This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T15:06:46+00:00 www.secnews.physaphae.fr CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-14T05:30:00+00:00 https://www.csoonline.com/article/3687742/open-systems-launches-ontinue-mdr-division-new-mxdr-service-ontinue-ion.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8310065 False Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-06T05:00:00+00:00 https://www.csoonline.com/article/3687213/opswat-mobile-hardware-offers-infrastructure-security-for-the-air-gap.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8307522 False Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-03T13:13:00+00:00 https://www.csoonline.com/article/3687232/critical-vulnerability-patched-in-jira-service-management-server-and-data-center.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8307014 False Vulnerability None 4.0000000000000000 CSO - CSO Daily Dashboard Vulnerability Response users will now have access to Snyk Open Source. This will represent the Israeli-US vendor's advanced software composition analysis (SCA) backed by Snyk's security intelligence-a combination of public sources, data from the developer community, proprietary expert research, machine learning, and human-in-the-loop AI.ServiceNow Vulnerability Response is part of ServiceNow Security Operations and connects the workflow and automation capabilities of the ServiceNow platform with vulnerability scan data from other vendors which now includes Snyk's intelligence.To read this article in full, please click here]]> 2023-01-24T05:55:00+00:00 https://www.csoonline.com/article/3686194/servicenow-to-detect-open-source-security-vulnerabilities-with-snyk-integration.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8303709 True Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard Vulnerability Response users will now have access to Snyk Open Source. This will represent the Israeli-US vendor's advanced software composition analysis (SCA) backed by Snyk's security intelligence-a combination of public sources, data from the developer community, proprietary expert research, machine learning, and human-in-the-loop AI.ServiceNow Vulnerability Response is part of ServiceNow Security Operations and connects the workflow and automation capabilities of the ServiceNow platform with vulnerability scan data from other vendors which now includes Snyk's intelligence.To read this article in full, please click here]]> 2023-01-24T05:55:00+00:00 https://www.csoonline.com/article/3686194/servicenow-to-detect-open-source-security-vulnerabilities-with-synk-integration.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8303692 False Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-01-23T13:30:00+00:00 https://www.csoonline.com/article/3685940/attackers-exploiting-critical-flaw-in-many-zoho-manageengine-products.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8303547 False Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard an analysis by SynSaber, a security company that specializes in industrial asset and network monitoring.To read this article in full, please click here]]> 2023-01-19T10:01:00+00:00 https://www.csoonline.com/article/3686131/many-ics-flaws-remain-unpatched-as-attacks-against-critical-infrastructure-rise.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302624 False Vulnerability,Industrial None 3.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-01-19T07:37:00+00:00 https://www.csoonline.com/article/3686089/why-you-don-t-have-to-fix-every-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302577 False Vulnerability,Guideline None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-01-18T02:00:00+00:00 https://www.csoonline.com/article/3685671/why-its-time-to-review-your-on-premises-microsoft-exchange-patch-status.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302193 False Tool,Vulnerability,Patching None 2.0000000000000000 CSO - CSO Daily Dashboard CVE-2022-42475, is in the SSL-VPN functionality of FortiOS and can be exploited by remote attackers without authentication. Successful exploitation can result in the execution of arbitrary code and commands.To read this article in full, please click here]]> 2023-01-13T12:01:00+00:00 https://www.csoonline.com/article/3685670/attackers-deploy-sophisticated-linux-implant-on-fortinet-network-security-devices.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8300961 False Malware,Vulnerability None 3.0000000000000000 CSO - CSO Daily Dashboard Announced by Citrix on November 8, 2022, the vulnerability, identified as CVE-2022-27510, allows for the potential bypass of authentication measures on two Citrix products: the Application Delivery Controller (ADC) and Gateway.To read this article in full, please click here]]> 2023-01-13T04:00:00+00:00 https://www.csoonline.com/article/3685414/royal-ransomware-group-actively-exploiting-citrix-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8300872 False Ransomware,Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard Common Vulnerability and Exposures program - in the Intel Ethernet diagnostics driver for Windows (iqvw64.sys).To read this article in full, please click here]]> 2023-01-11T15:37:00+00:00 https://www.csoonline.com/article/3685408/cybercriminals-bypass-windows-security-with-driver-vulnerability-exploit.