Cisco Systems on Wednesday shipped security patches to contain three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could permit an attacker to fully compromise and take control over the hosts. Tracked as CVE-2022-20777, CVE-2022-20779, and CVE-2022-20780, the vulnerabilities "could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak...
Read More
Security experts have been banging the multifactor authentication drum for years, encouraging users to move away from just relying on the username/password combination to secure their most sensitive accounts. Now GitHub is done with encouraging: By the end of 2023, all users who contribute code to GitHub-hosted repositories must have one or more forms of two-factor authentication enabled, the company says. Zero-day attacks and sophisticated exploits...
Read More
Big picture, security professionals worry about how to defend their organizations against increasingly sophisticated attacks exploiting zero-day vulnerabilities or nation-state attackers, but their day-to-day security concerns appear to be far more prosaic. According to Dark Reading's "The State of Malware Threats" report, ransomware and phishing attacks are top-of-mind for security professionals. When asked which type of attacks worried them most, 61% of IT security professionals cited...
Read More
The need for organisations to guard against the dangers of ransomware is not new, yet never has the threat to data been so pervasive as in 2022. In addition to the perpetually ongoing growth in the scale and sophistication of the capabilities which threat actors possess, there’s been the requirement for businesses to rapidly shift to work-from-home models since the outbreak of the Covid-19 pandemic –...
Read More
The ongoing struggle to update vulnerable software by finding and applying the right patches in a timely manner has led half of enterprise IT departments to use Web application firewalls (WAFs) either in lieu of patching or to offer some protection before patching can be achieved. This comes from a new Dark Reading report, "How Enterprises Are Securing the Application Environment." The survey asked 136 IT,...
Read More
A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine (ATM) switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. Threat intelligence and incident response firm Mandiant is tracking the cluster under the moniker UNC2891, with some of the group's tactics, techniques, and procedures sharing overlaps...
Read More