The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive.
According to recent findings from Morphisec Threat Labs' cyber security analysts, hackers are currently carrying out Steganography malware hiding technique in PNG files.
This campaign highlights the changing landscape of cyber threats and reinforces the message that organizations and individuals need to maintain alertness, update their security solutions, and equip themselves with knowledge about these threats.
The incident has raised concerns about national security implications, especially for federal organizations hence the issuance of an emergency directive from CISA. Microsoft has attempted to reduce the risk by alerting all federal agencies affected by these breaches and imposing distinct guidelines aimed at enhancing security in their systems.
A Fortinet Forticlient EMS vulnerability is a security hole that threat actors have exploited to plant unsanctioned RMM and PowerShell backdoor on machines.
This occurrence stresses on the need for strong cyber security by companies holding customers' delicate identities.
Security experts keep on insisting that for boAt's transparent and proactive response such as contacting all affected users, thoroughly investigating the range covered by the breach, and changing security protocols to protect against future vulnerabilities.
The Common Vulnerability Scoring System has assigned high severity scores to them, showing that these security vulnerabilities are indeed very serious.
The report indicates Cisco IOS software for Catalyst 6000 series switches has a severe security vulnerability, which could result in a denial of service attack.
Internet security professionals and experts are concerned about this vulnerability that prevents HTTP/2 from processing a large number of request related headers, while vendors have come out with different responses.
At the risk of data thefts and malware downloads, it is an information security vulnerability that allows for remote code execution.
Bitdefender Labs discovered critical security vulnerabilities in over 90,000 LG smart TVs using WebOS, potentially allowing unauthorized access to the TV and home network.
LG has been working on a patch to address these vulnerabilities, highlighting the importance of ensuring devices receive automatic updates to apply the security fix once released.
Those running applications with Node.js on their Windows platform should upgrade now, review security measures, and keep up with new updates as well as advisories regarding security issues.
Bitdefender vulnerabilities report indicates that Bitdefender's GravityZone Update Server, Endpoint Security for Linux, and Endpoint Security for Windows have critical security flaws.
To prevent these dangers, users are recommended to switch to patched versions of Bitdefender Endpoint Security for Linux version 7.0.5.200090, Endpoint Security for Windows version 7.9.9.381 and GravityZone Control Center version 6.36.1-1 respectively.
The U.S. Cybersecurity and Infrastructure Security Agency placed this bug into its Known Exploited Vulnerabilities catalog with federal agencies required to apply patches by April 19.
One of the biggest security updates in Microsoft's history was addressed by Patch Tuesday in April 149 bugs were fixed with this update, including vulnerabilities like Office, SQL Server, and Windows OS and Azure having nine CVEs.
These vulnerabilities which are named CVE-2023-6317 to CVE-2023-6320 allow for unauthorized root access which exposes a compromise in privacy and security.
Chrome has presented a new security feature called V8 Sandbox that is meant to combat memory corruption vulnerabilities.
This Cyber News was published on cybersecuritynews.com. Publication date: Sun, 14 Apr 2024 15:10:38 +0000