Mandiant Updates Guidance for Protecting Against Ivanti Vulnerabilities
Image source: Shutterstock Following its disclosure of two new zero-days Jan 31, Ivanti too has updated its mitigation file. Customers who applied previous mitigation would need re-apply it to address new flaws. Google’s Mandiant security group has released updated guidance for Ivanti customers looking to remediate or harden their Ivanti Connect Secure (formerly Pulse Secure) […]
Read MoreCVE-2024-0204 in GoAnywhere MFT is a Ticking Time Bomb
Image source: Shutterstock More than 96% of GoAnywhere MFT assets that security vendor Tenable observed on Jan 23 were vulnerable. Mass attacks could soon begin against a critical authentication bypass flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) technology following the release of a proof-of-concept exploit for it this week. Fortra informed customers privately about […]
Read MoreLockBit Ransomware Operators Targeting CitrixBleed in Coordinated Attacks
Image source: Shutterstock China’s ICBC, Boeing, Australian logistics giant DP World, major law firm among known victims so far; More than 5,000 organizations worldwide remain unpatched and vulnerable to CVE-2023-4966 Multiple LockBit ransomware operators are apparently working in a coordinated manner to break into major organizations via “CitrixBleed” (CVE-2023-4966) a critical vulnerability in several versions […]
Read MoreHere are the 4 Main Requirements of the New White House Executive Order on AI Safety
Image source: Shutterstock The EO calls for the creation of new standards and guidance to ensure safe use of AI especially in critical infrastructure sectors. The Biden-Harris Administration Monday issued an Executive Order pertaining to the safe and secure use of Artificial Intelligence technologies and systems. The EO lays out requirements for new AI safety […]
Read MoreThese 5 Security Practices Can Help Protect Against 99% of Attacks: Do you Have Them?
Image source: Shutterstock Microsoft says telemetry from its Defender for Endpoint, Cloud Apps, Identity, Office 365 and other sources shows organizations can protect against almost all attacks with a few fundamental security practices. Organizations can protect against 99%–or nearly all—attacks by implementing a handful of basic security practices, a new Microsoft study has found. Microsoft’s […]
Read MoreHere’s What You Need to Know About the Severe “Looney TUNABLES” Vuln in Multiple Linux Distros
Image source: Shutterstock CVE-2023-4911 is a local privilege escalation flaw that gives attackers a way to gain root access on versions of Debian, Fedora, Ubuntu and other Linux distributions using the glibc library. Millions of Linux systems running default installations of certain versions of Debian, Fedora, Ubuntu—and likely other distributions using the GNU C Library […]
Read MoreChinese APT actor targeting unpatched SonicWall devices in credential stealing campaign
New attacks are similar to those that other China-backed actors have carried out in recent years as part of cyber espionage and data theft campaigns against US companies. A likely China-based threat actor is targeting unpatched SonicWall Secure Mobile Access 100 Series (SMA100) devices with highly persistent malware for stealing user credentials and providing the […]
Read More7 vulnerabilities that federal agencies MUST address by Nov 29
Four of the vulnerabilities are Windows zero-day bugs that Microsoft disclosed in its November security update; three affect Samsung mobile devices. The US Cybersecurity and Infrastructure Security Agency’s (CISA) Binding Operational Directive 22-01 issued in Nov. 2021 requires all federal civilian executive branch agencies to address software bugs that are listed in CISA’s Known Exploited […]
Read MoreRussia’s Iridium group deploying new ransomware payload
- Editor DTI
- November 10, 2022
- iridium
- microsoft
- poland
- prestige
- ransomware
- ukraine
Prestige ransomware marks dangerous shift in strategy for threat actor Microsoft says [299 words]. What: Security researchers at Microsoft have spotted Russia-based threat group Iridium dropping a new ransomware payload dubbed “Prestige” on systems belonging to organizations in Ukraine and Poland. The Prestige campaign marks a broadening of focus for Iridium from its usual destructive […]
Read MoreNSA recommends organizations make strategic shift to memory-safe languages
Programming languages such as C and C++ rely too heavily on the programmer not making memory-related mistakes, agency says [300 words]. What: NSA says organizations should consider making a strategic shift from programming languages such as C/C++ to “memory-safe” languages such as C#, Go, Java, Ruby and Swift. With these languages, memory management does not […]
Read More