Vulnerabilities found in CrushFTP file transfer software, security updates to Cisco's controller management application, and more.
Welcome to Cybersecurity Today. It's Monday, April 22, 2024. I'm Howard Solomon.
There is a warning About vulnerabilities in different file transfer platforms. This hole is found in CrushFTP servers that run on Windows, Linux, Unix, and Mac. Versions earlier than 11.1 may be compromised. The exception is a server that has a DMZ in front of the main CrushFTP server.
Released by Cisco Systems Security update to resolve a vulnerability in the Integrated Management Controller, a web interface used in many products. A remote hacker could exploit any of these vulnerabilities to take control of your system. Affected products include 5000 Series Enterprise Network Computing Systems, UCS-C, E and S Series Servers, and Catalyst 8300 Series Edge Servers.
last pass, The company, which makes password managers for businesses and individuals, says it has entered a new phase of phishing campaigns designed to trick users into giving up their passwords. You receive a call claiming your LastPass account has been compromised and asking you to press 2 to block the attack. The victim then receives her second phone call from someone pretending to be her LastPass employee and is sent an email with a link to reset her account. However, the link goes to a fake LastPass webpage of hers, where the victim's password is copied, allowing the scammer to access and access her LastPass account and change her password. From there, scammers can do nasty things like access your bank accounts. No one calls you claiming to be from LastPass support. Or Microsoft. Or your bank. Or the government.
new variant The Redline information thief has been discovered. McAfee researchers haven't said how they will distribute it.. However, the malware appears to be targeting gamers as it attempts to install an application called Cheat Lab. However, the network defender must be aware of two things. The malware appears to be hosted on Microsoft's official GitHub repository. As researcher Ax Sharma points out in a tweet, this takes advantage of a flaw in his GitHub. Defenders should also note that this malware includes a Lua just-in-time compiler to evade detection.
administrator If you are using Ivanti's Avalanche mobile device management software, you should consider that not only the laptops, smartphones, and other devices you manage, but also your applications, can be compromised. This is the advice of commentators at the SANS Institute. This comes after Ivanti released a security update patching 17 more vulnerabilities.
Separately, MITER Corp., which develops cybersecurity frameworks, acknowledged last week that attackers exploited two zero-day vulnerabilities in its Ivanti Connect Secure gateway to breach its defenses earlier this month. Using his session hijacking, the attacker was able to break through multi-factor authentication. Then, using the compromised administrator account, he dug deep into her VMware infrastructure at MITER and stole credentials.
latest list U.S. organizations notifying customers or employees about data breaches include:
– Montclair Township, New Jersey, has notified about 18,000 people that some of their information was stolen in a data breach last May. The copied information also included his name, driver's license number, and his non-driver ID card number.
– Kisco Senior Living, a chain of senior living facilities in 12 states, has notified more than 26,000 people about a data breach that occurred last June. The copied data included names and social security numbers.
– Green Diamond Resource Company, which logs forests in five states, has notified about 28,000 people about a data breach that occurred last June. Data copied includes name, social security number, financial account information, full access credentials, and driver's license number or state identification number.
finally, Cyber defenders may be interested in a background report released last week by multiple law enforcement agencies on the Akira ransomware gang. It includes a list of gang tactics and signs of compromise.
Follow Cyber Security Today on Apple Podcasts, Spotify, or add us to Flash Briefing on your smart speaker. Thank you for listening.I'm Howard Solomon