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8300311 False Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard Log4Shell, officially tracked as CVE-2021-44228, was discovered in December 2021 in Log4j, a widely popular open-source Java library that's used for logging. Initially disclosed as a zero-day, the project's developers quickly created a patch, but getting that patch widely adopted and deployed proved challenging because it relies on developers who used this component in their software to release their own updates.To read this article in full, please click here]]> 2022-12-28T02:00:00+00:00 https://www.csoonline.com/article/3684108/log4shell-remains-a-big-threat-and-a-common-cause-for-security-breaches.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8295482 False Vulnerability,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard ProxyLogon and ProxyShell made waves in the infosec sphere. Nearly a year later, Exchange Server admins are met with another threat: ProxyNotShell, which in fact is a vulnerability chain comprising two actively exploited flaws: CVE-2022-41040 is a server-side request forgery (SSRF) vulnerability that an authenticated attacker can exploit for privilege escalation. This vulnerability occurs because the root cause of ProxyShell's path confusion flaw remains, as explained further below. CVE-2022-41082 is a deserialization flaw that can be abused to achieve remote code execution (RCE) in Exchange's PowerShell backend once it becomes accessible to the attacker.  Both vulnerabilities impact Microsoft Exchange Server on-premises and hybrid setups running Exchange versions 2013, 2016, and 2019 with an internet-exposed Outlook Web App (OWA) component.To read this article in full, please click here]]> 2022-12-15T02:00:00+00:00 https://www.csoonline.com/article/3682762/microsoft-exchange-proxynotshell-vulnerability-explained-and-how-to-mitigate-it.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8291492 False Vulnerability None 3.0000000000000000 CSO - CSO Daily Dashboard ExtraReplica and Hell's Keychain. “Although these issues have been reported on extensively and were dealt with appropriately by the relevant vendors, we've seen little public discussion on how to mitigate such vulnerabilities across the entire industry,” Wiz stated. What's more, the root cause of these vulnerabilities – improperly implemented security boundaries, usually compounded by otherwise harmless bugs in customer-facing interfaces – is significant, the firm added.To read this article in full, please click here]]> 2022-12-14T06:00:00+00:00 https://www.csoonline.com/article/3682778/wiz-debuts-peach-tenant-isolation-framework-for-cloud-applications.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8291200 False Vulnerability None 2.0000000000000000 CSO - CSO Daily Dashboard CVE-2022-21846). It raises the question for anyone still with an on-premises Exchange Server: Do you have the expertise to keep it safe especially if you are targeted? Exchange 2019 is the only version under mainstream support at this time. If you are still running Exchange Server 2013, it reaches end of support on April 11, 2023. Your window of opportunity to make an easy transition is closing. Migrate to Exchange online or on-premises Exchange 2019 or consider a different email platform completely.To read this article in full, please click here]]> 2022-12-08T02:00:00+00:00 https://www.csoonline.com/article/3682082/microsofts-rough-2022-security-year-in-review.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8289025 False Vulnerability,Patching None 5.0000000000000000 CSO - CSO Daily Dashboard Wickr, a new encrypted messaging service for enterprises and Amazon Security Lake, which centralizes an organization's security data from cloud and on-premises sources into a purpose-built data lake in its AWS account.To read this article in full, please click here]]> 2022-11-30T10:31:00+00:00 https://www.csoonline.com/article/3681117/aws-inspector-offers-vulnerability-management-for-lambda-serverless-functions.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8286001 False Vulnerability None 3.0000000000000000 CSO - CSO Daily Dashboard has been criticized, however, as not being appropriate to assess and prioritize risk from those vulnerabilities. For this reason, some have called for using the Exploit Prediction Scoring System (EPSS) or combining CVSS and EPSS to make vulnerability metrics more actionable and efficient. Like CVSS, EPSS is governed by the Forum of Incident Response and Security Teams (FIRST).To read this article in full, please click here]]> 2022-11-24T02:00:00+00:00 https://www.csoonline.com/article/3680570/epss-explained-how-does-it-compare-to-cvss.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8197476 False Vulnerability None None CSO - CSO Daily Dashboard research revealing an increase of almost 800% in software supply chain attacks.To read this article in full, please click here]]> 2022-11-09T09:35:00+00:00 https://www.csoonline.com/article/3679490/github-releases-new-sdlc-security-features-including-private-vulnerability-reporting.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7908496 False Vulnerability,Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-11-09T03:00:00+00:00 https://www.csoonline.com/article/3679249/rezilion-expands-sbom-to-support-windows-environments.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7904127 False Vulnerability None None CSO - CSO Daily Dashboard VMs (virtual machines), databases, user accounts and exploitable vulnerabilities in public-facing assets.To read this article in full, please click here]]> 2022-11-04T13:45:00+00:00 https://www.csoonline.com/article/3678852/qualys-previews-totalcloud-flexscan-for-multicloud-security-management.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7829371 False Vulnerability None None CSO - CSO Daily Dashboard 2022-11-02T04:00:00+00:00 https://www.infoworld.com/article/3678212/azul-detects-java-vulnerabilities-in-production-apps.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7803290 False Vulnerability None None CSO - CSO Daily Dashboard report. “These dependencies impact our software so having an understanding of their origins is critical to vulnerability response. Many organizations did not have the needed visibility and continued their incident response procedures for Log4Shell well beyond the summer of 2022 as a result.”To read this article in full, please click here]]> 2022-10-19T12:03:00+00:00 https://www.csoonline.com/article/3677228/supply-chain-attacks-increased-over-600-this-year-and-companies-are-falling-behind.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7567693 False Vulnerability None None CSO - CSO Daily Dashboard dependencies, helping organizations optimize their engineering, and helping them reduce vulnerability noise.The platform scans the source code and offers feedback to developers and security teams on what is potentially good and bad about the libraries. Based on this, developers can make better decisions on which dependencies or libraries to use, where to use them, and who should use them.To read this article in full, please click here]]> 2022-10-10T07:17:00+00:00 https://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7382987 False Vulnerability None None CSO - CSO Daily Dashboard Cryptojacking is turning into a security nightmare for consumers and enterprises alike. Malicious actors have used a variety of techniques to install cryptojackers on victims' computers and in a new development, cybersecurity software maker Bitdefender has detected a cryptojacking campaign that uses a Microsoft OneDrive vulnerability to gain persistence and run undetected on infected devices.Between May 1 and July 1, Bitdefender detected about 700 users who were affected by the campaign. The campaign uses four cryptocurrency mining algorithms-Ethash, Etchash, Ton and XMR- making an average of $13 worth of cryptocurrency per infected computer, Bitdefender reported this week.To read this article in full, please click here]]> 2022-10-07T07:42:00+00:00 https://www.csoonline.com/article/3676230/new-cryptojacking-campaign-exploits-onedrive-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7334737 False Vulnerability None None CSO - CSO Daily Dashboard CVE-2021-21551 vulnerability in a legitimate Dell driver,” security researchers from antivirus firm ESET said in a recent report. “This is the first ever recorded abuse of this vulnerability in the wild. The attackers then used their kernel memory write access to disable seven mechanisms the Windows operating system offers to monitor its actions, like registry, file system, process creation, event tracing etc., basically blinding security solutions in a very generic and robust way.”To read this article in full, please click here]]> 2022-10-05T12:15:00+00:00 https://www.csoonline.com/article/3675948/north-korea-s-lazarus-group-uses-vulnerable-dell-driver-to-blind-security-solutions.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7310080 False Tool,Vulnerability APT 38 None CSO - CSO Daily Dashboard 1967 implementation of a Universal Turing Machine, which, despite its momentous theoretical importance for the field of computer science, had never actually been built into a real-world computer. But in the decade or so after Minsky's design, the earliest versions of Unix and DOS came into use, and their descendants are still with us today in the 21st century. Some of those systems have had bugs lurking beneath the surface for years or even decades.To read this article in full, please click here]]> 2022-10-03T02:00:00+00:00 https://www.csoonline.com/article/3620948/10-old-software-bugs-that-took-way-too-long-to-squash.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7285700 False Vulnerability None None CSO - CSO Daily Dashboard catalog of known exploited vulnerabilities last week, highlighting an immediate threat for organizations that haven't yet patched their vulnerable deployments.The vulnerability, tracked as CVE-2022-3540, was privately reported to Zoho in June by a security researcher identified as Vinicius and was fixed later that same month. The researcher posted a more detailed writeup at the beginning of this month and, according to him, it's a Java deserialization flaw inherited from an outdated version of Apache OFBiz, an open-source enterprise resource planning system, where it was patched in 2020 (CVE-2020-9496). This means that the Zoho ManageEngine products were vulnerable for two years due a failure to update a third-party component.To read this article in full, please click here]]> 2022-09-26T13:59:00+00:00 https://www.csoonline.com/article/3674856/zoho-manageengine-flaw-is-actively-exploited-cisa-warns.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7154310 False Vulnerability,Threat None None CSO - CSO Daily Dashboard Wi-Fi-enabled battery system and an infusion pump for the delivery of medication could provide bad actors with a method for stealing access to Wi-Fi networks used by healthcare organizations, according to Boston-based security firm Rapid7.The most serious issue involves Baxter International's SIGMA Spectrum infusion pump and its associated Wi-Fi battery system, Rapid7 reported this week. The attack requires physical access to the infusion pump. The root of the problem is that the Spectrum battery units store Wi-Fi credential information on the device in non-volatile memory, which means that a bad actor could simply purchase a battery unit, connect it to the infusion pump, and quicky turn it on and off again to force the infusion pump to write Wi-Fi credentials to the battery's memory.To read this article in full, please click here]]> 2022-09-09T07:40:00+00:00 https://www.csoonline.com/article/3673208/infusion-pump-vulnerability-could-have-let-hackers-steal-wi-fi-credentials.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6803475 False Vulnerability None None CSO - CSO Daily Dashboard the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. The vulnerability meant that a malicious user could easily trick a vulnerable web server into sending sensitive information, including usernames and passwords.The TLS/SSL standards are crucial for modern web encryption, and while the flaw was in the OpenSSL implementation rather than the standards themselves, OpenSSL is so widely used-when the bug was made public, it affected 17% of all SSL servers-that it precipitated a security crisis.To read this article in full, please click here]]> 2022-09-06T01:00:00+00:00 https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6747289 False Vulnerability Yahoo None CSO - CSO Daily Dashboard 2022-09-01T16:46:00+00:00 https://www.computerworld.com/article/3672111/apple-pushes-out-emergency-updates-to-address-zero-day-exploits.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6672838 False Vulnerability None None CSO - CSO Daily Dashboard White House's comments in January on the Office of Management and Budget's (OMB's) Federal Zero Trust Strategy for all federal agencies and departments were both pragmatic and aspirational. Their observation, citing the Log4j vulnerability as an example, sums it up nicely: “The zero-trust strategy will enable agencies to more rapidly detect, isolate, and respond to these types of threats.”To read this article in full, please click here]]> 2022-08-29T02:00:00+00:00 https://www.csoonline.com/article/3671331/sorting-zero-trust-hype-from-reality.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6610963 False Vulnerability None None CSO - CSO Daily Dashboard ransomware worm that spread rapidly through across a number of computer networks in May of 2017. After infecting a Windows computer, it encrypts files on the PC's hard drive, making them impossible for users to access, then demands a ransom payment in bitcoin in order to decrypt them.A number of factors made the initial spread of WannaCry particularly noteworthy: it struck a number of important and high-profile systems, including many in Britain's National Health Service; it exploited a Windows vulnerability that was suspected to have been first discovered by the United States National Security Agency; and it was tentatively linked by Symantec and other security researchers to the Lazarus Group, a cybercrime organization that may be connected to the North Korean government.To read this article in full, please click here]]> 2022-08-24T12:34:00+00:00 https://www.csoonline.com/article/3227906/wannacry-explained-a-perfect-ransomware-storm.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6506640 False Ransomware,Vulnerability,Medical APT 38,Wannacry,Wannacry None CSO - CSO Daily Dashboard Common Vulnerability Scoring System (CVSS) risk to easily analyze whether to patch. The vendor might give a high CVSS risk score to a bug that wouldn't be easily exploited. I am having to dig more into details of a bug to better understand the risk of not applying an update immediately. Vendors are adding obscurity to bug information and making it harder to understand the risk.To read this article in full, please click here]]> 2022-08-24T02:00:00+00:00 https://www.csoonline.com/article/3669902/why-patching-quality-vendor-info-on-vulnerabilities-are-declining.