A trio of bugs could allow hackers to escalate privileges and remotely execute code on virtual machines deployed across cloud environments.
...moreSummary
Total Articles Found: 11
Top sources:
Top Keywords:
- Cryptography: 1
- Hacks: 1
- Government: 1
- Malware: 1
- Vulnerabilities: 1
Top Authors
Top Articles:
- Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms
- Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days
- China-linked APT Flew Under Radar for Decade
- PyPI Shuts Down Over the Weekend, Says Incident Was Overblown
- Popular NFT Marketplace Phished for $540M
- CrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball
- Critical VMware Bugs Open Swaths of VMs to RCE, Data Theft
- Session Takeover Bug in AWS Apache Airflow Reveals Larger Cloud Risk
- Newly ID'ed Chinese APT Hides Backdoor in Software Updates
- Is CISA's Secure by Design Pledge Toothless?
Critical VMware Bugs Open Swaths of VMs to RCE, Data Theft
Published: 2024-06-18 20:23:24
Popularity: 32
Author: Nate Nelson, Contributing Writer
LLM Says: ""VMware hacked""
Session Takeover Bug in AWS Apache Airflow Reveals Larger Cloud Risk
Published: 2024-03-21 17:13:23
Popularity: 13
Author: Nate Nelson, Contributing Writer
A bug exposed users of an AWS workflow management service to cookie tossing, but behind the scenes lies an even deeper issue that runs across all of the top cloud services.
...moreNewly ID'ed Chinese APT Hides Backdoor in Software Updates
Published: 2024-01-26 21:00:00
Popularity: 9
Author: Nate Nelson, Contributing Writer
The threat actor went more than half a decade before being discovered — thanks to a remarkable backdoor delivered in invisible adversary-in-the-middle attacks.
...morePyPI Shuts Down Over the Weekend, Says Incident Was Overblown
Published: 2023-05-22 20:52:00
Popularity: 45
Author: Nate Nelson, Contributing Writer, Dark Reading
The climate of concern around open source security and supply chain attacks may have caused a small story to become a big one.
...morePopular NFT Marketplace Phished for $540M
In March, a North Korean APT siphoned blockchain gaming platform Axie Infinity of $540M.
...moreChina-linked APT Flew Under Radar for Decade
Published: 2022-06-17 13:34:04
Popularity: 57
Author: Nate Nelson
Keywords:
Evidence suggests that a just-discovered APT has been active since 2013.
...moreMicrosoft Has Yet to Patch 7 Pwn2Own Zero-Days
Published: 2024-05-17 12:00:00
Popularity: 63
Author: Nate Nelson, Contributing Writer
A number of serious Windows bugs still haven't made their way into criminal circles, but that won't remain the case forever — and time is running short before ZDI releases exploit details.
...moreIs CISA's Secure by Design Pledge Toothless?
Published: 2024-05-10 18:21:29
Popularity: 9
Author: Nate Nelson, Contributing Writer
CISA's agreement is voluntary and, frankly, basic. Signatories say that's a good thing.
...moreCritical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms
Published: 2024-05-20 19:31:25
Popularity: 95
Author: Nate Nelson, Contributing Writer
An on-by-default endpoint in ubiquitous logging service Fluent Bit contains an oversight that hackers can toy with to rattle most any cloud environment.
...moreCrowdStrike 'Updates' Deliver Malware & More as Attacks Snowball
Published: 2024-07-25 20:51:01
Popularity: 43
Author: Nate Nelson, Contributing Writer
LLM Says: "Malware Alert"
The fake updates are part of a phishing and fraud surge that is both more voluminous and more targeted that the usual activity around national news stories.
...moreCritical, Actively Exploited Jenkins RCE Bug Suffers Patch Lag
Published: 2024-08-22 19:42:04
Popularity: None
Author: Nate Nelson, Contributing Writer
LLM Says: ""Exploit alert""
A 7-month-old bug in an OSS CI/CD server is still being actively exploited, thanks to spotty patching, CISA warns.
...more