Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data

Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data

,

A new security flaw has been disclosed in the Google Cloud Platform’s (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data.
« The vulnerability could have enabled a malicious actor to escalate from a basic Cloud SQL user to a full-fledged sysadmin on a container, gaining access to internal GCP data like secrets, sensitive files, passwords, in addition

,

A new security flaw has been disclosed in the Google Cloud Platform’s (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data.
« The vulnerability could have enabled a malicious actor to escalate from a basic Cloud SQL user to a full-fledged sysadmin on a container, gaining access to internal GCP data like secrets, sensitive files, passwords, in addition

, ,
https://thehackernews.com/2023/05/severe-flaw-in-google-clouds-cloud-sql.html

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities,

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox).
Predator was first documented by Google’s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android.
The spyware, which is delivered by means of

,

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox).
Predator was first documented by Google’s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android.
The spyware, which is delivered by means of

, ,
https://thehackernews.com/2023/05/predator-android-spyware-researchers.html

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits,

5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and the end service; these networks transmit sensitive data that can be vital for governments and

,

5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and the end service; these networks transmit sensitive data that can be vital for governments and

, ,
https://thehackernews.com/2023/05/5-must-know-facts-about-5g-network.html

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids,

A new strain of malicious software that’s engineered to penetrate and disrupt critical systems in industrial environments has been unearthed.
Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There is no evidence that it has been put to use in the wild.
« The

,

A new strain of malicious software that’s engineered to penetrate and disrupt critical systems in industrial environments has been unearthed.
Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There is no evidence that it has been put to use in the wild.
« The

, ,
https://thehackernews.com/2023/05/new-cosmicenergy-malware-exploits-ics.html

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances,

Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances.
The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions 5.1.3.001 through 9.2.0.006.
The California-headquartered firm 

,

Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances.
The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions 5.1.3.001 through 9.2.0.006.
The California-headquartered firm 

, ,
https://thehackernews.com/2023/05/barracuda-warns-of-zero-day-exploited.html

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry,

A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry.
« The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices, » Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News.
Targets include

,

A new botnet called Dark Frost has been observed launching distributed denial-of-service (DDoS) attacks against the gaming industry.
« The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices, » Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News.
Targets include

, ,
https://thehackernews.com/2023/05/dark-frost-botnet-launches-devastating.html

Zyxel Issues Critical Security Patches for Firewall and VPN Products

Zyxel Issues Critical Security Patches for Firewall and VPN Products,

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution.
Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system.
A brief description of the two issues is below –

CVE-2023-33009 –

,

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution.
Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system.
A brief description of the two issues is below –

CVE-2023-33009 –

, ,
https://thehackernews.com/2023/05/zyxel-issues-critical-security-patches.html

Cynet Protects Hospital From Lethal Infection

Cynet Protects Hospital From Lethal Infection,

A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process of upgrading several expensive imaging systems that were still supported by Windows XP and Windows 7 machines. Cynet protections were in place on most of the Windows XP and Windows 7 machines during the upgrade process, ensuring that legacy operating systems would not

,

A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process of upgrading several expensive imaging systems that were still supported by Windows XP and Windows 7 machines. Cynet protections were in place on most of the Windows XP and Windows 7 machines during the upgrade process, ensuring that legacy operating systems would not

, ,
https://thehackernews.com/2023/05/cynet-protects-hospital-from-lethal.html

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government,

An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim’s Microsoft Exchange Server with a « simple yet effective » backdoor dubbed PowerExchange.
According to a new report from Fortinet FortiGuard Labs, the intrusion relied on email phishing as an initial access pathway, leading to the execution of a .NET

,

An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim’s Microsoft Exchange Server with a « simple yet effective » backdoor dubbed PowerExchange.
According to a new report from Fortinet FortiGuard Labs, the intrusion relied on email phishing as an initial access pathway, leading to the execution of a .NET

, ,
https://thehackernews.com/2023/05/new-powerexchange-backdoor-used-in.html

Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks

Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks,

A Brazilian threat actor is targeting more than 30 Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021.
« The attackers can steal credentials and exfiltrate users’ data and personal information, which can be leveraged for malicious activities beyond financial gain, » SentinelOne researchers Aleksandar Milenkoski and Tom

,

A Brazilian threat actor is targeting more than 30 Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021.
« The attackers can steal credentials and exfiltrate users’ data and personal information, which can be leveraged for malicious activities beyond financial gain, » SentinelOne researchers Aleksandar Milenkoski and Tom

, ,
https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html