Security

Enterprise Vulnerabilities From DHS/US-CERT’s National Vulnerability Database CVE-2020-19625PUBLISHED: 2021-03-26 Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter. CVE-2020-19626PUBLISHED: 2021-03-26 Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new….

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

3rd Party Risk Management , Endpoint Security , Governance & Risk Management Editors Address Exchange Hacks, Insider Threats and More Anna Delaney (annamadeline) • March 26, 2021     Clockwise, from top left: Nick Holland, Anna Delaney, Mathew Schwartz and Tom Field Four editors at Information Security Media Group discuss the…

Cybercrime , Fraud Management & Cybercrime , Malware as-a-Service Accenture Describes Highly Targeted Campaign Akshaya Asokan (asokan_akshaya) • March 25, 2021     A Hades ransom note (Source: Accenture) A previously unknown threat group is deploying Hades ransomware as part of an ongoing campaign that has already targeted three U.S. companies, Accenture’s cyberthreat intelligence group…

Roughly 92% of all Internet-connected on-premises Microsoft Exchange servers affected by the ProxyLogon vulnerabilities are now patched and safe from attacks, Microsoft said on Monday. A total of 400,000 Internet-connected Exchange servers were impacted by the ProxyLogon vulnerabilities when Microsoft issued the initial security patches, on March 2, with over 100,000 of them still unpatched one…

Fraud Management & Cybercrime , Fraud Risk Management , Next-Generation Technologies & Secure Development Spearheaded by Ryuk and Vatet, Gangs Wield Commodity Downloaders, Researchers Warn Mathew J. Schwartz (euroinfosec) • March 25, 2021     Ryuk ransom note (Source: Coveware) Criminals operating online continue to tap ransomware in their pursuit of an illicit payday. See…

Facebook says hackers used the site to lure activists, journalists, dissidents to others containing links to malware. Facebook Inc says it has blocked a group of hackers in China who used the platform to fool Uighurs living abroad into clicking on links to malware that would infect their devices and enable surveillance. The social media…

It’s easy to get overwhelmed with the number of cloud security resources available. How do you know which sources to trust? Which ones should inform your security strategies? Which reports will actually improve your cloud security posture? Let’s first look at six cloud security guides that you should be using. These resources provide action items…

The website of insurance giant CNA is out of action following a cyber-attack that took place over the weekend. Visitors to the website of the Chicago-based firm are greeted with a notice explaining that threat actors have disrupted the company’s network.  In a statement released Tuesday evening, CNA described the assault as a “sophisticated cybersecurity attack.” The company said that…

Facebook said it has disrupted a cyberespionage operation orchestrated by China-backed hackers that has been targeting activists, journalists and dissidents predominantly among Uyghurs living abroad. The threat actor behind this campaign is believed to be a hacker group known as Earth Empusa or Evil Eye. The malicious actor used Facebook to distribute links…