Graham Cluley Security News is sponsored this week by the folks at Sysdig. Thanks to the great team there for their support! What is one of the leading causes of breaches in the cloud? OMG, it’s still phishing! It’s no wonder CISOs push zero trust as a top priority. Identities are a top cloud target. … Continue reading “The hidden danger to zero trust: Excessive cloud permissions”
New security and observability features will be added to Splunk Mission Control and its Observability Cloud to identify threats and incidents more efficiently, the company said.
Deploying security patches as quickly as possible remains one of the best ways to prevent most security breaches, as attackers usually rely on exploits for publicly known vulnerabilities that have a patch available — the so-called n-day exploits. But mitigating the risk from vulnerabilities unknown to the affected software developers and don’t have a patch available — the zero-day flaws — requires a careful analysis of the types of actors exploiting them, the geography and industries they target, the malware payloads they deploy, the tactics they use, and the type of products they usually target.
According to an analysis by Google-owned threat intelligence and incident response firm Mandiant, attackers exploited 55 zero-day flaws last year, fewer than the 81 observed in 2021 but triple the number tracked in 2020 and higher than in any previous years. In fact, 2020 was an outlier because security vendors saw their normal workflows disrupted by the COVID pandemic that year, possibly impacting their ability to discover and track zero-day attacks.
USN-5942-1 fixed vulnerabilities in Apache HTTP Server. This update
provides the corresponding update for CVE-2023-25690 for Ubuntu 16.04 ESM.
Original advisory details:
Lars Krapf discovered that the Apache HTTP Server mod_proxy module
incorrectly handled certain configurations. A remote attacker could
possibly use this issue to perform an HTTP Request Smuggling attack.
(CVE-2023-25690)
The forum’s admin said the move might be temporary and that they will set up a new Telegram group
Nexus offers overlay attacks and keylogging activities designed to steal victims’ credentials
Guidance includes best practices for identity governance, environmental hardening, SSO, MFA and IAM auditing
It was discovered that GitPython did not properly sanitize user inputs for
remote URLs in the clone command. By injecting a maliciously crafted
remote URL, an attacker could possibly use this issue to execute arbitrary
commands on the host.
The UK and Israeli governments have signed a landmark agreement to define bilateral relations between the two countries and boost mutual cybersecurity advancement until 2030. The 2030 Roadmap for Israel-UK Bilateral Relations is the culmination of efforts that began with the signing of a Memorandum of Understanding in November 2021 to work more closely over the next decade on security, technology, trade, and defense.
The Roadmap seeks to ensure the partnership remains modern and continues to evolve to address shared challenges, promising ongoing cooperation in tackling cyberthreats, governing global cyberspace, developing cybersecurity skills, and investing in the shared cybersecurity ecosystem. New multi-million-pound programs announced in the Roadmap, including joint commitments in areas such as technology, innovation, research and development in national security aim to enable both countries to remain at the forefront of the technological revolution.
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.
