Multiple campaigns are using CVE-2022-22954 to drop ransomware, coin miners and Mirai [299 words]. What: Multiple malicious campaigns are actively targeting a previously disclosed and now patched remote code execution vulnerability in…
Category: Enterprise
Google’s open-source GUAC initiative will make information for securing the software supply chain readily available to everyone.
GUAC will allow developers, auditors, and risk management teams to evaluate risk more easily in their codebases. What: Google is seeking contributors to a new open-source project it has launched called Graph…
HelpSystems releases Cobalt Strike 4.7.2 to address new RCE vulnerability
Out-of-band update addresses an issue for which IBM X-Force researchers had wanted a new CVE, but which HelpSystems says is not specific to its software [300 words] What: HelpSystems on October 17…
California, Texas tops list of states with most cybersecurity job openings
For the year ended Sept. 2022 employers listed close to 770K job openings for cybersecurity professionals. Security analysts, pen-testers were among top required skills. CyberSeek’s interactive map shows the states and metro…
Siemens patches vulnerability that allows attackers to irreparably compromise entire SIMATIC S7-1200/1500 PLC product lines
Update to new versions of the vulnerable PLC and engineering workstation or implement the workarounds [300 words]. What: A critical vulnerability (CVE-2022-38465 ) exists within Siemens SIMATIC S7-1200, S7-1500 programmable logic controllers (PLCs)…
Microsoft looking into reports of a third Exchange Server zero-day?
Security vendor that discovered bug recommends organizations limit IIS app operating privileges on Exchange Server [297 words] What: Microsoft apparently is looking into a report it received from South Korean cybersecurity vendor…
Here are the highlights of Microsoft’s October 2022 Security Update
Microsoft released fixes for a total of 84 CVEs across its products [300 words]. One of the vulnerabilities that Microsoft patched today is a zero-day that is being actively exploited: Windows COM+…
Update: Attackers actively exploiting recently disclosed authentication bypass vulnerability in FortiOS, FortiProxy and FortiSwitchManager
Key takeaway: Adversaries can exploit the vulnerability remotely to gain full control of affected systems [297 words]. What: Attackers have begun actively exploiting a critical authentication bypass vulnerability (CVE-2022-40684) that Fortinet privately…
Log4j vuln tops list of CVEs that the US govt says Chinese groups are actively exploiting
Key takeaway: Ensure that you have patched these vulnerabilities—or have mitigations for them especially if your organization is in the technology, telecommunications, defense industrial base and other critical infrastructure sectors. [216 words]…
Fortinet warns of critical severity remotely executable authentication bypass vulnerability
Key takeaway: Fortinet products are a popular attacker target. Update now if you have affected versions of FortiOS and FortiProxy in your environment. If you cannot patch immediately disable Internet facing HTTPS…