News

The FBI has released a fresh warning on ransomware operators compromising third-party vendors and services to abuse them for initial access to victim environments. Threat actors have been observed exploiting vulnerabilities in vendor-controlled remote access to servers and abusing legitimate system management tools to elevate permissions in victim organizations’ networks, the Bureau says. “The FBI continues to track reporting of third-party vendors and services as an attack vector for ransomware incidents,” the agency notes in…

Read More

The first in-the-wild exploitation attempts targeting a recent vulnerability in Atlassian Confluence Data Center and Confluence Server were observed over the weekend, threat intelligence firm GreyNoise warns. Patched a week ago, the critical security defect tracked as CVE-2023-22518 (CVSS score of 9.1) is an improper authorization flaw that could lead to “significant data loss”, Atlassian warned. The issue impacts all Confluence versions. Less than five days after releasing the patch, Atlassian issued a second warning,…

Read More

Delegates from 28 nations, including the U.S. and China, agreed Wednesday to work together to contain the potentially “catastrophic” risks posed by galloping advances in artificial intelligence. The first international AI Safety Summit, held at a former codebreaking spy base near London, focused on cutting-edge “frontier” AI that some scientists warn could pose a risk to humanity’s very existence. British Prime Minister Rishi Sunak said the declaration was “a landmark achievement that sees the world’s…

Read More

The recent shutdown of the Mozi botnet is believed to be the work of its operators, who may have been forced to kill their creation by Chinese authorities. This is a theory from cybersecurity firm ESET, whose researchers recently discovered a kill switch suggesting that the takedown was deliberate.  Mozi emerged in September 2019 and at one point it was a highly active botnet, accounting for a large chunk of the traffic associated with IoT…

Read More

VMware Carbon Black’s Threat Analysis Unit (TAU) has identified dozens of previously unknown vulnerable kernel drivers that could be exploited by attackers to alter firmware or escalate privileges. It’s not uncommon for threat actors, including cybercriminals and state-sponsored groups, to abuse kernel drivers in their operations. Such drivers can allow malicious hackers to manipulate system processes, maintain persistence on a system, and evade security products. VMware’s TAU collected roughly 18,000 Windows driver samples from VirusTotal…

Read More

In a development sparking chatter and debate through the cybersecurity world, the lawsuit filed by the the U.S. Securities and Exchange Commission (SEC) against the Chief Information Security Officer (CISO) of SolarWinds is leaving CISOs across the industry spooked and reevaluating their roles. The lawsuit alleges that former SolarWinds CISO Timothy Brown failed to disclose critical information regarding the massive cyberattack on the company’s software supply chain that occurred in late 2020. The complex attack,…

Read More

In a surprising development on Monday that is spooking the cybersecurity community, the Securities and Exchange Commission (SEC) has filed charges against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging that the software company misled investors about its cybersecurity practices and known risks. The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company’s October 2018 initial public offering (IPO) and…

Read More

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More