A critical vulnerability in Atlassian’s Confluence Server software is now under active attack. Disclosed last week by Atlassian, CVE-2021-26084 is a remote code execution bug that is considered a critical security risk by the vendor. The flaw, which was rated a 9.8 on the CVSS scale, is due to an injection bug in the…
The cybersecurity researchers of Check Point Software Technologies Ltd have recently detected a security vulnerability in the image filtering function of WhatsApp, the world’s most famous messaging application that has active users more than 2 billion. The news gets disclosed an hour after knowing that WhatsApp will have to pay 225 million dollars for not…
Cybersecurity researchers have disclosed details about a new malware family that relies on the Common Log File System (CLFS) to hide a second-stage payload in registry transaction files in an attempt to evade detection mechanisms. FireEye’s Mandiant Advanced Practices team, which made the discovery, dubbed the malware PRIVATELOG, and its installer, STASHLOG. Specifics about the…
By The FBI, Cyber Division and the Vermont Intelligence Center – September 1, 2021 Summary Ransomware attacks targeting the Food and Agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain. Ransomware may impact businesses across the sector, from small farms to large producers, processors and manufacturers, and markets and restaurants. Food…
On the Friday heading into Memorial Day weekend this year, it was meat processing giant JBS. On the Friday before the Fourth of July, it was IT management software company Kaseya and, by extension, over a thousand businesses of varying size. It remains to be seen whether Labor Day will see a high-profile ransomware meltdown…
3rd Party Risk Management , Application Security , Business Continuity Management / Disaster Recovery NSC Adviser Anne Neuberger Says Organizations Should Take Precautions Scott Ferguson (Ferguson_Writes) • September 2, 2021 Anne Neuberger, the deputy national security adviser for cyber and emerging technology, speaking to reporters at the White House on Thursday While there…
Watch out! A spike in ransomware attacks may be headed our way over Labor Day weekend. Yesterday, the FBI jointly with the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to be on high alert for ransomware attacks this weekend, after recent targeted attacks over Mother’s Day, Memorial Day and Fourth of July weekends….
Critical Infrastructure Security , Endpoint Security , Governance & Risk Management Flaws Fixed, Mitigations Issued for Discontinued Devices Mihir Bagwe • September 4, 2021 Moxa has confirmed patching 60 vulnerabilities in its latest firmware update. (Source: Moxa) SEC Consult, a cybersecurity consultancy firm that is part of Atos, has reportedly found multiple vulnerabilities…
3rd Party Risk Management , Application Security , Application Security & Online Fraud Cisco NFV Infrastructure Software Users Urged to Patch Immediately Prajeet Nair (@prajeetspeaks) • September 4, 2021 (Photo: Cisco Networks) Cisco has released an urgent software update to fix a critical authentication bug, that can allow an unauthenticated, remote attacker to…
WhatsApp has patched a vulnerability that could allow an attacker to read sensitive information from the app’s memory, including private messages using a specially crafted image. The vulnerability was reported to WhatsApp by cybersecurity firm Check Point Research, and it existed within the image filter function of WhatsApp for Android and WhatsApp Business for Android…
