Eskenzi PR Eskenzi PR

Cyber Bites

Major Azure vulnerability discovered by security researchers at Wiz

Cloud security vendor Wiz, who also found a massive vulnerability in Microsoft Azure's CosmosDB-managed database service recently, has found another security vulnerability in Azure that impacts Linux virtual machines. Users could end up with a little-known service called OMI installed as a byproduct of enabling any of several logging reporting and/or management options in Azure's UI. In the worst case scenario, the vulnerability in OMI could be used for remote root code execution— though in...

Read more
DDOS Logo

Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and and it reportedly continues this week, Bleeping Computer reports. Russian media called the assault the largest in the history of Russian internet (RuNet), and that a US based company confirmed that the attack was ongoing. The attack started over the weekend and while there are no further details about the type or size of the DDoS,...

Read more
garda

Gardaí have seized cyber infrastructure used by the cyber gang involved in the HSE cyber attack earlier this year. The operation is believed to have prevented more than 750 ransomware attacks, the Irish Times has reported. The Garda-led operation targeted websites, domain names and servers used in the attacks, has been led by An Garda Síochána but also involved other international law enforcement agencies, including Interpol and Europol. Garda Headquarters, in Phoenix Park, Dublin, on...

Read more
US Cyber Command issues warning on Atlassian Confluence software

The US Cyber Command issued a warning that the Atlassian Corp. PLC’s Confluence software is being exploited on a large scale and that users should patch their installations immediately. The vulnerability, formally named CVE-2021-26084, was revealed by Atlassian on Aug. 25 and was described as allowing an authenticated user to execute arbitrary code on a Confluence Server or data centre instance. It also said that Confluence Cloud customers are not affected. The issue affects all...

Read more
Sharing Is Caring? 50% Of Brits Admit To Sharing Their Passwords.

The US' CYbersecurity Infrastructure Security Agency (CISA) has added signle-factor authentication (SFA) to its list of bad practices, which outlines exceptionally risky cybersecurity practices. The agency has specified that this low-security method of authentication is particularly dangerous when used to secure Critical Infrastructure or National Critical Functions. The list also includes the use of unsupported/end-of-life software that can no longer be patched, and the use of known/default passwords and credentials. "The presence of these Bad...

Read more
Phishing username and password

Office 365 customers have been warned by Microsoft of an ongoing phishing campaign that abuses open redirects, an email sales and marketing tool that redirects a visitor to an untrusted site. An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because...

Read more
Data breach

Researchers at cybersecurity vendor Upguard have discovered multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access - a new vector of data exposure. The types of data exposed varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee IDs, and millions of names and email addresses. UpGuard notified 47 entities of exposures involving personal information, including governmental bodies like...

Read more
email

According to a report by Abnormal Security, on August 12, 2021, their team identified and blocked a number of emails sent to customers soliciting them to become accomplices in an insider threat scheme. The goal was for them to infect their companies’ networks with ransomware. These emails allege to come from someone with ties to the DemonWare ransomware group. DemonWare—also known as Black Kingdom and DEMON—has been around for a few years. Earlier this year,...

Read more
DNS vulnerability allows for ‘nation-state level spying’

A new class of DNS vulnerabilities has been discovered, which impacts major DNS-as-a-Service (DNSaaS) providers. It could give hackers the ability to access sensitive information on corporate networks and the power for 'nation-state level spying'. The flaws provide potential hackers with intelligence harvesting abilities by using a simple domain registration. The research explained: "We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers...

Read more
Amazon warehouse

The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new initiative, in which it will partner with several tech companies to bolster the U.S.'s defences against cyber threats. Named the Joint Cyber Defense Collaborative, the effort aims to combat ransomware and cyberattacks on critical infrastructure. The announcement comes after a string of high-profile attacks, such as those on the Colonial Pipeline, JBS Food and Kaseya. Jen Easterly, director of the agency, which is part...

Read more
Page 1 of 214 1 2 214