Tag: software
-
Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat
Tags: access, advisory, ai, api, attack, authentication, best-practice, cisa, computer, computing, crypto, cryptography, cyber, cybersecurity, data, defense, encryption, exploit, finance, framework, google, governance, government, group, hacker, healthcare, infrastructure, injection, intelligence, Internet, iran, login, mfa, military, mitigation, mitre, network, nist, passkey, password, programming, ransomware, risk, rust, service, software, strategy, tactics, technology, terrorism, threat, tool, training, vulnerability, warfareCheck out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Dive into five things that are top of mind for the…
-
Frequently Asked Questions About Iranian Cyber Operations
Tags: access, advisory, api, apt, attack, authentication, awareness, cisa, cloud, credentials, cve, cyber, cybersecurity, data, data-breach, defense, dos, exploit, finance, framework, government, group, Hardware, identity, infrastructure, injection, Internet, iran, ivanti, malware, mfa, microsoft, middle-east, military, mitre, monitoring, network, password, ransomware, rce, remote-code-execution, risk, service, software, supply-chain, tactics, technology, terrorism, threat, tool, update, vpn, vulnerability, windowsTenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding Iranian cyber operations in the wake of the recent conflict and…
-
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit.The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed to…
-
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors.”The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious,” Trellix researchers Nico Paulo First seen on thehackernews.com Jump to article: thehackernews.com/2025/06/oneclik-malware-targets-energy-sector.html
-
MOVEit Transfer Systems Face Fresh Attack Risk Following Scanning Activity Surge
GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/moveit-attack-risk-scanning-surge/
-
Cisco warns of critical API vulnerabilities in ISE and ISE-PIC
Tags: access, ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisco, ciso, cloud, communications, control, credentials, data, defense, email, endpoint, exploit, firewall, flaw, framework, guide, Hardware, incident response, malicious, microsoft, mobile, network, penetration-testing, programming, risk, router, saas, sans, service, software, threat, update, vpn, vulnerability, wafroot user.The fault behind both vulnerabilities: Holes in application programming interfaces (APIs).”Take this vulnerability seriously,” said Moses Frost, senior course instructor on cloud penetration testing at the SANS Institute. “In my experience assessing networks, I have found through testing that many lack essential patches and security hardening on their core network devices. I have seen Cisco…
-
French city of Lyon ditching Microsoft for open source office and collab tools
Ingredients of future software salade Lyonnaise will include Linux, PostgreSQL, and OnlyOffice First seen on theregister.com Jump to article: www.theregister.com/2025/06/26/lyon_leaving_microsoft/
-
LinuxFest Northwest: CentOS Mythbusters
Author/Presenter: Carl George (Principal Software Engineer, Red Hat) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and via the organizations YouTube channel.…
-
nOAuth Exploit Enables Full Account Takeover of Entra Cross-Tenant SaaS Applications
A severe security flaw, dubbed nOAuth, has been identified in certain software-as-a-service (SaaS) applications integrated with Microsoft Entra ID, potentially allowing attackers to achieve full account takeover across tenant boundaries. Research conducted by Semperis, disclosed on June 26, 2025, revealed that 9 out of 104 tested applications approximately 9% within the Microsoft Entra App Gallery…
-
Microsoft to make Windows more resilient following 2024 IT outage
The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-windows-resilient-2024-it-outage/751740/
-
Threat Actors Exploit ChatGPT, Cisco AnyConnect, Google Meet, and Teams in Attacks on SMBs
Threat actors are increasingly leveraging the trusted names of popular software and services like ChatGPT, Cisco AnyConnect, Google Meet, and Microsoft Teams to orchestrate sophisticated cyberattacks. According to a recent report by Kaspersky Lab, SMBs, often perceived as less fortified than larger enterprises, are prime targets for both opportunistic hackers and organized cybercrime groups. Rising…
-
Erste Malware entdeckt, die KI-basierte Erkennungsmaßnahmen durch Prompt-Injection umgeht
Check Point Research (CPR), die IT-Forensiker von Check Point Software Technologies hat den ersten dokumentierten Fall von Malware entdeckt, die versucht, KI-basierte Erkennungsmaßnahmen durch Prompt-Injection zu umgehen. Der Angreifer passte dabei nicht etwa den Code an, sondern versuchte, über direkte Kommunikation mit der KI diese so zu manipulieren, dass sie die verseuchte Datei als harmlos…
-
AMI MegaRAC bug enabling server hijacks exploited in attacks
CISA says a maximum severity vulnerability in AMI’s MegaRAC Baseboard Management Controller (BMC) software, which enables attackers to hijack and brick servers, is currently under active exploitation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-ami-megarac-bug-that-lets-hackers-brick-servers-now-actively-exploited/
-
How to make your multicloud security more effective
Tags: ai, automation, ciso, cloud, container, control, data, infrastructure, LLM, risk, risk-analysis, software, technology, threat, toolIs it time to repatriate to the data center?: Perhaps. Some organizations, such as Zoom, have moved workloads to on-premises because it provides more predictable performance for real-time needs of their apps. John Qian, who once worked there and now is the CISO for security vendor Aviatrix, tells CSO that Zoom uses all three of…
-
CISA Issues Alert on ControlID iDSecure Flaws Enabling Bypass Authentication
