Comments on: Cyber security news April 2022

By: gemmalyly

gemmalyly — Mon, 25 Jul 2022 07:49:37 +0000

Cyber security news is constantly changing as new threats appear nerdle, major companies and organizations are targeted and the world becomes more connected. octordle

By: Tomi Engdahl

Tomi Engdahl — Thu, 05 May 2022 16:52:40 +0000

https://thehackernews.com/2022/04/microsoft-discovers-new-privilege.html

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:32:49 +0000

Synology, QNAP, WD Warn Users About Vulnerabilities Exploited at Hacking Contest
https://www.securityweek.com/synology-qnap-wd-warn-users-about-vulnerabilities-exploited-hacking-contest

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:32:32 +0000

Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability
https://www.securityweek.com/many-internet-exposed-servers-affected-exploited-redis-vulnerability

Rapid7 security researchers have identified 2,000 internet-exposed Linux servers that appear to be impacted by a Redis vulnerability that has been exploited in attacks.

Tracked as CVE-2022-0543, the security hole has a CVSS score of 10 and is described as an insufficient sanitization in Lua. While Redis statically links the Lua Library, some Debian/Ubuntu packages dynamically link it, leading to a sandbox escape that can be exploited to achieve remote code execution.

Both Debian and Ubuntu announced patches for the bug on February 18. On March 8, however, Brazilian security researcher Reginaldo Silva, who was credited for finding the issue, released proof-of-concept code targeting it.

In-the-wild exploitation of this vulnerability started days later, and the US Cybersecurity and Infrastructure Security Agency (CISA) added the flaw to its Known Exploited Vulnerabilities Catalog in late March.

Now, Rapid7 says a Metasploit module was made available on April 26 and warns that “attackers will continue to opportunistically exploit this vulnerability as long as there are internet facing targets to exploit.”

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:17:43 +0000

Atlassian doubles the number of orgs affected by two week outage https://www.bleepingcomputer.com/news/technology/atlassian-doubles-the-number-of-orgs-affected-by-two-week-outage/
Atlassian says that this month’s two-week-long cloud outage has impacted almost double the number of customers it initially estimated after learning of the incident.

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:17:24 +0000

Fake Windows 10 updates infect you with Magniber ransomware https://www.bleepingcomputer.com/news/security/fake-windows-10-updates-infect-you-with-magniber-ransomware/
Fake Windows 10 updates are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month.

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:17:00 +0000

Internetin tulevaisuudesta tehtiin tärkeä sopimus Venäjä ja Kiina jättäytyivät pois https://www.tivi.fi/uutiset/tv/157d2ba9-8181-435a-b815-db43793e5a4c
EU, Iso-Britannia, Yhdysvallat ja 32 muuta valtiota ympäri maailman ovat sitoutuneet yhteiseen sopimukseen, joka kieltää vaaleihin kohdistuvat misinformaatiokampanjat ja ihmisten laittoman vakoilun.
Yhdysvaltain Valkoinen talo tiedotti Julistus internetin tulevaisuudesta -nimisestä sopimuksesta torstaina.

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:15:46 +0000

Google Play -kauppaan tärkeä parannus tarkista jatkossa tämä ennen kuin lataat https://www.is.fi/digitoday/mobiili/art-2000008777247.html
Kauppa alkaa kertoa, kuinka sovellukset keräävät dataa ja käyttävät sitä.

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:15:30 +0000

Bypassing LDAP Channel Binding with StartTLS https://offsec.almond.consulting/bypassing-ldap-channel-binding-with-starttls.html
While doing research on LDAP client certificate authentication, we realized that the LDAP implementation of Active Directory supports the StartTLS mechanism, which has interesting implications on relay attacks.

By: Tomi Engdahl

Tomi Engdahl — Mon, 02 May 2022 07:14:53 +0000

Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In https://thehackernews.com/2022/04/indian-govt-orders-organisations-to.html
India’s computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours.