Security

The chipmaker AMD published guidance for two new attacks against its SEV (Secure Encrypted Virtualization) protection technology. Chipmaker AMD has issued guidance for two attacks (CVE-2020-12967, CVE-2021-26311) that allow bypassing the SEV (Secure Encrypted Virtualization) technology implemented to prevent rogue operating systems on virtual machines. The chipmaker is aware of two research papers, respectively titled […]

The post Two flaws could allow bypassing AMD SEV protection system appeared first on Security Affairs.

Read More Two flaws could allow bypassing AMD SEV protection system

The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide. The attack perpetrated by hackers on oil company Colonial Pipeline highlights the dangers that are facing Industrial Control Systems (ICS) and the need for change in the information security landscape, The attack took place on May 7th where hackers used ransomware […]

The post Security at Bay: Critical Infrastructure Under Attack appeared first on Security Affairs.

Read More Security at Bay: Critical Infrastructure Under Attack

Cisco has addressed a zero-day in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. Cisco has addressed a zero-day vulnerability in Cisco AnyConnect Secure Mobility Client, tracked as CVE-2020-3556, that was disclosed in November. The availability of a proof-of-concept exploit code for the zero-day was confirmed by the Cisco Product Security […]

The post Cisco fixes AnyConnect Client VPN zero-day disclosed in November appeared first on Security Affairs.

Read More Cisco fixes AnyConnect Client VPN zero-day disclosed in November

President Joe Biden signed an ambitious executive order to dramatically improve the security of the US government networks. President Biden signed an executive order this week to improve the country’s defenses against cyberattacks, it is an important move that comes shortly after the recent wave of attacks, such as the SolarWinds supply chain attack and the […]

The post Biden signed executive order to improve the Nation’s Cybersecurity appeared first on Security Affairs.

Read More Biden signed executive order to improve the Nation’s Cybersecurity

After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and conditions users agree to.  Global privacy regulations, such as the CCPA and GDPR, were enacted to ensure stricter standards when handling the personal data of consumers. As per these regulations, organizations can be held responsible […]

The post How Companies Need to Treat User Data and Manage Their Partners appeared first on Security Affairs.

Read More How Companies Need to Treat User Data and Manage Their Partners

Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities, four are rated as Critical. Microsoft Patch Tuesday for May 2021 security updates address 55 vulnerabilities in Microsoft Windows, .NET Core and Visual Studio, Internet Explorer (IE), Microsoft Office, SharePoint Server, Open-Source Software, Hyper-V, Skype for Business and Microsoft Lync, and Exchange Server. Four […]

The post Microsoft Patch Tuesday for May 2021 fix 4 critical flaws appeared first on Security Affairs.

Read More Microsoft Patch Tuesday for May 2021 fix 4 critical flaws

U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence gathering. The U.S. National Security Agency (NSA), along with the DHS Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have analyzed the risks and vulnerabilities associated with […]

The post NSA and ODNI analyze potential risks to 5G networks appeared first on Security Affairs.

Read More NSA and ODNI analyze potential risks to 5G networks

Adobe confirmed that a zero-day vulnerability affecting Adobe Reader for Windows has been exploited in the wild in limited attacks. Adobe security updates for May 2021 address at least 43 CVEs in Experience Manager, InDesign, Illustrator, InCopy, Adobe Genuine Service, Acrobat and Reader, Magento, Creative Cloud Desktop, Media Encoder, Medium, and Animate. Five of the […]

The post Hackers target Windows users exploiting a Zero-Day in Reader appeared first on Security Affairs.

Read More Hackers target Windows users exploiting a Zero-Day in Reader

Google has released a new open-source tool called cosign that could allow administrators to sign and verify the container images. Google has released a new open-source tool called cosign that allows to sign, verify container images, it was developed to make signatures invisible infrastructure. Cosign supports: Hardware and KMS signing Bring-your-own PKI Our free OIDC PKI […]

The post Google open sources cosign tool for verifying containers appeared first on Security Affairs.

Read More Google open sources cosign tool for verifying containers

The U.S. FBI confirmed that the attack against the Colonial Pipeline over the weekend was launched by the Darkside ransomware gang. The U.S. Federal Bureau of Investigation confirmed that the Colonial Pipeline was shut down due to a cyber attack carried out by the Darkside ransomware gang. “The FBI confirms that the Darkside ransomware is […]

The post FBI confirmed that Darkside ransomware gang hit Colonial Pipeline appeared first on Security Affairs.

Read More FBI confirmed that Darkside ransomware gang hit Colonial Pipeline

U.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant. At the end of April, researchers […]

The post CISA MAR report provides technical details of FiveHands Ransomware appeared first on Security Affairs.

Read More CISA MAR report provides technical details of FiveHands Ransomware

‘Spam protection, AntiSpam, FireWall by CleanTalk’ anti-spam WordPress plugin could expose user sensitive data to an unauthenticated attacker. A Time-Based Blind SQL Injection in ‘Spam protection, AntiSpam, FireWall by CleanTalk’ WordPress plugin, tracked as CVE-2021-24295, could be exploited by an unauthenticated attacker to access user data. The flaw could be exploited by an attack to […]

The post SQL injection issue in Anti-Spam WordPress Plugin exposes User Data appeared first on Security Affairs.