Tags: access, authentication, cisa, control, cyber, cybersecurity, data, flaw, infrastructure, leak, software, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding critical vulnerabilities in ControlID’s iDSecure On-premises software, a widely used vehicle control and access management platform. The alert, designated ICSA-25-175-05 and released on June 24, 2025, highlights multiple security flaws that could allow attackers to bypass authentication, leak sensitive data, and perform…
-
MOVEit Transfer Systems Hit by Wave of Attacks Using Over 100 Unique IPs
A dramatic surge in scanning and exploitation activity targeting Progress Software’s MOVEit Transfer file-sharing platform has alarmed cybersecurity researchers and enterprise defenders worldwide. Over the past 90 days, threat intelligence firm GreyNoise has detected 682 unique IP addresses targeting MOVEit Transfer systems, with the most intense activity beginning on May 27, 2025″, when scanning activity…
-
The top red teamer in the US is an AI bot
Tags: ai, attack, breach, cybersecurity, data, email, exploit, infrastructure, monitoring, ransomware, risk, software, threat, tool, training, updateDefenders need to rethink their approach: While Xbow is now besting human red-teamers, and at a rapid clip, defenders still have a long way to go to keep up with the onslaught of AI-perpetrated attacks, experts say.”Hackers are quickly adopting new tools that allow them to move faster, hit harder, and target more precisely than…
-
Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks
A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors to compromise organizations within the energy, oil, and gas sectors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oneclik-attacks-use-microsoft-clickonce-and-aws-to-target-energy-sector/
-
Hackers Using Malicious SonicWall VPN for Credential Theft
Trojanized NetExtender Installer Exfiltrates Data to Hardcoded IP Address. Fake versions of SonicWall VPN software contain a credential-stealing Trojan, the California network security company warned Monday. Imposter versions of tools such as VPNs, virtual desktops and software development tools are often laced with infostealers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-using-malicious-sonicwall-vpn-for-credential-theft-a-28815
-
AI Accelerates Code Generation, Risk for AppSec Teams
Contrast Security CTO Jeff Williams on How Attackers Exploit AI Code Generation. AI tools are not only accelerating software development but also attacker capabilities. It’s not that hard to write AI [codes] that will generate exploits and attack applications. It is lowering the bar and expanding the population of attackers, said Contrast Security CTO Jeff…
-
Vibe Coding – a Great Tool if You Know How to Use It
AI Assistants Accelerate Coding But Can Create Huge Risks for the Inexperienced When used well, vibe coding can unlock astonishing productivity and lower the barrier to getting ideas off the ground. But here’s the problem: Too many newcomers are mistaking it for a replacement for a deep understanding of coding and software development principles. First…
-
North Korean Hackers Pose as Recruiters, Target Developers with 35 New Malicious npm Packages
A new cyber campaign orchestrated by North Korean threat actors has been exposed by the Socket Threat Research Team, revealing a sophisticated supply chain attack targeting software developers through the npm registry. Linked to the Contagious Interview operation, these adversaries have published 35 malicious npm packages across 24 accounts, with six still active on the…
-
nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
New research has uncovered continued risk from a known security weakness in Microsoft’s Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications.Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenant nOAuth abuse.First disclosed by First seen…
-
NSA and CISA Urge Adoption of Memory Safe Languages for Safety
NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nsa-cisa-urge-memory-safe-languages/
-
Generative AI Exacerbates Software Supply Chain Risks
Malicious actors are exploiting AI-fabricated software components, presenting a major challenge for securing software supply chains. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/generative-ai-exacerbates-software-supply-chain-risks
-
CISA Publishes Guide to Address Memory Safety Vulnerabilities in Modern Software Development
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Security Agency (NSA), has released a comprehensive guide titled >>Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development.
-
LLMs hype versus reality: What CISOs should focus on
Tags: ai, attack, backdoor, breach, business, chatgpt, ciso, cloud, control, corporate, cyber, cybercrime, cybersecurity, data, finance, governance, LLM, malware, monitoring, network, open-source, risk, risk-management, sans, service, software, supply-chain, technology, threat, tool, vulnerabilitynot using AI even though there is a lot of over-hype and promise about its capability. That said, organizations that don’t use AI will get left behind. The risk of using AI is where all the FUD is.”In terms of applying controls, rinse, wash, and repeat the processes you followed when adopting cloud, BYOD, and…
-
Black Duck Teams with Arm to Boost EU Cyber Resilience Act Compliance
Software security company Black Duck is ramping up efforts to help organizations comply with the European Cyber Resilience Act (CRA), building on a 20-year partnership with British chip design giant Arm. The collaboration focuses on securing software running on Arm64-based systems, now widely used in hyperscaler and enterprise environments. Since 2005, Black Duck has played…
-
Black Hat SEO Poisoning Search Engine Results For AI to Distribute Malware
IntroductionZscaler ThreatLabz researchers recently uncovered AI-themed websites designed to spread malware. The threat actors behind these attacks are exploiting the popularity of AI tools like ChatGPT and Luma AI. These websites are utilizing platforms such as WordPress and are designed to poison search engine rankings and increase the probability of unsuspecting users landing on these…