Security experts are urging users of IBM's Aspera Faspex file-exchange application to take it offline immediately unless they've patched a flaw being actively exploited by ransomware groups, including Buhti and IceFire. Separately, QNAP is warning customers to prepare for emergency security fixes.
A hacking group with apparent ties to Russia or Belarus has been using "simple yet effective attack techniques and tools" to gain access to multiple governments' email systems as part of apparent cyberespionage operations in support of Russia's invasion of Ukraine, researchers warn.
The Food and Drug Administration on Wednesday said that starting immediately, medical device makers must include cybersecurity plans with new product applications. Beginning on Oct. 1, the FDA intends to issue "refuse to accept" determinations for submissions lacking the cyber requirements.
Cisco plans to purchase its second cloud security startup in two months to deliver context, prioritization and remediation recommendations for cloud-native resources. The networking giant said its proposed buy of Lightspin will allow clients to identify and address key cloud security risks.
Hackers have been actively exploiting vulnerabilities in ColdFusion to remotely compromise servers, Adobe warns. Since at least early January, attackers have been dropping web shells via ColdFusion, but it's unclear if only now-known vulnerabilities are being exploited, security researchers say.
A financially motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows operating system to deliver ransomware. Google Threat Analysis Group attributed the campaign to Magniber ransomware group. Microsoft issued a patch in its March dump of fixes.
Microsoft's March dump of patches fixes two actively exploited zero-day vulnerabilities, including a critical issue in Outlook that Russian threat actor APT28 has used to target European companies. The vulnerability can be exploited before a user views the email in the Preview Pane.
U.S. cybersecurity officials on Thursday issued an alert about a 4-year-old software vulnerability that has been exploited by hackers, including one APT group, in a federal civilian agency. Users are advised to immediately apply the software patch to the Progress Telerik UI for ASP.NET AJAX.
Cybersecurity software giant Rubrik has joined the ranks of organizations that fell victim to attackers who have been exploiting a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT. The Clop ransomware gang claims to have exploited at least 130 victims.
Eset researchers discovered the first in-the-wild bootkit malware, BlackLotus, bypassing security and booting up on fully up-to-date Windows 11 systems. Researchers found the Unified Extensible Firmware Interface bootkit in 2022, being sold on hacking forums for $5,000.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.
Intel 471 has promoted second-in-command Jason Passwaters to CEO and tasked him with onboarding less-mature security organizations for narrower use cases. The company plans to land more threat intelligence customers by focusing on areas such as vulnerability management and patch prioritization.
Vulnerability management and patching are major OT security challenges for security practitioners, says Alexander Antukh, CISO at AboitizPower, a leading provider of renewable energy in the Philippines. He advises fixing critical vulnerabilities first and creating a road map for better security.
Attackers are continuing to target unpatched VMware hosts to infect them with ESXiArgs and RansomExx2 crypto-locking malware and hold them to ransom. VMware urges immediate updating, saying that the attacks don't appear to be targeting zero-day vulnerabilities but rather long-patched flaws.