Read More SQL injection issue in Anti-Spam WordPress Plugin exposes User Data

The UK and US cybersecurity agencies have published a report detailing techniques used by Russia-linked cyberespionage group known APT29 (aka Cozy Bear). Today, UK NCSC and CISA-FBI-NSA cybersecurity agencies published a joint security advisory that warns organizations to patch systems immediately to mitigate the risk of attacks conducted by Russia-linked SVR group (aka APT29, Cozy Bear, and The Dukes)). The […]

The post Russia-linked APT29 group changes TTPs following April advisories appeared first on Security Affairs.

Read More Russia-linked APT29 group changes TTPs following April advisories

VMware has fixed a new critical RCE flaw in VMware vRealize Business for Cloud that was reported by sanctioned Russian firm Positive Technologies. VMware has addressed a critical remote code execution vulnerability, tracked as CVE-2021-21984, in VMware vRealize Business for Cloud. vRealize Business for Cloud is an automated cloud business management solution that allows customers to […]

The post VMware addresses critical RCE in vRealize Business for Cloud appeared first on Security Affairs.

Read More VMware addresses critical RCE in vRealize Business for Cloud

Let’s look at what types of threats each layer of the TCP/IP protocol stack may be susceptible to. The task of a computer security system is to safeguard the information transmitted over the network and to adequately preserve the data stored in it.  Excluding in this discussion threats due to natural disasters, we can classify […]

The post Possible attacks on the TCP/IP protocol stack and countermeasures appeared first on Security Affairs.

Read More Possible attacks on the TCP/IP protocol stack and countermeasures

A high severity flaw, tracked as CVE-2020-11292, affects Qualcomm Mobile Station Modem chips used by around 30% of all smartphones worldwide Researchers from Checkpoint have discovered a buffer overflow vulnerability, tracked as CVE-2020-11292, in the Qualcomm Mobile Station Modem that can be exploited by attackers to trigger memory corruption and execute arbitrary code on the […]

The post Qualcomm bug impacts about 30% of all smartphones appeared first on Security Affairs.

Read More Qualcomm bug impacts about 30% of all smartphones

Cisco fixed critical flaws in SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts, and executing commands as root. Cisco has addressed critical vulnerabilities affecting SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts and executing commands as root. Cisco SD-WAN vManage Software flaws (CVE-2021-1275, CVE-2021-1468, CVE-2021-1505, CVE-2021-1506, CVE-2021-1508) could […]

The post Cisco fixes critical flaws in SD-WAN vManage and HyperFlex HX software appeared first on Security Affairs.

Read More Cisco fixes critical flaws in SD-WAN vManage and HyperFlex HX software

Researchers found a critical vulnerability in HPE Edgeline Infrastructure Manager that could be exploited by a remote attacker to bypass authentication. Researchers from Tenable have disclosed a critical authentication bypass vulnerability in HPE Edgeline Infrastructure Manager (EIM), tracked as CVE-2021-29203, that could be exploited by attackers to compromise a customer’s cloud infrastructure. “A security vulnerability […]

The post Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager appeared first on Security Affairs.

Read More Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager

The maintainers of the Exim email server software addressed a collection of 21 issues, dubbed 21Nails, that can allow attackers to fully compromise mail servers. The maintainers of the Exim email server software have released security updates to address a collection of 21 vulnerabilities, dubbed 21Nails, that can be exploited by attackers to take over […]

The post Most of Exim email servers could be hacked by exploiting 21Nails flaws appeared first on Security Affairs.

Read More Most of Exim email servers could be hacked by exploiting 21Nails flaws

American multinational computer technology giant Dell addresses a 12-year-old driver flaw, tracked as CVE-2021-21551, impacting millions of computers. Hundreds of millions of Dell computers worldwide are affected by a 12-year-old vulnerability, tracked as CVE-2021-21551, that affects Dell DBUtil driver. The flaw affects version 2.3 of the Dell BIOS driver, it is one of a series of […]

The post Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws appeared first on Security Affairs.

Read More Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws

Apple has released security updates to patch three zero-days in the WebKit, the Apple’s browser engine, and fixed a zero-day exploited in the wild. Apple released security updates to address four zero-day vulnerabilities impacting WebKit, which is used by multiple products of the IT giant, including iPadOS, tvOS, and watchOS. The WebKit browser engine is […]

The post Apple addresses three zero-day flaws in its WebKit browser engine appeared first on Security Affairs.

Read More Apple addresses three zero-day flaws in its WebKit browser engine

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. Pulse Secure has addressed a zero-day vulnerability (CVE-2021-22893) in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited by threat actors in attacks against defense firms […]

The post Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited appeared first on Security Affairs.

Read More Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited

Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it? Data breaches are highly damaging and equally embarrassing for businesses andconsumers. If you look at Verizon’s 2020 Data Breach Investigations Report, you canfind some of the most common causes of data breaches. However, you will also […]

The post Most Common Causes of Data Breach and How to Prevent It appeared first on Security Affairs.

Read More Most Common Causes of Data Breach and How to Prevent It

The Internet Systems Consortium (ISC) released updates for the BIND DNS software to patch several denial-of-service (DoS) and potential RCE flaws. The Internet Systems Consortium (ISC) has released security updates for the BIND DNS software to address several vulnerabilities that can be exploited by attackers to trigger denial-of-service (DoS) conditions and potentially to remotely execute […]

The post Flaws in the BIND software expose DNS servers to attacks appeared first on Security Affairs.

Read More Flaws in the BIND software expose DNS servers to attacks