The volume of cloud-based malware tripled in 2022 over the prior year, says Netskope, with 30% of the malicious downloads coming from Microsoft OneDrive.
The post Rise of cloud-delivered malware poses key security challenges appeared first on TechRepub…
Vendors and agencies are actively bypassing the security patch that Adobe released in February 2022 to address CVE-2022-24086, a critical mail template vulnerability in Adobe Commerce and Magento stores, ecommerce security firm Sansec warns.
read more
The US government’s cybersecurity agency CISA is giving federal agencies an early February deadline to patch a critical — and already exploited — security vulnerability in the widely used CentOS Control Web Panel utility.
read more
A couple of critical vulnerabilities have been discovered in Netcomm rourers, experts warn of their potential exploitation in the wild. The vulnerabilities discovered in the Netcomm routers are a a stack based buffer overflow and an authentication bypass, respectively tracked as CVE-2022-4873 and CVE-2022-4874. Both issues impact the Netcomm router models NF20MESH, NF20, and NL1902 running software versions […]
The post A couple of bugs can be chained to hack Netcomm routers appeared first on Security Affairs.
A month ago, the FBI warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers &#…
A ransomware attack against the maritime software supplier DNV impacted approximately 1,000 vessels. About 1,000 vessels have been impacted by a ransomware attack against DNV, one of the major maritime software suppliers. DNV GL provides solutions and services throughout the life cycle of any vessel, from design and engineering to risk assessment and ship management. […]
The post 1,000 ships impacted by a ransomware attack on maritime software supplier DNV appeared first on Security Affairs.
By Habiba Rashid
The company targeted in the ransomware attack is DNV, a prominent and widely-recognized provider of digital ship management solutions.
This is a post from HackRead.com Read the original post: Disruption on High Seas: Shipping Software…
Researchers demonstrated how to abuse a feature in GitHub Codespaces to deliver malware to victim systems. Trend Micro researchers reported that it is possible to abuse a legitimate feature in the development environment GitHub Codespaces to deliver malware to victim systems. Users can customize their project for GitHub Codespaces by committing configuration files to their repository, which […]
The post How to abuse GitHub Codespaces to deliver malicious content appeared first on Security Affairs.
Fortinet warns of three new malicious PyPI packages containing code designed to fetch the Wacatac trojan and information stealer as a next stage payload.
read more
Researchers discovered three malicious packages that have been uploaded to the Python Package Index (PyPI) repository by Lolip0p group. FortiGuard Labs researchers discovered three malicious PyPI packages (called ‘colorslib’, ‘httpslib’, and “libhttps”) on the PyPI repository that were uploaded by the same actor, Lolip0p. The packages were discovered on January 10, 2023, the packages “colorslib” and […]
The post Fortinet observed three rogue PyPI packages spreading malware appeared first on Security Affairs.