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6499188 False Vulnerability,Patching None None CSO - CSO Daily Dashboard universal database of agentless devices currently being used on enterprise networks has been announced by DeviceTotal. The new repository allows the company's customers to identify the accurate security posture for each device in their organization, according to the maker of a security platform for connected devices."It's difficult to get information on agentless devices because every vendor publishes their data the way they want to do it," explains DeviceTotal founder and CEO Carmit Yadin. "There's no standardization. There's no one place you can go today and identify the risk of a device on your network or that you want to purchase. That's why we created this repository."To read this article in full, please click here]]> 2022-08-17T12:09:00+00:00 https://www.csoonline.com/article/3670448/universal-database-of-device-vulnerability-information-launched.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6378539 False Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-16T05:30:00+00:00 https://www.csoonline.com/article/3669896/safe-security-debuts-two-free-risk-assessment-tools-for-businesses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6352397 False Vulnerability None None CSO - CSO Daily Dashboard SolarWinds cybersecurity incident, coupled with Cybersecurity Executive Order (EO) put the topic of software supply chain security, and by association, software bills of material (SBOM) center stage in the security dialog. Coupled with the Log4j vulnerability and impact that left countless organizations scrambling to determine the impact, SBOMs are now a critical component of modern cybersecurity vulnerability programs. To read this article in full, please click here]]> 2022-08-16T02:00:00+00:00 https://www.csoonline.com/article/3669810/vulnerability-exploitability-exchange-explained-how-vex-makes-sboms-actionable.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6349700 False Vulnerability None None CSO - CSO Daily Dashboard Zero trust security management, extended detection and response (XDR), and a host of other threat and vulnerability management offerings were among the top products and services launched at Black Hat USA 2022 this week in Las Vegas.Black Hat is an annual global conference of security professionals, enthusiasts and vendors, serving as a stage for innovation in the cybersecurity field. The exhibition and conference is conducted annually in locations in the US, Europe, Asia and the Middle East, with Las Vegas typically being the biggest event. Here below are some of the more interesting product announcements that took place at the show this week.To read this article in full, please click here]]> 2022-08-11T14:17:00+00:00 https://www.csoonline.com/article/3670073/top-cybersecurity-products-unveiled-at-black-hat-2022.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6257223 False Vulnerability,Threat None None CSO - CSO Daily Dashboard 2022-08-10T07:37:00+00:00 https://www.computerworld.com/article/3669434/microsoft-urges-windows-users-to-run-patch-for-dogwalk-zero-day-exploit.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6231080 False Vulnerability None None CSO - CSO Daily Dashboard Software bills of materials (SBOMs) are becoming a critical component of vulnerability management. Many organizations, however, are still wrestling with understanding fundamental topics in the SBOM discussion, such as the differences among the SBOM formats.What are SBOM formats? SBOM formats are standards for defining a unified structure for generating SBOMs and sharing them with end users or customers. They describe the composition of software in a common format that other tools can understand.The leading SBOM formats are Software Package Data Exchange (SPDX), Software Identification (SWID) Tagging, and CycloneDX. Only SPDX and CycloneDX are being adopted for security use cases. SWID is primarily focused on licensing and is therefore out of scope for this discussion. As the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and others have stated, we will have multiple SBOM formats for some time.To read this article in full, please click here]]> 2022-08-08T02:00:00+00:00 https://www.csoonline.com/article/3668530/sbom-formats-spdx-and-cyclonedx-compared.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6199849 False Vulnerability,Guideline None None CSO - CSO Daily Dashboard penetration testing (pentesting), taking the vulnerability scan one step farther from guessing a vulnerability could be exploited to proving exactly how it can be. Red team programs are often, incorrectly, synonymously associated with pentesting, but it is a very different function.To read this article in full, please click here]]> 2022-08-04T02:00:00+00:00 https://www.csoonline.com/article/3668536/11-stakeholder-strategies-for-red-team-success-from-a-red-teamer.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6121632 False Vulnerability,Threat None None CSO - CSO Daily Dashboard a report this week. "During remote support, CISA confirmed the organization was compromised by malicious cyber actors who exploited Log4Shell in a VMware Horizon server that did not have patches or workarounds applied."To read this article in full, please click here]]> 2022-07-29T11:25:00+00:00 https://www.csoonline.com/article/3668652/cisa-releases-iocs-for-attacks-exploiting-log4shell-in-vmware-horizon-and-uag.