CyberSecurity Updates

16 Oct

CISA, FBI, and MS-ISAC Release Joint Advisory on Atlassian Confluence Vulnerability CVE-2023-22515

Attacks, Insights, Malware

Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This critical vulnerability affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious threat actors to obtain initial access to Confluence instances by creating unauthorized Confluence administrator accounts. CISA strongly encourages upgrading to a fixed version or taking servers offline to apply…

Read More
14 Oct

Staying on top of security updates – Week in security with Tony Anscombe

Information

Video Why keeping software up to date is a crucial security practice that should be followed by everyone from individual users to SMBs and large enterprises 13 Oct 2023 This week, the US Cybersecurity and Infrastructure Security Agency (CISA) added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, citing solid evidence of active exploitation by attackers. The vulnerabilities, for which patches are available, affect Adobe Acrobat and Reader. One of them can be…

Read More
13 Oct

CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware

Information, News

The US cybersecurity agency CISA is stepping up its efforts to prevent ransomware by making it easier for organizations to learn about vulnerabilities and misconfigurations exploited in these attacks. As part of its Ransomware Vulnerability Warning Pilot (RVWP) program launched in March, the agency has released two new resources to help organizations identify and eliminate security flaws and weaknesses known to be exploited by ransomware groups. “Through the RVWP, CISA determines vulnerabilities that are commonly…

Read More
13 Oct

Juniper Networks Patches Over 30 Vulnerabilities in Junos OS

Information, News

Networking equipment manufacturer Juniper Networks on Thursday announced patches for more than 30 vulnerabilities in Junos OS and Junos OS Evolved, including nine high-severity flaws. The most severe of these issues is an incorrect default permissions bug that allows an unauthenticated attacker with local access to a vulnerable device to create a backdoor with root privileges. Tracked as CVE-2023-44194 (CVSS score of 8.4), the flaw exists because a certain system directory has improper permissions associated…

Read More
13 Oct

In Other News: Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
12 Oct

6 steps to getting the board on board with your cybersecurity program

Information

Business Security How CISOs and their peers can better engage with boards to get long-term buy-in for strategic initiatives Phil Muncaster 11 Oct 2023  •  , 4 min. read Building a safer digital world requires action on several fronts. Initiatives like Cybersecurity Awareness Month (CSAM) are great opportunities to remind the general public of important best practices for password management, vulnerability patching and more. But while this can help make life tougher for cybercriminals targeting…

Read More
12 Oct

Virus Bulletin PUA – a love letter

Information

Digital Security Late nights at VB2023 featured intriguing interactions between security experts and the somewhat enigmatic world of grayware purveyors Cameron Camp 10 Oct 2023  •  , 3 min. read Late night at VB2023 is when the goblins come out – crafted visages of carefully-played fans cum lures foisted by the industry of potentially unwanted application (PUA) vendors, sponsored- and pay-per-click application installers, and other download monetizers that form up a multibillion dollar ecosystem. And…

Read More
12 Oct

Virus Bulletin – building digital armies

Information

Cybercrime Security researchers, global organizations, law enforcement and other government agencies need to have the right conversations and test potential scenarios without the pressure of an actual attack Cameron Camp 11 Oct 2023  •  , 3 min. read Squashing malware groups involves imposing steep costs on small ad hoc groups. But those actions are slowly ebbing in favor of going after much more organized actor groups aligned in support of nation-state-aligned ideals. Doing that is…

Read More
12 Oct

SEC Investigating Progress Software Over MOVEit Hack

Data Breaches, Information, News

The US Securities and Exchange Commission is launching its own investigation into the vulnerability in Progress Software’s MOVEit transfer tool that exposed data from more than 2,000 organizations and 60 million individuals. Tracked as CVE-2023-34362, the flaw was exploited as a zero-day by the notorious Russia-linked Cl0p ransomware group to steal data from organizations using the MOVEit Transfer managed file transfer (MFT) software. Of the victim organizations, roughly 900 are schools in the United States,…

Read More
12 Oct

CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware

Attacks, Insights, Malware

Today, as part of the Ransomware Vulnerability Warning Pilot (RVWP), CISA launched two new resources for combating ransomware campaigns: A “Known to be Used in Ransomware Campaigns” column in the KEV Catalog that identifies KEVs associated with ransomware campaigns. A “Misconfigurations and Weaknesses Known to be Used in Ransomware Campaigns” table on StopRansomware.gov that identifies misconfigurations and weaknesses associated with ransomware campaigns. The table features a column that identifies the Cyber Performance Goal (CPG) action for each misconfiguration…

Read More