CISA Adds 66 Known Exploited Vulnerabilities to Catalog https://ift.tt/51VOHC2 Original release date: March 25, 2022 CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: […]
Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware https://ift.tt/7k3apAy Vulnerable routers from MikroTik have been misused to form what cybersecurity researchers have called one of the largest botnet-as-a-service cybercrime operations seen in recent years. According to a new piece of research published by Avast, a cryptocurrency mining campaign leveraging the new-disrupted […]
Corrupted open-source software enters the Russian battlefield https://ift.tt/FwnBsK3 It started as an innocent protest. Npm, JavaScript’s package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It did little except add a protest message against Russia’s invasion of Ukraine. But then, it took a darker turn: It began […]
CISA Adds 15 Known Exploited Vulnerability to Catalog https://ift.tt/BsKupCq Original release date: March 15, 2022 | Last revised: March 16, 2022 CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent […]
Updated: Kubernetes Hardening Guide https://ift.tt/2KrcxLg Original release date: March 15, 2022 The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on valuable feedback and inputs from the cybersecurity community. Kubernetes is an open-source system that automates deployment, scaling, and management […]
Stolen Nvidia certificates used to sign malware—here’s what to do https://ift.tt/rifB6Ny As we wrote on March 3, 2022 Nvidia, was recently attacked by the LAPSUS$ ransomware group. The ensuing data leak included two of NVIDIA’s code signing certificates. Those certificates are now being used to sign malware. Leaked signing certificates from major vendors like Nvidia […]
CaddyWiper: New wiper malware discovered in Ukraine https://ift.tt/zFySCr4 This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malware taking aim at Ukrainian organizations ESET researchers have uncovered yet another destructive data wiper that was used in attacks against organizations in Ukraine. Dubbed CaddyWiper by ESET analysts, […]
‘Dirty Pipe’ Linux Flaw Affects a Wide Range of QNAP NAS Devices https://ift.tt/FalWtG9 Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems. “A local privilege escalation vulnerability, also known as ‘Dirty Pipe,’ has […]
Blunting RDP brute-force attacks with rate limiting https://ift.tt/Xk8Rvsn Thanks to the Malwarebytes Threat Intelligence Team for the information they provided for this article. Not long ago, guessing a Windows Remote Desktop Protocol (RDP) password successfully was widely regarded as ransomware operators’ number one choice for breaching a target. It attracted a lot of press coverage […]
350+ IP blacklists, IP blocklists and IP Reputation feeds, about Cybercrime, Fraud, Botnets, Μalware, Virus, Abuse, Attacks, Open Proxies, Anonymizers. See their changes and updates, size over time, retention policy, geographic coverage, comparisons and overlaps. https://ift.tt/7pzW1cC
Stack IT News 