A US Department of Defense email server hosted on Microsoft Azure's government cloud service reportedly was found wide open to the public Internet for a period of about two weeks before it was properly secured. According to a report on TechCrunch, a security researcher spotted the email server containing internal US military messages, some with sensitive personal information, including an SF-86 questionnaire that federal workers fill out as part of their security clearance process. READ MORE...
Initially one of the most prolific purveyors of information operations on Facebook, Russian operatives have during the course of the war in Ukraine found themselves taking a "smash-and-grab" approach to gain influence online, substituting quality with quantity. The new assessment of Russian influence operations comes from data that Meta, Facebook's parent company, released Thursday just as the war in Ukraine nears its one-year anniversary. READ MORE...
Criminals have targeted datacenter operators in Singapore and China, tapping into their CCTV cameras, accessing their tenant lists and then attacking those customers. That's the scary scenario outlined by infosec vendor Resecurity, which has detailed malicious campaigns said to have started in 2021 but became apparent earlier this month when info dumps were teased on the notorious Breached.to forums. READ MORE...
Cisco on Wednesday informed customers about the availability of patches for two high-severity vulnerabilities affecting components of its Application Centric Infrastructure (ACI) software-defined networking solution. One of these flaws, CVE-2023-20011, impacts the management interface of the Cisco Application Policy Infrastructure Controller (APIC) and Cloud Network Controller. APIC is the unified point of automation and management for ACI. READ MORE...
Threat actors are exploiting the popularity of OpenAI's ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting vitims to phishing pages. ChatGPT gained immense traction since its launch in November 2022, becoming the most rapidly growing consumer application in modern history with more then100 million users by January 2023. READ MORE...
A Russian national accused of developing a piece of malware named NLBrute has been extradited to the United States from the Eastern European country of Georgia. The suspect, Dariy Pankov, aka dpxaker, was extradited from Georgia in October 2022 and he appeared before a US judge this week. It's unclear for how long he had been in Georgia before being detained, but more than 100,000 Russians reportedly fled to the neighboring country last year. READ MORE...
Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. These attacks come one day after Horizon3 security researchers released proof-of-concept exploit code for the critical-severity flaw that will add a cron job to initiate a reverse shell on compromised systems as the root user. READ MORE...
Rezilion uncovered the presence of hundreds of Docker container images containing vulnerabilities that are not detected by most standard vulnerability scanners and SCA tools. The research revealed numerous high-severity/critical vulnerabilities hidden in hundreds of popular container images, downloaded billions of times collectively. This includes high-profile vulnerabilities with publicly known exploits. READ MORE...