breaking news

US CISA adds MS Exchange bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog

US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The first issue, tracked as CVE-2022-41080, is a Microsoft Exchange server privilege escalation vulnerability. The issue can be chained with CVE-2022-41082 (ProxyNotShell) to […]

The post US CISA adds MS Exchange bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

January 11, 2023
0 comment
Read More >>

Microsoft Patch Tuesday for January 2023 fixed actively exploited zero-day

Microsoft Patch Tuesday security updates for January 2023 fixed 97 flaws and an actively exploited zero-day. Microsoft Patch Tuesday security updates for January 2023 addressed a total of 98 vulnerabilities in Microsoft Windows and Windows Components; Office and Office Components; .NET Core and Visual Studio Code, 3D Builder, Azure Service Fabric Container, Windows BitLocker, Windows […]

The post Microsoft Patch Tuesday for January 2023 fixed actively exploited zero-day appeared first on Security Affairs.

January 11, 2023
0 comment
Read More >>

Just Say YES to Climate Lockdowns! #AwakenWithJP #Conservative #FreedomFighter #FreeSpeechPatriot #humor #MaryPatriotNews [Video]

Grab your Red/Blue Light Teeth Whitening Kit at https://naturalteethwhiteners.com/jpGet 60% Off when you use that link!Get your Freedom Merch Here – https://bit.ly/3SqObSZUpcoming LIVE shows – https://awakenwithjp.com/pages/tourGet updates from me via email here: https://awakenwithjp.com/joinmeThe UK is initiating climate lockdowns! Here’s everything you need to know in today’s special report…Listen and Subscribe to my Podcast here: https://apple.co/3fFTbPCConnect with me at: http://www.facebook.com/AwakenWithJPhttp://www.Instagram.com/AwakenWithJPhttps://rumble.com/AwakenWithJPhttp://www.twitter.com/AwakenWithJPhttps://mewe.com/p/awakenwithjphttps://parler.com/profile/AwakenWithJPhttp://www.AwakenWithJP.com

January 11, 2023
0 comment
Read More >>

Zoom Rooms was affected by four “high” severity vulnerabilities

Zoom addressed four “high” severity vulnerabilities impacting its popular videoconferencing software Zoom Rooms. Zoom addressed four “high” severity vulnerabilities impacting its videoconferencing platform Zoom Rooms. Below are the details for the bugs addressed by the company: CVE-2022-36930 (CVSS Score 8.2) – Local Privilege Escalation in Rooms for Windows Installers. The issue affects Rooms for Windows […]

The post Zoom Rooms was affected by four “high” severity vulnerabilities appeared first on Security Affairs.

January 10, 2023
0 comment
Read More >>

Remote code execution bug discovered in the popular JsonWebToken library

The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The open-source JsonWebToken (JWT) library is affected by a high-severity security flaw, tracked as CVE-2022-23529 (CVSS score: 7.6), that could lead to remote code execution. The package is maintained by Auth0, it had over 9 million weekly downloads […]

The post Remote code execution bug discovered in the popular JsonWebToken library appeared first on Security Affairs.

January 10, 2023
0 comment
Read More >>

Kinsing malware targets Kubernetes environments via misconfigured PostgreSQL

Kinsing cryptojacking operators are exploiting misconfigured and exposed PostgreSQL servers to access Kubernetes environments. Researchers at Microsoft Defender for Cloud observed threat actors behind the Kinsing cryptojacking operation using two methods to gain initial access in Kubernetes environments: exploitation of weakly configured PostgreSQL containers and exploiting vulnerable images. The crypto-miner Kinsing was first spotted by security firm […]

The post Kinsing malware targets Kubernetes environments via misconfigured PostgreSQL appeared first on Security Affairs.

January 10, 2023
0 comment
Read More >>

Airline company Air France-KLM discloses security breach

Airline company Air France-KLM is notifying the customers of its loyalty program Flying Blue of a data breach. Airline company Air France-KLM announced it has suffered a data breach, data belonging to customers of its loyalty program Flying Blue were exposed. The Flying Blue loyalty program is used by other airlines, including Aircalin, Kenya Airways, […]

The post Airline company Air France-KLM discloses security breach appeared first on Security Affairs.

January 10, 2023
0 comment
Read More >>

Phishing campaign targets government institution in Moldova

The government institutions of Moldova have been hit by a wave of phishing attacks since the country offered support to Ukraine. The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than 1,330 emails to accounts belonging to the country’s state services. “The Information Technology and Cyber […]

The post Phishing campaign targets government institution in Moldova appeared first on Security Affairs.

January 9, 2023
0 comment
Read More >>

Russia-linked Cold River APT targeted US nuclear research laboratories

Russia-linked Cold River APT targeted three nuclear research laboratories in the United States in 2022 summer, Reuters reported. Reuters reported that the Russia-linked APT group Cold River (aka Calisto) targeted three nuclear research laboratories in the United States between August and September 2022. The Cold River APT group targeted the Brookhaven (BNL), Argonne (ANL), and […]

The post Russia-linked Cold River APT targeted US nuclear research laboratories appeared first on Security Affairs.

January 9, 2023
0 comment
Read More >>

Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)

Cybersecurity firm Resecurity published report on drug trafficking marketplaces currently operating in the Dark Web Resecurity, a Los Angeles-based cybersecurity and risk management provider has released an eye-opening report on drug trafficking marketplaces currently operating in the Dark Web. The report highlights a rapidly growing shadow economy, and new communication methods such as proprietary Android-based […]

The post <strong>Resecurity Released a Status Report on Drug Trafficking in the Dark Web (2022-2023)</strong> appeared first on Security Affairs.

January 9, 2023
0 comment
Read More >>