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6017111 False Vulnerability None None CSO - CSO Daily Dashboard MITRE CVE (Common Vulnerabilities and Exposures) database.The report, "State of Vulnerability Intelligence," includes disclosures-security vulnerabilities in hardware and software products reported by vendors and cybersecurity experts-collected by Flashpoint's in-house vulnerability intelligence database, VulnDB.Flashpoint said that there were huge discrepancies in the severity and classification of vulnerabilities reported by VulnDB, and those recorded in MITRE's CVE database and the NVD database maintained by NIST (the US National Institute of Standards and Technology). NIST and MITRE coordinate their finding and report similar vulnerabilities. Flashpoint cautioned organizations to depend on more comprehensive and specific sources for a clear underatanding of the vulnerability landscape.To read this article in full, please click here]]> 2022-07-29T09:15:00+00:00 https://www.csoonline.com/article/3668692/flashpoint-says-its-vulndb-records-vulnerabilities-that-mitre-cve-missed.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6015276 False Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T02:00:00+00:00 https://www.csoonline.com/article/3667432/10-industry-defining-security-incidents-from-the-last-decade.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5823849 False Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T00:01:00+00:00 https://www.csoonline.com/article/3667494/darktrace-launches-new-prevent-ai-security-products-to-pre-empt-cyberthreats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5823203 False Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-12T02:00:00+00:00 https://www.csoonline.com/article/3665760/locked-in-how-long-is-too-long-for-security-vendor-contracts.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5667393 False Vulnerability,Guideline None None CSO - CSO Daily Dashboard cloudvulndb.org, that provides a centralized cloud vulnerabilities database for public access. While the database fills gaps left by MITRE's CVE vulnerability system and the current shared-responsibility model for cloud security issues, it will require additional, widespread industry support in order to be successful, according to security experts.The new vulnerability database is a continuation of Wiz's efforts to streamline the detection and management of cloud vulnerabilities which, it says, often tend to fall between the cracks among current systems.To read this article in full, please click here]]> 2022-07-07T14:39:00+00:00 https://www.csoonline.com/article/3666511/wiz-offers-cve-like-cloud-vulnerability-registry-but-will-it-gain-traction.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5599867 False Vulnerability None None CSO - CSO Daily Dashboard according to a new report by a penetration-testing-as-a-service company.The report by BreachLock, based on 8,000 security tests performed in 2021, organizes its findings based on risk. Critical risk findings pose a very high threat to a company's data. High risks could have a catastrophic effect on an organization's operations, assets or individuals. Medium risks could have an adverse impact on operations, assets or individuals.To read this article in full, please click here]]> 2022-07-05T03:40:00+00:00 https://www.csoonline.com/article/3665911/sql-injection-xss-vulnerabilities-continue-to-plague-organizations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5559519 False Vulnerability,Threat None None CSO - CSO Daily Dashboard zero-days exploited in the wild has been high over the past year and a half, with different kinds of actors using them. These vulnerabilities, which are unknown to the software maker, are leveraged by both state-sponsored groups and ransomware gangs.During the first half of this year, Google Project Zero counted almost 20 zero-days, most of which target products built by Microsoft, Apple and Google, with browsers and operating systems taking up large chunks. In addition, a critical remote code execution vulnerability was found in Atlassian's Confluence Server, which continues to be exploited. But in 2021, the number of in-the-wild zero-days was even higher. Project Zero found 58 vulnerabilities, while Mandiant detected 80--more than double compared to 2020.To read this article in full, please click here]]> 2022-06-29T02:00:00+00:00 https://www.csoonline.com/article/3665131/why-more-zero-day-vulnerabilities-are-being-found-in-the-wild.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486421 False Ransomware,Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-06-23T11:08:00+00:00 https://www.csoonline.com/article/3664829/cisco-reports-vulnerabilities-in-products-including-email-and-web-manager.