RunC Flaws Enable Container Escapes, Granting Attackers Host Access

[ad_1] Jan 31, 2024NewsroomSoftware Security / Linux Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed Leaky Vessels by cybersecurity vendor…

Read More

Understanding New SaaS Cybersecurity Rules

[ad_1] The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them. The new cybersecurity mandates make no distinction between data exposed in a…

Read More

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware

[ad_1] Jan 31, 2024NewsroomCyber Crime / Hacking News Cybersecurity researchers are calling attention to the “democratization” of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. “This messaging app has transformed into a bustling hub where seasoned…

Read More

Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware

[ad_1] Jan 31, 2024NewsroomCryptocurrency / Cybersecurity A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. “UNC4990 operations generally involve widespread USB infection followed by the deployment…

Read More

Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware

[ad_1] Jan 31, 2024NewsroomCyber Attack / Network Security A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that’s used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE-2023-46805 (CVSS score: 8.2) and…

Read More

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

[ad_1] Jan 31, 2024NewsroomVulnerability / Endpoint Security Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc’s __vsyslog_internal() function, which is used by syslog() and vsyslog()…

Read More