Information

20 Jun

ASUS warns router customers: Patch now, or block all inbound requests

Information

by Paul Ducklin ASUS is a well-known maker of popular electronics products, ranging from laptops and phones to home routers and graphics cards. This week, the company published firmware updates for a wide range of its home routers, along with a strong warning that if you aren’t willing or able to update your firmware right now, then you need to: [Disable] services accessible from the WAN side to avoid potential unwanted intrusions. These services include…

Read More
20 Jun

VMware Confirms Live Exploits Hitting Just-Patched Security Flaw

Information, News

Less than two weeks after shipping urgent patches to cover security defects in its Aria Operations for Networks product, VMware says hackers have started launching exploits in the wild. The virtualization technology giant on Tuesday updated a critical-level bulletin with a blunt warning to businesses running the network monitoring software: “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild.” The live exploits, first flagged by GreyNoise, target the CVE-2023-20887 command injection vulnerability…

Read More
19 Jun

Megaupload duo will go to prison at last, but Kim Dotcom fights on…

Information

by Paul Ducklin For the third time in about a week, cybersecurity law-and-order news includes a criminal case that’s been brewing for more than a decade. This time, the news is prison sentences for two of the main four original defendants in the infamous Megaupload saga. If you weren’t following cybersecurity a decade ago, we’ll recap directly from the article we published at the time of the site’s takedown by the FBI in early 2012:…

Read More
19 Jun

Asus Patches Highly Critical WiFi Router Flaws

Information, News

Taiwanese computer hardware manufacturer Asus on Monday shipped urgent firmware updates to address vulnerabilities in its WiFi router product lines and warned users of the risk of remote code execution attacks. In an advisory, Asus documented at least nine security defects and multiple security weaknesses that allow code execution, denial-of-service, information disclosure and authentication bypasses. The most serious of the nine vulnerabilities, a highly critical bug with a CVSS severity rating of 9.8/10, dates back…

Read More
18 Jun

Microsoft Says Early June Disruptions to Outlook, Cloud Platform, Were Cyberattacks

Information, News

In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame. But the software giant has offered few details —…

Read More
17 Jun

Stop Cyberbullying Day: Prevention is everyone’s responsibility

Information

Strategies for stopping and responding to cyberbullying require a concerted, community-wide effort involving parents, educators and children themselves Bullying of any kind can have a devastating impact on the victim’s well-being and life. Physical bullying, also known as face-to-face or in-person bullying, is still an issue in schools, with many researchers saying that its long-term consequences can be even worse than the immediate impacts – to the point that they may lead to changes in…

Read More
17 Jun

Is a RAT stealing your files? – Week in security with Tony Anscombe

Information

Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups or performs other shenanigans? Could your Android phone be home to a remote access tool (RAT) that steals WhatsApp backups? This week, ESET researchers revealed how an updated version of Android GravityRAT spyware is being spread as free messaging apps called BingeChat and Chatico and used to exfiltrate victims’ WhatsApp backups, among other malicious actions. The threat actor behind…

Read More
16 Jun

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

Information

by Paul Ducklin Yet more MOVEit mayhem! “Disable HTTP and HTTPS traffic to MOVEit Transfer,” says Progress Software, and the timeframe for doing so is “immediately”, no ifs, no buts. Progress Software is the maker of file-sharing software MOVEit Transfer, and the hosted MOVEit Cloud alternative that’s based on it, and this is its third warning in three weeks about hackable vulnerabilities in its product. At the end of May 2023, cyberextortion criminals associated with…

Read More
16 Jun

In Other News: Linux Kernel Exploits, Update on BEC Losses, Cybersecurity Awareness Act

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless crucial for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
16 Jun

Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks

Information, News

The US Justice Department on Thursday announced charges against a third Russian national allegedly involved in deploying the LockBit ransomware. The man, Ruslan Magomedovich Astamirov, 20, of Chechen Republic, Russia, who was arrested in Arizona, allegedly owned, controlled, and used multiple IP addresses, email addresses, and other online accounts to deploy the LockBit ransomware and communicate with victims. According to court documents, in at least one instance, authorities were able to trace a victim’s payment…

Read More