Malware

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

by Paul Ducklin The Australian Prime Minister, Anthony Albanese, has apparently advised people Down Under to turn off their mobile phones once a day, for the surprisingly precise period of five minutes, as a cybersecurity measure. UK newspaper The Guardian quotes the PM as saying: We all have a responsibility. Simple things, turn your phone off every night for five minutes. For people watching this, do that every 24 hours, do it while you’re brushing…

Read More

Public exploit is now available for Cisco AnyConnect VPN client

An easy-to-use exploit was publicly released this week for a patched vulnerability that affects the widely used Cisco AnyConnect Secure Mobility Client and Cisco Secure Client applications for Windows. Attackers could leverage the exploit to elevate their privileges on a victim’s system and take full control of it. Cisco Secure Client for Windows, previously known as Cisco AnyConnect Secure Mobility Client before version 5.0, is an application that integrates with multiple Cisco endpoint security and…

Read More

Millions of GitHub repositories vulnerable to RepoJacking: Report

Millions of GitHub repositories are potentially vulnerable to RepoJacking, which allows attackers to carry out code execution on organizations’ internal environments or on their customers’ environments, according to research by AquaSec.  AquaSec analyzed a sample of 1.25 million GitHub repositories and found that about 2.95% were vulnerable to RepoJacking, including repositories belonging to companies such as Google and Lyft.  What is RepoJacking? On GitHub, organizations have usernames and repository names. In instances such as a…

Read More

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32434 Apple Multiple Products Integer Overflow Vulnerability CVE-2023-32435 Apple iOS and iPadOS WebKit Memory Corruption Vulnerability CVE-2023-32439 Apple iOS, iPadOS, and macOS WebKit Type Confusion Vulnerability CVE-2023-20867 VMware Tools Authentication Bypass Vulnerability CVE-2023-27992 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view…

Read More

China-sponsored APT group targets government ministries in the Americas

An advanced persistent threat (APT) group named Flea has been carrying out attacks against foreign affairs ministries in North and South America using a new backdoor called Graphican, according to a report by the Symantec Threat Hunter Team. The campaign ran from late 2022 into early 2023. It also targeted a government finance department in a country in the Americas and a corporation that sells products in Central and South America. There was also one…

Read More

Opaque Systems releases new data security, privacy-preserving features for LLMs

Opaque Systems has announced new features in its confidential computing platform to protect the confidentiality of organizational data during large language model (LLM) use. Through new privacy-preserving generative AI and zero-trust data clean rooms (DCRs) optimized for Microsoft Azure confidential computing, Opaque said it also now enables organizations to securely analyze their combined confidential data without sharing or revealing the underlying raw data. Meanwhile, broader support for confidential AI use cases provides safeguards for machine…

Read More

RangeForce launches Defense Readiness Index to measure businesses’ cybersecurity capabilities

Cyber defense upskilling company RangeForce has announced the release of the Defense Readiness Index (DRI) to enable companies to measure and improve their cybersecurity capabilities. Integrated into RangeForce’s Threat Centric platform and mapped to both the MITRE ATT&CK and D3FEND frameworks, the DRI scores an organization’s readiness to respond to cyberattacks, the firm said in a press release. It also provides cybersecurity upskilling rooted in United States Department of Defense and NATO training to help…

Read More

Apple patches exploits used in spy campaign ‘Operation Triangulation’

Apple has shipped patches for the remote code execution (RCE) vulnerabilities in iOS that have already been exploited in the wild under the digital spy campaign, dubbed Operation Triangulation. The campaign used two zero-click iMessage exploits and compromises without any user interactions based on a pair of bugs respectively in the kernel and Webkit. Apple has attributed the discovery of these vulnerabilities to Kaspersky Lab just two weeks after the Russian cybersecurity firm reported discovering…

Read More