News

3rd Party Risk Management , Application Security , Breach Notification Company Says Russian-Linked Group Targeted Its Customer Support System Scott Ferguson (Ferguson_Writes) • June 26, 2021     Photo: Microsoft The Russian-linked cyberespionage group behind the supply-chain attack against SolarWinds recently targeted Microsoft‘s customer support system as part of a new campaign, the company disclosed…

Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime New JSSLoader Variant is Being Spread by TA543 Group Akshaya Asokan (asokan_akshaya) • June 26, 2021     A cybercrime group tracked as TA543 by security firm Proofpoint is deploying a new variant of a malware loader to target victims as part of a phishing campaign,…

SAN FRANCISCO, June 25 (Reuters) – Microsoft (MSFT.O) said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers. The company said it had found the compromise during its response to hacks by a team it identifies as responsible for…

The Kremlin has expressed disappointment over the failure of European Union leaders to agree on a proposal by France and Germany to hold an EU-Russia summit with President Vladimir Putin. At late-night talks in Brussels, the proposal faced fierce resistance from member states — especially in Eastern Europe — over concerns that holding such a…

Ubuntu Security Notice 5001-1 – Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in…

Application Security , Biometrics , Encryption & Key Management Microsoft Promises Better ‘Zero Trust’ Capability, Passwordless Access Doug Olenick (DougOlenick) • June 25, 2021     Microsoft’s upcoming Windows 11 operating system will have new security capabilities and a new look. (Source: Microsoft) Security specialists are offering preliminary feedback on Microsoft’s sneak peek at the…

Executive Summary Informations Name CVE-2021-32713 First vendor Publication 2021-06-24 Vendor Cve Last vendor Modification 2021-06-25 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA   Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…

Application Security , Leadership & Executive Communication , Next-Generation Technologies & Secure Development Also: Updating SOCs, Communicating With the Board Anna Delaney (annamadeline) • June 25, 2021     Clockwise, from top left: Suparna Goswami, Anna Delaney, Tom Field and Tony Morbin In the latest weekly update, a panel of…

Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Information Handled by the Police Department Exposed Doug Olenick (DougOlenick) • June 25, 2021     The city of Tulsa issued a warning this week that a ransomware group that attacked the city in May leaked more than 18,000…