New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access,

Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems.
The issue, tracked as CVE-2023-25610, is rated 9.3 out of 10 for severity and was internally discovered and reported by its security teams.
« A buffer underwrite (‘buffer underflow’) vulnerability in

,

Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems.
The issue, tracked as CVE-2023-25610, is rated 9.3 out of 10 for severity and was internally discovered and reported by its security teams.
« A buffer underwrite (‘buffer underflow’) vulnerability in

, ,
https://thehackernews.com/2023/03/new-critical-flaw-in-fortios-and.html

Google veut vous défendre du Dark Web et ouvre son VPN à tous !

Google veut vous défendre du Dark Web et ouvre son VPN à tous !,

Google One, le service par abonnement de Google s'enrichit de nouvelles fonctions.

Plus de sécurité pour le même prix ! Le géant de Mountain View vient d’annoncer qu’il étend l’accès à son VPN à tous les forfaits de son offre Google One. Il ajoute également une nouvelle fonction de surveillance du Dark Web pour y débusquer d’éventuelles données personnelles volées.

,

Google One, le service par abonnement de Google s'enrichit de nouvelles fonctions.

Plus de sécurité pour le même prix ! Le géant de Mountain View vient d’annoncer qu’il étend l’accès à son VPN à tous les forfaits de son offre Google One. Il ajoute également une nouvelle fonction de surveillance du Dark Web pour y débusquer d’éventuelles données personnelles volées.

, ,
https://www.01net.com/actualites/google-veut-vous-defendre-du-dark-web-et-ouvre-son-vpn-a-tous.html

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks,

A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems.
The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are

,

A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems.
The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are

, ,
https://thehackernews.com/2023/03/jenkins-security-alert-new-security.html

Syxsense Platform: Unified Security and Endpoint Management

Syxsense Platform: Unified Security and Endpoint Management,

As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize to handle endpoint security and management. This can leave gaps in an enterprise’s ability to identify devices that are accessing the network and in ensuring that those devices are compliant with security policies. These gaps are often seen in outdated spreadsheets that

,

As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize to handle endpoint security and management. This can leave gaps in an enterprise’s ability to identify devices that are accessing the network and in ensuring that those devices are compliant with security policies. These gaps are often seen in outdated spreadsheets that

, ,
https://thehackernews.com/2023/03/syxsense-platform-unified-security-and.html

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity,

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year.
While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that’s widely used by public institutions and universities, the re-infiltration in October 2022 involved the

,

The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year.
While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that’s widely used by public institutions and universities, the re-infiltration in October 2022 involved the

, ,
https://thehackernews.com/2023/03/lazarus-group-exploits-zero-day.html

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments,

High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year.
The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the group’s attack chains observed in 2021.
Israeli cybersecurity company Check Point said the « 

,

High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year.
The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the group’s attack chains observed in 2021.
Israeli cybersecurity company Check Point said the « 

, ,
https://thehackernews.com/2023/03/sharp-panda-using-new-soul-framework.html

CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The list of vulnerabilities is below –

CVE-2022-35914 (CVSS score: 9.8) – Teclib GLPI Remote Code Execution Vulnerability
CVE-2022-33891 (CVSS score: 8.8) – Apache Spark Command Injection Vulnerability

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The list of vulnerabilities is below –

CVE-2022-35914 (CVSS score: 9.8) – Teclib GLPI Remote Code Execution Vulnerability
CVE-2022-33891 (CVSS score: 8.8) – Apache Spark Command Injection Vulnerability

, ,
https://thehackernews.com/2023/03/cisas-kev-catalog-updated-with-3-new.html

SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms

SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms,

Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors.
« The threat actors behind the campaign are targeting Facebook business accounts by using Google ads and fake Facebook profiles that promote things like games, adult content, and cracked software, etc. to lure

,

Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors.
« The threat actors behind the campaign are targeting Facebook business accounts by using Google ads and fake Facebook profiles that promote things like games, adult content, and cracked software, etc. to lure

, ,
https://thehackernews.com/2023/03/sys01stealer-new-threat-using-facebook.html

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps,

A suspected Pakistan-aligned advanced persistent threat (APT) group known as Transparent Tribe has been linked to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT.
« Transparent Tribe distributed the Android CapraRAT backdoor via trojanized secure messaging and calling apps branded as MeetsApp and MeetUp, » ESET said in a report

,

A suspected Pakistan-aligned advanced persistent threat (APT) group known as Transparent Tribe has been linked to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT.
« Transparent Tribe distributed the Android CapraRAT backdoor via trojanized secure messaging and calling apps branded as MeetsApp and MeetUp, » ESET said in a report

, ,
https://thehackernews.com/2023/03/transparent-tribe-hackers-distribute.html

Why Healthcare Can’t Afford to Ignore Digital Identity

Why Healthcare Can’t Afford to Ignore Digital Identity

,

Investing in digital identity can improve security, increase clinical productivity, and boost healthcare’s bottom line. — by Gus Malezis, CEO of Imprivata
Digitalization has created immeasurable opportunities for businesses over the past two decades. But the growth of hybrid work and expansion of Internet of Things (IoT) has outpaced traditional ‘castle and moat’ cybersecurity, introducing

,

Investing in digital identity can improve security, increase clinical productivity, and boost healthcare’s bottom line. — by Gus Malezis, CEO of Imprivata
Digitalization has created immeasurable opportunities for businesses over the past two decades. But the growth of hybrid work and expansion of Internet of Things (IoT) has outpaced traditional ‘castle and moat’ cybersecurity, introducing

, ,
https://thehackernews.com/2023/03/why-healthcare-cant-afford-to-ignore.html