Identity & Access Archives - Page 3 of 8

Firefox 90 Adds Cross-Origin Protections, Advanced Tracker Blocker

Issued by: Security Week

The open-source browser refresh is currently rolling out with support for Fetch Metadata Request Headers, which means that web applications can better protect users against cross-site request forgery (CSRF), cross-site leaks (XS-Leaks), and speculative cross-site execution side channel attacks (such as Spectre). With the newly introduced feature, web application servers can distinguish between same-origin and…

Mobile Security

Google Rolls out E2EE For Android Messages App

Issued by: Security Week

Google announced end-to-end encryption is now available in Android, but only for one-on-one conversations between users of the Messages app. “No matter who you’re messaging with, the information you share is personal. End-to-end encryption in Messages helps keep your conversations more secure while sending. It ensures that no one can read the content of your…

Software Security

Diplomatic Entities Targeted with New ‘Moriya’ Windows Rootkit

Issued by: Security Week

Dubbed Moriya, the rootkit provides the threat actor with the ability to intercept network traffic and hide commands sent to the infected machines, thus allowing the attackers to stay hidden within the compromised networks for months. The rootkit is part of the toolkit used by TunnelSnake, an unknown actor that deploys backdoors onto public servers…

Malware & Threats

Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords

Issued by: Security Week

Businesses need to keep their user accounts safe. But there are billions of username and password pairs available to hackers on the dark web. User tendency to reuse passwords on multiple accounts means that hackers may already have your users’ credentials, stolen from a breached third party. The result is the credential stuffing attack. Credential…

Malware & Threats

APT Group Using Voice Changing Software in Spear-Phishing Campaign

Issued by: Security Week

The Molerats hacking group, also tagged as Gaza Hackers Team, Gaza Cybergang, DustySky, Extreme Jackal, and Moonlight, has been active since at least 2012, mainly targeting entities in the Middle East, but also launching attacks against targets in Europe and the United States. Cado Security says that APT-C-23, believed to be part of Molerats, typically…

Vulnerabilities

VMware Patches Critical Flaw in Carbon Black Cloud Workload

Issued by: Security Week

Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface for the appliance and exists because attackers could bypass authentication through manipulation of a URL on the interface. “A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance…

Malware & Threats

Researchers Raise Alarm for F5 BIG-IP Malware Attacks

Issued by: Security Week

Malware hunters at U.K.-based NCC Group are raising the alarm for mass scanning and “multiple exploitation attempts” with exploits targeting critical security flaws in the F5 enterprise networking infrastructure products. The vulnerabilities were patched on March 10 and are considered high-priority fixes because of the risk of exposure to authentication bypass and remote code execution…

Vulnerabilities

F5 Patches Four Critical Bugs in Big-IP Suite

Issued by: Security Week

The BIG-IP software powers a wide range of products, including hardware, modularized software, and virtual appliances, which run on the TMOS architecture and provide customers with modules that support load balancing, firewall, access control, threat protection, and more. On March 10, F5 announced the release of fixes for multiple vulnerabilities in BIG-IP, some of which…

Vulnerabilities

Privilege Escalation Bugs Patched in Linux Kernel

Issued by: Security Week

Identified by Positive Technologies security researcher Alexander Popov, the high severity bugs resided in the virtual socket implementation of the Linux kernel. Tracked as CVE-2021-26708 and featuring a CVSS score of 7.0, the security holes were introduced in Linux kernel version 5.5 in November 2019. The vulnerabilities are the result of race conditions that were…

Malware & Threats

Enterprises Warned of Growing Risk Posed by Initial Access Brokers

Issued by: Security Week

Initial access brokers breach as many organizations as they can, but instead of using that access to steal data or cause disruption themselves, they sell access to other threat actors, including ransomware operators and nation-state groups. Digital Shadows has been monitoring initial access brokers for years, but the company says the coronavirus pandemic that hit…