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486438 False Vulnerability None None CSO - CSO Daily Dashboard now tracked as CVE-2022-26134, is rated critical and allows unauthenticated attackers to gain remote code execution (RCE) on servers hosting the affected Confluence versions. The company urges customers to upgrade to the newly released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1, depending on which release they use.To read this article in full, please click here]]> 2022-06-07T10:36:00+00:00 https://www.csoonline.com/article/3662755/zero-day-flaw-in-atlassian-confluence-exploited-in-the-wild-since-may.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5024544 False Vulnerability None None CSO - CSO Daily Dashboard CVE-2022-30190, was found in the wild by an independent security research team dubbed nao_sec, which spotted a malicious Word document uploaded to VirusTotal from an IP in Belarus. However, more malicious samples dating from April have also been found, suggesting the vulnerability has been exploited for over a month.To read this article in full, please click here]]> 2022-05-31T12:29:00+00:00 https://www.csoonline.com/article/3662074/microsoft-gives-mitigation-advice-for-follina-vulnerability-exploitable-via-office-apps.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=4908429 False Tool,Vulnerability None None CSO - CSO Daily Dashboard 2020-09-03T11:43:00+00:00 https://www.csoonline.com/article/3574021/sigred-what-is-it-how-serious-is-it-and-how-should-you-respond.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1905644 False Vulnerability None None CSO - CSO Daily Dashboard 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Getting the patches that were announced today installed on all impacted computers and devices will require manual testing and deployment and will likely take a long time. It's reasonable to expect that some systems will never be updated and will remain vulnerable to boot-level malware and rogue firmware modifications.]]> 2020-07-29T10:00:00+00:00 https://www.csoonline.com/article/3568362/linux-grub2-bootloader-flaw-breaks-secure-boot-on-most-computers-and-servers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1831469 False Malware,Vulnerability None None CSO - CSO Daily Dashboard 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Researchers from security firm Onapsis who found and reported the vulnerability estimate that 40,000 SAP customers worldwide might be affected. Over 2,500 vulnerable SAP systems are directly exposed to the internet and are at higher risk of being hacked, but attackers who gain access to local networks can compromise other deployments.]]> 2020-07-14T05:00:00+00:00 https://www.csoonline.com/article/3566380/critical-flaw-allows-hackers-to-breach-sap-systems-with-ease.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1803776 False Vulnerability None None CSO - CSO Daily Dashboard received reports about an attempted “major” cyberattack on its water infrastructure. According to a statement issued by the directorate, the attack consisted of “assault attempts on control and control systems of wastewater treatment plants, pumping stations and sewers.”[ Learn what you need to know about defending critical infrastructure . | Get the latest from CSO by signing up for our newsletters. ] The directorate called on water companies to change their internet passwords, make sure their control system software is updated, and undertake other cyber hygiene measures to tighten security. The attempted attacks were unsuccessful, according to the directorate, and appeared to be coordinated. Of concern was the level of chlorine in the water supply. The directorate asked water companies look for any disruptions, particularly regarding chlorine use in the water supply.]]> 2020-05-07T06:00:00+00:00 https://www.csoonline.com/article/3541837/attempted-cyberattack-highlights-vulnerability-of-global-water-infrastructure.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1696804 False Vulnerability None None CSO - CSO Daily Dashboard top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Berlin-based Security Research Labs (SRLabs) has published the results of its binary analysis of around 10.000 unique firmware builds running on many Android device models from different manufacturers. Most of the data was collected with SnoopSnitch, an application developed by the company to analyze mobile radio data for abnormalities that could indicate user tracking and fake base stations. It can also check if the Android firmware running on a device has the critical vulnerability patches that correspond to its reported security patch level.]]> 2020-04-27T03:00:00+00:00 https://www.csoonline.com/article/3540291/android-security-patching-improves-but-fragmentation-challenges-remain.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1677476 False Vulnerability,Patching,Guideline None None CSO - CSO Daily Dashboard 2020-02-19T12:44:00+00:00 https://www.csoonline.com/article/3527960/securing-your-cloud-workloads-in-runtime-why-pre-runtime-scans-aren-t-enough.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1552699 False Vulnerability None None CSO - CSO Daily Dashboard spyware. The flaw affects phones models from multiple manufacturers including Google, Samsung, Huawei, LG and Xiaomi.The vulnerability is a use-after-free memory condition in the Android Binder component that can result in privilege escalation. The flaw was patched without a CVE identifier in Dec. 2017 in the Linux 4.14 LTS kernel, the Android Open Source Project's (AOSP) 3.18 kernel, the AOSP 4.4 kernel and AOSP 4.9 kernel.]]