Malware

2023 CWE Top 25 Most Dangerous Software Weaknesses

The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2023 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses. The CWE Top 25 is calculated by analyzing public vulnerability data in the National Vulnerability Data (NVD) for root cause mappings to CWE weaknesses for the previous two calendar years. These weaknesses lead to serious vulnerabilities in software. An attacker can often…

Read More

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems (ICS) advisories on June 29, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-23-180-01 Delta Electronics InfraSuite Device Master ICSA-23-180-02 Schneider Electric EcoStruxure ICSA-23-180-03 Ovarro TBox RTUs ICSA-23-180-04 Mitsubishi Electric MELSEC-F Series ICSMA-23-180-01 Medtronic Paceart Optima System ICSA-19-120-01 Rockwell Automation CompactLogix 5370 (Update A) ICSA-20-245-01 Mitsubishi Electric Multiple Products (Update F) ICSA-22-333-05 Mitsubishi Electric FA Engineering Software (Update B) ICSA-23-171-02 Enphase Installer…

Read More

CISA and NSA Release Joint Guidance on Defending Continuous Integration/Continuous Delivery (CI/CD) Environments

Today, CISA, together with the National Security Agency (NSA), released a Cybersecurity Information Sheet (CSI) to provide recommendations and best practices for organizations to strengthen the security of their CI/CD pipelines against the threat of malicious cyber actors (MCAs). Recognizing the various types of security threats that could affect CI/CD operations and taking steps to defend against each one is critical in securing a CI/CD environment. Organizations will find in this guide a list of…

Read More

SEC notice to SolarWinds CISO and CFO roils cybersecurity industry

The US Securities and Exchange Commission has roiled the cybersecurity industry by putting executives of SolarWind on notice that it may pursue legal action for violations of federal law in connection with their response to the 2020 attack on the company’s infrastructure that affected thousands of customers in government agencies and companies globally. Current and former employees and officers of the company, including the chief financial officer (CFO) and chief information security officer (CISO), have…

Read More

Bionic integrations offer context-based vulnerability management

Application security posture management (ASPM) company Bionic has added two new capabilities — Bionic Signals and Bionic Business Risk Scoring — to its namesake cybersecurity platform to help its customers detect, prioritize and remediate vulnerabilities and threats in their applications. The idea is to collate signals from multiple threat intelligence platforms and add business context to identify critical risks in customer applications and help prioritize them based on the level of risks involved. “The surge…

Read More

Fortanix adds confidential data search for encrypted enterprise data

Cloud data security company Fortanix has announced Fortanix Confidential Data Search, a search offering for encrypted databases within enterprise cloud workflows. “Confidential Data Search allows data analysts to use off-the-shelf, unmodified databases in a standard, unrestricted SQL environment,” said Richard Searle, vice president of Confidential Computing, Fortanix. “Users do not need to convert their datasets to new complex proprietary database formats or deploy proprietary agents.” The search capability, Fortanix claims, doesn’t compromise data security or…

Read More

CISA Releases SCuBA TRA and eVRF Guidance Documents

CISA has released several documents as part of the Secure Cloud Business Applications (SCuBA) project: The Technical Reference Architecture (TRA) document, previously released for public comment on April 19, 2022, is the final version of a security guide that agencies can use to adopt technology for cloud deployment, adaptable solutions, secure architecture, and zero trust frameworks.  The extensible Visibility Reference Framework (eVRF) guidebook provides an overview of the eVRF framework, which enables organizations to identify visibility…

Read More

Critical flaw in VMware Aria Operations for Networks sees mass exploitation

Researchers warn that a vulnerability patched this month in VMware Aria Operations for Networks, formerly known as vRealize Network Insight, is now seeing exploitation en masse. The flaw allows for remote code execution through command injection and is rated with critical severity. “New data from Akamai shows the scale of active scanning for sites vulnerable to CVE-2023-20887 is much greater than originally reported,” researchers from Akamai told CSO via email. “There have been 695,072 total…

Read More

Latest MOVEit exploit hits thousands of NYC school students and staff

Personal data of over 45,000 public school students was compromised in a breach involving the file-transfer software MOVEit, according to a community letter sent to families and staff by the New York City Department of Education. “DOE used MOVEit to transfer documents and data internally as well as to and from vendors, including third party special education service providers,” the letter said.   The breach is the latest expoit of a SQL injection vulnerability found…

Read More

Pilot data of American Airlines and Southwest stolen in data breach

A cybersecurity incident at a third-party vendor has impacted the personal information of pilots of at least two US airlines, including American Airlines and Southwest Airlines.  Personal information, including name and social security number, driver’s license number, passport number, date of birth, Airman Certificate number, and other government-issued identification numbers were compromised, according to breach notifications from the airlines.  Breach at third-party vendor On May 3, both airlines were informed that their third-party vendor, pilotcredentials.com,…

Read More