Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The additional bad news is that at least half of the 60,000 internet-facing GitLab installations the company detects are not patched against this issue. What are the attackers doing with these servers? Damian Menscher, a security…

Seemingly every day, a new organization announces they’ve been hit by a ransomware attack. The agnostic nature of ransomware leaves no industry immune to vulnerabilities. Be it school systems, healthcare providers, or government agencies, the battlegrounds are increasingly widespread. Companies should operate not on a basis of if they’ll be hit, but when. Executives and…

According to FireEye, Intrigue’s technology will be integrated into the Mandiant Advantage platform, and help customers discover, monitor, and manage risk across their attack surface. “By coupling intelligence on the vulnerabilities that are being exploited by adversaries with visibility across the entire attack surface, Mandiant Advantage with Intrigue’s capabilities advances the ability of today’s overworked…

The zero-day flaw, documented as CVE-2021-36948, is rated “important” with a CVSS base score of 7.8. Microsoft described the vulnerability as a local privilege escalation bug, a suggestion that it is part of a larger software exploit chain. The Windows Update Medic Service is used to repair Windows Update components from damage so that Windows…

The 18 new advisories prepared by Siemens for the July 2021 Patch Tuesday cover nearly 80 vulnerabilities impacting the company’s products. Some of the vulnerabilities have already been patched by Siemens, while others are in the process of being fixed. Workarounds and/or mitigations are also available. An advisory for JT2Go and Teamcenter Visualization covers the…

Scheduling and patient medical records were affected and some cancer patients faced delays in treatment. It took months for the University of Vermont Health Network to recover from the attack, estimated to cost upwards of $63 million. The network is insured for $30 million and officials are continuing to negotiate with the insurance companies, but…

“I can’t share anything other than we know who did it,” Mayor G.T. Bynum said, adding that the city did not pay the hackers. “They wanted to talk with us about what (a ransom) would be for them not to announce (the attack) and we never engaged them.” Bynum said Tulsa’s computer security system identified…