News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: weak point

KRITIS still in sight one year after Colinial Pipeline & Co.
July 1, 2022
| No comments
| Short news
Tenable news

Tenable sees KRITIS operators exposed to increasing threat potential. Also one year after the severe attack on Colinial Pipeline & Co. with devastating effects. A comment from Tenable. “In the XNUMX months since ransomware attacks struck JBS Foods and Colonial Pipeline, the sad reality is that the threat to critical infrastructure operators has increased rather than decreased. Attackers only care about money - not impact Attackers recognize the impact they can have by influencing these environments and rely on it to launch their attacks with increasing accuracy and frequency...

Read more

BSI: Follina vulnerability with increased warning level
June 27, 2022
| No comments
| PR News
BSI: Follina vulnerability with increased warning level

Weeks ago, the new Follina zero-day bug caused a stir in remote code execution in Microsoft Office. More specifically, it is a security vulnerability in Microsoft's Support Diagnostic Tool (MSDT). The BSI has now declared the orange warning level (max. red) for Follina. The CVSS (Common Vulnerability Scoring System) score is now rated “High” 7,8 out of 10. Microsoft already published details and mitigation measures for a vulnerability in Microsoft's Support Diagnostic Tool (MSDT) via the Microsoft Security Response Center on May 30.05.2022, 2022. The vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) number CVE-30190-XNUMX…

Read more

Ransomware & OneDrive: Attackers delete version backups
June 26, 2022
| No comments
| Stories

Proofpoint has discovered potentially dangerous Microsoft Office 365 features that attackers use to delete recovery version files stored on SharePoint and OneDrive in order to more easily blackmail victims. Ransomware attacks traditionally target data across endpoints or network drives. Until now, IT and security teams have believed that cloud drives are more resilient to ransomware attacks. After all, the now well-known “AutoSave” feature, along with versioning and the good old recycle bin for files as a backup, should have sufficed. But that might not be the case for much longer. Vulnerability in Microsoft 365 and OneDrive Proofpoint…

Read more

Exchange Server: many vulnerable via ProxyShell vulnerability
13 May 2022
| No comments
| Short news
Tenable news

Although there are already patches for the ProxyShell vulnerability on Microsoft Exchange, these are not being used. This makes it easy for cybercriminals to further exploit the vulnerabilities and attack the systems. A comment from Tenable. Recent reports show that a Hive ransomware strain is targeting many Microsoft Exchange Servers through the ProxyShell vulnerabilities. Claire Tills, Senior Research Engineer, Tenable, comments on why this is still possible. Patches could close vulnerability “Attackers continue to exploit the ProxyShell vulnerabilities, which were first disclosed more than eight months ago. They have proven to be a reliable source for attackers since their disclosure,…

Read more

UEFI vulnerabilities in Lenovo notebooks
22 April 2022
| No comments
| ESET, Short news
Eset_News

Security provider ESET issues a security warning: Dangerous UEFI vulnerabilities discovered in Lenovo notebooks. Lenovo laptop owners should review the affected devices list and update their firmware according to the manufacturer's instructions. Millions of Lenovo users should update the firmware of their devices as soon as possible - this is the urgent recommendation of the European IT security manufacturer ESET. Researchers from the company discovered three dangerous vulnerabilities on the devices that open the floodgates to attackers on the laptops. For example, highly dangerous UEFI malware such as Lojax or ESPecter could be smuggled in via the security leaks. The unified…

Read more

Critical vulnerabilities at Rockwell Automation
13 April 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Team82, the research arm of Claroty, the specialist in the security of cyber-physical systems (CPS) in industrial, healthcare and enterprise environments, and Rockwell Automation have jointly published two vulnerabilities in Rockwell programmable logic controllers (PLCs) and engineering workstation software. CVE-2022-1161 affects multiple versions of Rockwell's Logix controllers and was rated the highest CVSS score of 10, while CVE-2020-1159 affects multiple versions of the Studio 5000 Logix Designer application. The vulnerabilities could allow modified code to be downloaded to a PLC while the process appears normal to technicians at their workstations. This is reminiscent of Stuxnet and the…

Read more

Log4j-Log4Shell: Attackers use vulnerability for permanent server access
5 April 2022
| No comments
| PR News, Sophos
Log4j Log4shell

SophosLabs researchers discovered three backdoors and four cryptominers targeting unpatched VMware Horizon servers to gain persistent access. Sophos is today releasing its latest research on the Log4j Log4Shell vulnerability. Attackers use these to embed backdoors and script unpatched VMware Horizon Servers. This gives them persistent access to VMware Horizon Server for future ransomware attacks. In the detailed report Horde of Miner Bots and Backdoors Leveraged Log4J to Attack VMware Horizon Servers, Sophos researchers describe the tools and techniques used to compromise servers, as well as three different backdoors and…

Read more

Critical Azure Automation vulnerability
March 23, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

AutoWarp is a critical vulnerability in the Azure Automation service that allows unauthorized access to other Azure customer accounts using the service. Depending on the privileges assigned by the customer, this attack could mean complete control over the target account's resources and data. Microsoft Azure Automation enables organizations to run automation code in a managed manner. You can schedule jobs, provide input and output, and more. Each company's automation code runs in a sandbox, isolated from other customers' code running on the same virtual machine. Vulnerability could have caused billions of dollars in damage Investigating…

Read more

Trending Evil Q1 2022: 30 attack campaigns against the Log4j vulnerability
March 18, 2022
| No comments
| Short news

Trending Evil provides insights into the latest threats observed by Mandiant Managed Defense. The Trending Evil Q1 2022 report focuses on the ongoing impact of the Log4j /Log4Shell vulnerability and the proliferation of financially motivated attacks. 30 attack campaigns exploiting the Log4j vulnerability (CVE-2021-44228) are currently under surveillance, including activities by state attacker groups allegedly controlled by China and Iran. During the reporting period, Mandiant Managed Defense detected eleven different malware families used to exploit the Log4j / Log4Shell vulnerability. Trending Evil Q1 2022: The findings at a glance In addition, Managed Defense observed numerous financially…

Read more

Log4j: The attack tsunami was still missing
1. February 2022
| No comments
| PR News, Sophos
Log4j Log4shell

Even if the feared mass exploitation of the Log4j / Log4Shell vulnerability has not yet taken place, the bug will be a target for attacks for years to come, according to Chester Wisniewski, Principal Research Scientist at Sophos. So far there has been no big Log4j / Log4Shell earthquake - a forensic status finding. The expert teams at Sophos have forensically analyzed the events surrounding the Log4Shell vulnerability since it was discovered in December 2021 and made an initial assessment - including a future forecast by Principal Research Scientist Chester Wisniewski and various graphics showing the exploitation of the vulnerability. The…

Read more

© 2024 MedPressIT GbR
Cookie Settings