Day: October 6, 2022

Breaches Enterprise

Federal jury finds former Uber CISO guilty on criminal charges related to 2016 breach

Key takeaway: Don’t attempt to conceal a data breach. [293 words] What: A federal jury in California has convicted former Uber CISO Joseph Sullivan for attempting to conceal a 2016 data breach that exposed sensitive account data belonging to some 57 million riders and drivers. The San Francisco jury found Sullivan guilty of obstructing justice […]

Read More
Emerging Threats Enterprise Vulnerabilities

CISA ups the ante on asset discovery and vulnerability detection on federal networks

Key takeaway: If you aren’t already doing continuous automated asset discovery and vulnerability enumeration on discovered assets, now is a good time to get started. [259 words] What: The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued Binding Operational Directive (BOD) 23-01 that requires all federal, executive branch, and agencies to implement measurable […]

Read More
Enterprise Vulnerabilities

Here’s what you need to know about the new (actively exploited) Microsoft Exchange Server 0-Days: CVE-2022-41040 and CVE-2022-41082

Latest update: Microsoft has updated its mitigation for the flaw. Implement it. [265 words] What: Two zero-day vulnerabilities exist in Microsoft Exchange Server 2013, 2016 and 2019. One of the flaws CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability. The other is CVE-2022-41082, allows Remote Code Execution (RCE) via PowerShell. Both vulnerabilities require an attacker […]

Read More
Emerging Threats Supply Chain Vulnerabilities

Newly disclosed vulnerability in PHP package repository highlights growing software supply chain risks

Key takeaway: Attackers are increasingly trying to infiltrate software development environments via malicious and poisoned packages on public code repositories. Robust SBOM and SCA practices are key to mitigating the threat [289 words] What: Researchers at SonarSource have disclosed a new vulnerability (CVE-2022-24828) in PHP package repository Packagist that gives attackers a way to execute […]

Read More
Breaches Emerging Threats Supply Chain

Attackers Demonstrate Novel Way to Compromise EXSi Hypervisors

Key takeaway: Don’t allow vSphere Installation Bundles (VIBs) to become a vehicle for sneaking malware into your environment. (276 words) What happened: A China-based threat actor installed multiple backdoors on ESXi hypervisors at several organizations using malicious vSphere Installation Bundles. The backdoors enable a lot of bad things including persistent access, arbitrary command execution and […]

Read More