Cybersecurity News | CyberSecured 24x7

23 Jun

What to know about the MoveIT hack – Week in security with Tony Anscombe

The US government has now announced a bounty of $10 million for intel linking the Cl0p ransomware gang to a foreign government The US government is now offering a $10 million reward for information linking the Cl0p ransomware gang or other threat actors targeting US critical infrastructure to a foreign government. This is after Cl0p (also known as Clop) exploited vulnerabilities in the MoveIT file transfer platform to steal data from and extort numerous organizations…

23 Jun

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

Information, Malware

by Paul Ducklin The Australian Prime Minister, Anthony Albanese, has apparently advised people Down Under to turn off their mobile phones once a day, for the surprisingly precise period of five minutes, as a cybersecurity measure. UK newspaper The Guardian quotes the PM as saying: We all have a responsibility. Simple things, turn your phone off every night for five minutes. For people watching this, do that every 24 hours, do it while you’re brushing…

23 Jun

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections

Information, News

The National Security Agency (NSA) has published technical mitigation guidance to help organizations harden systems against BlackLotus UEFI bootkit infections. The NSA’s recommendations provide a blueprint for defenders to protect systems from BlackLotus, a stealthy malware that emerged on underground forums in late 2022 with capabilities that include user access control (UAC) and secure boot bypass, unsigned driver loading, and prolonged persistence. To disable secure boot, the bootkit exploits a year-old vulnerability in Windows (CVE-2022-21894)…

23 Jun

In Other News: Microsoft Win32 App Isolation,Tsunami Hits Linux Servers, ChatGPT Credentials Exposed on Dark Web

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

23 Jun

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws

Information, News

The US government’s cybersecurity agency CISA on Thursday added another batch of security flaws to its Known Exploited Vulnerabilities (KEV) catalog and urged federal agencies to patch these issues as a matter of urgency. The already exploited vulnerabilities affect users of the open-source Roundcube webmail server and VMware Aria Operations for Networks. Exploitation of the open-source mail server Roundcube flaws has been linked to Russian state-sponsored attacks against the Ukrainian government and other high-profile entities…

23 Jun

VMware Releases Security Update for vCenter Server and Cloud Foundation

Attacks, Insights, Malware

VMware has released a security update to address multiple memory corruption vulnerabilities in vCenter Server and Cloud Foundation. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0014 and apply the necessary updates.

23 Jun

CISA Adds Five Known Exploited Vulnerabilities to Catalog

Attacks, Insights, Malware

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32434 Apple Multiple Products Integer Overflow Vulnerability CVE-2023-32435 Apple iOS and iPadOS WebKit Memory Corruption Vulnerability CVE-2023-32439 Apple iOS, iPadOS, and macOS WebKit Type Confusion Vulnerability CVE-2023-20867 VMware Tools Authentication Bypass Vulnerability CVE-2023-27992 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view…

23 Jun

IOTW: A full timeline of the MOVEit cyber attack

Attacks, Data Breaches

Ransomware gang Clop, which has taken responsibility for the cyber attack launched against document transfer service MOVEit, has announced that it has not stolen data from companies thought to be impacted by data breaches linked to the attack. These companies include the UK’s British Broadcasting Company (BBC), British Airways and high street health and beauty retailer Boots. Since June 14, Clop has been posting company profiles of companies allegedly impacted by data breaches caused by…

CyberSecurity Updates

What to know about the MoveIT hack – Week in security with Tony Anscombe

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections

In Other News: Microsoft Win32 App Isolation,Tsunami Hits Linux Servers, ChatGPT Credentials Exposed on Dark Web

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws

VMware Releases Security Update for vCenter Server and Cloud Foundation

CISA Adds Five Known Exploited Vulnerabilities to Catalog

IOTW: A full timeline of the MOVEit cyber attack

Search

The 6 Stages of a Vulnerability Management Process

Get Cybersecurity Alerts

Read More

Categories

Site Navigation

Resources