Malware

MOVEit Transfer vulnerability appears to be exploited widely

Progress Software has discovered a vulnerability in its file transfer software MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment, the company said in a security advisory.  “A SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database,” the company said in the post, adding that depending on the database engine being used…

Read More

ISACA pledges to help grow cybersecurity workforce in Europe

Global professional association ISACA has announced a pledge to the European Commission to grow and empower the cybersecurity workforce in Europe. The pledge will see ISACA provide 20,000 free memberships to students across Europe to acquire crucial cybersecurity skills and support the identification of qualified cybersecurity candidates for organizations, supporting the European Union’s (EU) cybersecurity agenda, it said. Closing the cybersecurity workforce gap and promoting diversity within the field will be key focus areas, helping…

Read More

BigID wants to let you tweak your data classifications manually

BigID is adding a feature that lets end users of its data intelligence platform manually adjust classification models, in an effort to make those more precise without the need for advanced coding knowledge. The company announced today that the new feature, called classifier tuning, would allow users to adjust machine learning models in real time, leading to improved accuracy in the classification of machine-discovered data. BigID said that the idea is to help businesses, which…

Read More

Progress Software Releases Security Advisory for MOVEit Transfer

Progress Software has released a security advisory for a SQL injection vulnerability (CVE-2023-34362) in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urgers users and organizations to review the MOVEit Transfer Advisory, follow the mitigation steps, apply the necessary updates, and hunt for any malicious activity.  

Read More

What is the Cybercrime Atlas? How it can help disrupt cybercrime

Announced in June 2022, the Cybercrime Atlas is an initiative from the World Economic Forum (WEF) to map activities of cybercriminals and create a database that can be used by law enforcement across the world to disrupt the cyber-criminal ecosystem. Cybercrime Atlas officially launched in February 2023 in a partnership between WEF and Banco Santander, Fortinet, Microsoft, and PayPal. Cybercrime Atlas was conceptualized by WEF’s Partnership against Cybercrime, which includes more than 40 public and…

Read More

Gigabyte firmware component can be abused as a backdoor

Researchers warn that the UEFI firmware in many motherboards made by PC hardware manufacturer Gigabyte injects executable code inside the Windows kernel in an unsafe way that can be abused by attackers to compromise systems. Sophisticated APT groups are abusing similar implementations in the wild. “While our ongoing investigation has not confirmed exploitation by a specific threat actor, an active widespread backdoor that is difficult to remove poses a supply chain risk for organizations with…

Read More

Inactive, unmaintained Salesforce sites vulnerable to threat actors

Improperly deactivated and unmaintained Salesforce sites are vulnerable to threat actors who can gain access to sensitive business data and personally identifiable information (PII) by simply changing the host header. That’s according to new research from Varonis Threat Labs, which explores the threats posed by Salesforce “ghost sites” that are no longer needed, set aside, but not deactivated. These sites are typically not maintained or tested against vulnerabilities, while admins fail to update security measures…

Read More

Trellix, Netskope announce new Amazon Security Lake support to enhance threat detection, remediation

Cybersecurity vendors Trellix and Netskope have announced new support for Amazon Security Lake from AWS, which became generally available on May 30. Trellix customers can now integrate their security data lake into the Trellix XDR security operations platform to enhance detection and response capabilities for their AWS environments. Meanwhile, Netskope customers can export logs from the Netskope Intelligent Security Service Edge (SSE) platform to Amazon Security Lake to improve visibility and threat remediation. AWS launched…

Read More

Barracuda patches zero-day vulnerability exploited since October

Barracuda has patched a zero-day vulnerability that had been exploited since October to backdoor customers’ Email Security Gateway (ESG) appliances with custom malware and steal data, the company said on Tuesday.  “On May 19, 2023, Barracuda Networks identified a remote command injection vulnerability (CVE-2023-2868) present in the Barracuda Email Security Gateway (appliance form factor only) versions 5.1.3.001-9.2.0.006,” the company said, adding that the vulnerability stemmed from incomplete input validation of user-supplied .tar files as it…

Read More

What is federated Identity? How it works and its importance to enterprise security

At the very heart of enterprise security is the tension between convenience and safety. The business longs for the ease of users, in competition with the demands of security. Authentication is a main theater for this tension, directly impacting the onboarding and login experience. Federated identity is at the forefront in addressing this tension, affording a good user experience without sacrificing security. Federated identity management (FIM) makes it possible to share a single digital identity…

Read More