Cyber-espionage campaigns make the most of big news event
USN-5364-1: Waitress vulnerability
It was discovered that Waitress incorrectly handled certain requests.
An attacker could possibly use this issue to expose sensitive information.
5 ways to improve security hygiene and posture management
As management guru Peter Drucker famously said: ‘You can’t manage what you can’t measure.’ That’s certainly true when it comes to security hygiene and posture management. Organizations must know what assets are deployed on the external/internal attack surface, understand the state of these assets, identify exposures, prioritize remediation actions based on risk, and work with IT operations on continuous risk mitigation.
This is made more challenging as the attack surface grows larger and more complex each day, demanding new requirements for data collection, processing, and analysis along with process automation. Unfortunately, these changes aren’t really happening—or at least not quickly enough. Security pros continue to approach security hygiene and posture management using point tools, aggregating data into static spreadsheets, relying on manual processes, and working haphazardly with their IT operations colleagues.
Real-time is where the cybersecurity risk is
I don’t know how many times I’ve heard cybersecurity professionals say something like, “Not having multi-factor authentication is a huge risk for our organization.” The truth is, that type of statement may illustrate a control weakness, but unless the unwanted outcome is a ding in an audit report where MFA is required, that is not the real risk. The real risk is the probability of a ransomware incident, for example, or the leak of personally identifiable information (PII) from a customer database.
For enterprises, risk lay in the potential losses associated with unwanted outcomes incurred through their computing environments. (The cybersecurity piece of this typically focuses on incidents where these outcomes were caused by an intelligent adversary.) A simple way to think about unwanted outcomes is to consider the ways we might fail to meet one or more of our control objectives – confidentiality, integrity, availability, or other objectives – and experience one of the aforementioned incidents, among others.
WhatsApp ‘Voice Message’ Is an Info-Stealing Phishing Attack
community-mysql-8.0.28-1.fc35
FEDORA-2022-be015e0331
Packages in this update:
community-mysql-8.0.28-1.fc35
Update description:
MySQL 8.0.28
Release notes:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-28.html
community-mysql-8.0.28-1.fc34
FEDORA-2022-43217f0ba7
Packages in this update:
community-mysql-8.0.28-1.fc34
Update description:
MySQL 8.0.28
Release notes:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-28.html
ZDI-22-584: Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-585: Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-574: Autodesk Navisworks Freedom DWF File Parsing Double Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.