> 2019-10-04T11:04:00+00:00 https://www.csoonline.com/article/3444379/zero-day-vulnerability-gives-attackers-full-control-of-android-phones.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1380743 False Vulnerability None None CSO - CSO Daily Dashboard 4 deception tools deliver truer network security. | Get the latest from CSO by signing up for our newsletters. ] The culprit is Intel's Data Direct I/O (DDIO) technology, which gives peripheral devices such as network cards direct access to the processor's internal cache to achieve better performance, less power consumption, and higher data throughput. Before DDIO, these devices exchanged data with the CPU through RAM, whose latency can be a bottleneck.]]> 2019-09-10T14:15:00+00:00 https://www.csoonline.com/article/3438076/new-netcat-cpu-side-channel-vulnerability-exploitable-over-the-network.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1318356 False Vulnerability None None CSO - CSO Daily Dashboard 2019-08-26T10:38:00+00:00 https://www.csoonline.com/article/3433244/capital-one-hack-shows-difficulty-of-defending-against-irrational-cybercriminals.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1286745 False Hack,Vulnerability,Guideline None None CSO - CSO Daily Dashboard 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] The vulnerability was discovered by researchers from security firm Bitdefender and was reported to Intel almost a year ago. Since then, it has followed a lengthy coordination process that also involved Microsoft, which released mitigations during last month's Patch Tuesday.]]> 2019-08-07T03:13:00+00:00 https://www.csoonline.com/article/3430322/new-spectre-like-cpu-vulnerability-bypasses-existing-defenses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1248092 False Vulnerability None None CSO - CSO Daily Dashboard 4 open-source Mitre ATT&CK test tools compared. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-05-21T03:00:00+00:00 https://www.csoonline.com/article/3396139/how-to-implement-and-use-the-mitre-attandck-framework.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1117740 False Vulnerability None 5.0000000000000000 CSO - CSO Daily Dashboard how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] The vulnerability, tracked as CVE-2019-0708, is located in Remote Desktop Services, formerly known as Terminal Services. This component handles connections over the Remote Desktop Protocol (RDP), a widely used protocol for remotely managing Windows systems on corporate networks.]]> 2019-05-15T09:46:00+00:00 https://www.csoonline.com/article/3395444/microsoft-urges-windows-customers-to-patch-wormable-rdp-flaw.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1108729 False Malware,Vulnerability,Threat None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2019-03-28T09:11:00+00:00 https://www.csoonline.com/article/3385126/apt-group-elfin-switches-from-data-destruction-to-data-stealing-via-winrar-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1085514 False Data Breach,Vulnerability APT33,APT 33 None CSO - CSO Daily Dashboard Spectre, Meltdown and Foreshadow are some of the best known. They exploit weaknesses in speculative execution in microprocessors to leak unauthorized information. Side channel vulnerabilities allow attackers to bypass account permissions, virtualization boundaries and protected memory regions.]]> 2019-02-20T03:00:00+00:00 https://www.csoonline.com/article/3341798/windows-security/how-to-update-windows-10-for-side-channel-vulnerability-fixes.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1033630 False Vulnerability None None CSO - CSO Daily Dashboard 2019-01-30T03:00:00+00:00 https://www.csoonline.com/article/3336219/windows-security/how-to-defend-office-365-from-spear-phishing-attacks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1015260 True Vulnerability,Threat None None CSO - CSO Daily Dashboard 2019-01-30T03:00:00+00:00 https://www.csoonline.com/article/3336219/windows-security/how-to-defend-office-386-from-spear-phishing-attacks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1014851 True Vulnerability,Threat None None CSO - CSO Daily Dashboard 2018-12-03T09:09:00+00:00 https://www.csoonline.com/article/3323412/vulnerabilities/risk-based-vulnerability-management-a-better-form-of-cyber-defense.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=932569 False Vulnerability None None CSO - CSO Daily Dashboard exploit and attack a particular eVoting machine. Undoubtedly other machines are also vulnerable to malicious alteration.]]> 2018-08-02T07:26:00+00:00 https://www.csoonline.com/article/3294976/cyberwarfare/political-hack-takes-on-new-meaning-in-the-age-of-cyberwarfare.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=763682 False Vulnerability,Studies None None CSO - CSO Daily Dashboard 2018-07-19T02:58:00+00:00 https://www.csoonline.com/article/3289270/network-security/review-predictively-locking-down-security-with-balbix.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=747610 False Vulnerability None None