Read Time:3 Second
Players were sent malicious links disguised as support tickets
Yearly Archives: 2022
Top 5 attack surface challenges related to security operations
Read Time:53 Second
According to newly published ESG research, just over half of all organizations (52%) say that security operations are more difficult today than they were two years ago. When asked why, 41% pointed to an evolving and dangerous threat landscape, 38% identified a growing and changing attack surface, 37% said that alert volume and complexity are driving this change, and 34% blamed growing use of public cloud computing services.
Now most of these challenges are déjà vu all over again, impacting security teams year after year. There is one exception, however: The growing attack surface. Certainly, the attack surface has been growing steadily since we all started using Mosaic browsers, but things really took off over the past few years. Blame Amazon, COVID, or digital transformation, but organizations are connecting IT systems to third parties, supporting remote workers, developing cloud-native applications, and using SaaS services in record numbers. When you take all these factors into consideration, enterprise organizations typically use tens of thousands of internet-facing assets.
Open Source Repository Attacks Soar 700% in Three Years
ZDI-22-1295: Apple macOS TIFF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
DSA-5233 e17 – security update
Read Time:6 Second
Maher Azzouzi discovered that missing input sanitising in the
Enlightenment window manager may result in local privilege escalation to
root.
DSA-5234 fish – security update
Read Time:17 Second
An arbitrary code execution vulnerability was disovered in fish, a
command line shell. When using the default configuraton of fish,
changing to a directory automatically ran `git` commands in order to
display information about the current repository in the prompt. Such
repositories can contain per-repository configuration that change the
behavior of git, including running arbitrary commands.
DSA-5232 tinygltf – security update
Read Time:9 Second
It was discovered that the wordexp() function of tinygltf, a library to
load/save glTF (GL Transmission Format) files was susceptible to command
execution when processing untrusted files.
CVE-2021-46834
Read Time:10 Second
A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225(C00E220R3P4).
CVE-2020-36602
Read Time:16 Second
There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.
Ransomware is (slightly) on the decline, cyberinsurance company says
Read Time:38 Second
Ransomware attacks began to become both less common and less costly in the first half of 2022, as payments to attackers and the number of attacks that resulted in paid ransoms both shrank, according to new data released today by cyberinsurance company Coalition.
After increasing sharply at the outset of the pandemic, the frequency of ransomware claims made by Coalition policyholders shrank sharply during the first six months of the year, dropping from a peak of 0.66% of all policyholders in the second half of last year to 0.41% in early 2022—a figure lower than the initial 0.44% seen in 2020’s second half, when the COVID crisis was at its height.