process in US schools will see a change because of the landmark facial recognition ban by the education department. After seeing cases of…
In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a…
Chinese Hackers Breached Microsoft’s Email Platform
In a significant cybersecurity breach, Chinese hackers successfully infiltrated Microsoft’s email platform earlier this year, leading to the theft of tens of thousands of emails…