Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
The activity is associated with the Volt Typhoon APT. Ukraine claims destruction of Russia's federal tax agency's servers.
Ukraine's defense intelligence directorate claims to have wiped over 2,300 servers belonging to Russia's federal tax service, completely destroying the infrastructure.
Daniel Akira Mills, 22, of Round Rock, Texas, was sentenced to 24 months in prison for relying on SIM swapping to take over victims' phone numbers and stealing over $600,000 in cryptocurrency from dozens of individuals.
CISA assigns CVE to Unitronics vulnerability exploited in water attacks.
CISA has assigned the CVE identifier CVE-2023-6448 to the Unitronics Vision PLC insecure default password vulnerability exploited in recent attacks aimed at the US water sector.
Attackers associated with the Iranian government have hacked internet-exposed PLCs, presumably by accessing them using the default password '1111'.
CISA also added the CVE to its known exploited vulnerabilities database.
New DNS spoofing attacks abusing DHCP. Akamai draws attention to a new type of DNS spoofing attacks that leverage Microsoft Dynamic Host Configuration Protocol servers, allowing attackers to access Active Directory Integrated DNS zones without authentication.
One variation of the attack allows adversaries to overwrite existing DNS records.
Vulnerabilities in Edulog parental portal exposed K-12 student information.
Tenable identified several vulnerabilities in Edulog's parent portal that allowed access to sensitive K-12 student information, including names, bus routes, GPS location, parent contact information, and configuration details for school districts, including usernames and passwords.
Palo Alto Networks fixed a high-severity cross-site scripting bug in PAN-OS. Zoom resolved high-severity vulnerabilities in desktop and mobile clients.
Lee, who secured seed funding from DataTribe as an entrepreneur, will remain as the Dragos full-time CEO. Open source tool Swagger Jacker.
Bishop Fox has released a new open source tool named Swagger Jacker, designed to help audit OpenAPI definition files.
The command line tool enables offensive security professionals to identify potential vulnerabilities or misconfigurations in the API routes defined within the definition document.
Bishop Fox has published a blog post describing the tool and the source code is available on GitHub.
New 5th Gen Intel Xeon processors bring increased security.
Intel has launched its 5th Gen Xeon processors, which the company says bring improved performance and increased security.
With these new CPUs, Intel Trust Domain Extensions, which provides increased confidentiality and security at the VM level, will be generally available to all OEM and CSP solution providers.
This Cyber News was published on www.securityweek.com. Publication date: Fri, 15 Dec 2023 15:13:04 +0000