News

The first in-the-wild exploitation attempts targeting a recent vulnerability in Atlassian Confluence Data Center and Confluence Server were observed over the weekend, threat intelligence firm GreyNoise warns. Patched a week ago, the critical security defect tracked as CVE-2023-22518 (CVSS score of 9.1) is an improper authorization flaw that could lead to “significant data loss”, Atlassian warned. The issue impacts all Confluence versions. Less than five days after releasing the patch, Atlassian issued a second warning,…

Delegates from 28 nations, including the U.S. and China, agreed Wednesday to work together to contain the potentially “catastrophic” risks posed by galloping advances in artificial intelligence. The first international AI Safety Summit, held at a former codebreaking spy base near London, focused on cutting-edge “frontier” AI that some scientists warn could pose a risk to humanity’s very existence. British Prime Minister Rishi Sunak said the declaration was “a landmark achievement that sees the world’s…

The recent shutdown of the Mozi botnet is believed to be the work of its operators, who may have been forced to kill their creation by Chinese authorities. This is a theory from cybersecurity firm ESET, whose researchers recently discovered a kill switch suggesting that the takedown was deliberate.  Mozi emerged in September 2019 and at one point it was a highly active botnet, accounting for a large chunk of the traffic associated with IoT…

VMware Carbon Black’s Threat Analysis Unit (TAU) has identified dozens of previously unknown vulnerable kernel drivers that could be exploited by attackers to alter firmware or escalate privileges. It’s not uncommon for threat actors, including cybercriminals and state-sponsored groups, to abuse kernel drivers in their operations. Such drivers can allow malicious hackers to manipulate system processes, maintain persistence on a system, and evade security products. VMware’s TAU collected roughly 18,000 Windows driver samples from VirusTotal…

In a development sparking chatter and debate through the cybersecurity world, the lawsuit filed by the the U.S. Securities and Exchange Commission (SEC) against the Chief Information Security Officer (CISO) of SolarWinds is leaving CISOs across the industry spooked and reevaluating their roles. The lawsuit alleges that former SolarWinds CISO Timothy Brown failed to disclose critical information regarding the massive cyberattack on the company’s software supply chain that occurred in late 2020. The complex attack,…

In a surprising development on Monday that is spooking the cybersecurity community, the Securities and Exchange Commission (SEC) has filed charges against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging that the software company misled investors about its cybersecurity practices and known risks. The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company’s October 2018 initial public offering (IPO) and…

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…