GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform

GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform,

Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim’s Google account.
Dubbed GhostToken by Israeli cybersecurity startup Astrix Security, the shortcoming impacts all Google accounts, including enterprise-focused Workspace accounts. It

,

Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim’s Google account.
Dubbed GhostToken by Israeli cybersecurity startup Astrix Security, the shortcoming impacts all Google accounts, including enterprise-focused Workspace accounts. It

, ,
https://thehackernews.com/2023/04/ghosttoken-flaw-could-let-attackers.html

14 Kubernetes and Cloud Security Challenges and How to Solve Them

14 Kubernetes and Cloud Security Challenges and How to Solve Them,

Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets.
In response, Uptycs, the first

,

Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets.
In response, Uptycs, the first

, ,
https://thehackernews.com/2023/04/14-kubernetes-and-cloud-security.html

N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX

N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX,

The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors.
Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the incident marks the first time it has seen a « software supply chain attack lead to another software

,

The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors.
Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the incident marks the first time it has seen a « software supply chain attack lead to another software

, ,
https://thehackernews.com/2023/04/nk-hackers-employ-matryoshka-doll-style.html

Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products

Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products,

Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by malicious actors to execute arbitrary code on affected systems.
The most severe of the vulnerabilities is a command injection flaw in Cisco Industrial Network Director (CVE-2023-20036, CVSS score: 9.9), which resides in the web UI component and arises as a result of

,

Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by malicious actors to execute arbitrary code on affected systems.
The most severe of the vulnerabilities is a command injection flaw in Cisco Industrial Network Director (CVE-2023-20036, CVSS score: 9.9), which resides in the web UI component and arises as a result of

, ,
https://thehackernews.com/2023/04/cisco-and-vmware-release-security.html

Amazon part à la chasse aux contrefacteurs

Amazon part à la chasse aux contrefacteurs,

amazon

Bonne nouvelle pour les consommateurs : la plateforme d’e-commerce met en place un nouveau programme destiné à identifier plus facilement les contrefacteurs, ces sociétés qui mettent en vente des copies illégales de produits sur sa marketplace.

,

amazon

Bonne nouvelle pour les consommateurs : la plateforme d’e-commerce met en place un nouveau programme destiné à identifier plus facilement les contrefacteurs, ces sociétés qui mettent en vente des copies illégales de produits sur sa marketplace.

, ,
https://www.01net.com/actualites/amazon-part-a-la-chasse-aux-contrefacteurs.html

Two Critical Flaws Found in Alibaba Cloud’s PostgreSQL Databases

Two Critical Flaws Found in Alibaba Cloud’s PostgreSQL Databases

,

A chain of two critical flaws has been disclosed in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL that could be exploited to breach tenant isolation protections and access sensitive data belonging to other customers.
« The vulnerabilities potentially allowed unauthorized access to Alibaba Cloud customers’ PostgreSQL databases and the ability to perform a supply chain

,

A chain of two critical flaws has been disclosed in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL that could be exploited to breach tenant isolation protections and access sensitive data belonging to other customers.
« The vulnerabilities potentially allowed unauthorized access to Alibaba Cloud customers’ PostgreSQL databases and the ability to perform a supply chain

, ,
https://thehackernews.com/2023/04/two-critical-flaws-found-in-alibaba.html

Beyond Traditional Security: NDR’s Pivotal Role in Safeguarding OT Networks

Beyond Traditional Security: NDR’s Pivotal Role in Safeguarding OT Networks

,

Why is Visibility into OT Environments Crucial?
The significance of Operational Technology (OT) for businesses is undeniable as the OT sector flourishes alongside the already thriving IT sector. OT includes industrial control systems, manufacturing equipment, and devices that oversee and manage industrial environments and critical infrastructures. In recent years, adversaries have recognized the

,

Why is Visibility into OT Environments Crucial?
The significance of Operational Technology (OT) for businesses is undeniable as the OT sector flourishes alongside the already thriving IT sector. OT includes industrial control systems, manufacturing equipment, and devices that oversee and manage industrial environments and critical infrastructures. In recent years, adversaries have recognized the

, ,
https://thehackernews.com/2023/04/beyond-traditional-security-ndrs.html

Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job

Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job,

The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users.
The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job, ESET said in a new report published today.
The findings are crucial, not least because it marks the first publicly documented example of the

,

The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users.
The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job, ESET said in a new report published today.
The findings are crucial, not least because it marks the first publicly documented example of the

, ,
https://thehackernews.com/2023/04/lazarus-group-adds-linux-malware-to.html

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks,

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data.
The high-severity flaw, tracked as CVE-2023-0669 (CVSS score: 7.2), concerns a case of pre-authenticated command injection that could be abused to achieve code execution. The

,

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data.
The high-severity flaw, tracked as CVE-2023-0669 (CVSS score: 7.2), concerns a case of pre-authenticated command injection that could be abused to achieve code execution. The

, ,
https://thehackernews.com/2023/04/fortra-sheds-light-on-goanywhere-mft.html

ChatGPT’s Data Protection Blind Spots and How Security Teams Can Solve Them

ChatGPT’s Data Protection Blind Spots and How Security Teams Can Solve Them

,

In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate productivity boosters. However, the very same technology that enables rapid production of high-quality text on demand, can at the same time expose sensitive corporate data. A recent incident, in which Samsung software engineers pasted proprietary code into ChatGPT,

,

In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate productivity boosters. However, the very same technology that enables rapid production of high-quality text on demand, can at the same time expose sensitive corporate data. A recent incident, in which Samsung software engineers pasted proprietary code into ChatGPT,

, ,
https://thehackernews.com/2023/04/chatgpts-data-protection-blind-spots.html