CVE-2021-34464 and CVE-2021-34522 | Microsoft Defender Remote Code Execution Vulnerability CVE-2021-34464 and CVE-2021-34522 are RCE vulnerabilities in the Microsoft Malware Protection Engine. Both of these vulnerabilities received CVSSv3 scores of 7.8 and are rated as “Exploitation Less Likely,” but we chose to highlight them due to in-the-wild exploitation of a similar flaw, CVE-2021-1647, in January. While CVE-2021-1647 was a zero-day, the ubiquity of Microsoft Defender makes this a noteworthy vulnerability. Fortunately, Microsoft Defender…

  Greetings to our PCI SSC stakeholder community! With 2021 half done, I wanted to take this opportunity to share with you what the PCI Security Standards Council (PCI SSC) is doing to assist the industry as we continue to navigate the changes brought on by the pandemic. The current phase is a hybrid of old and new, and defined by rapid changes including re-openings and continued, or returning, lockdowns.

Kaseya has released a security update to address the VSA zero-day vulnerabilities exploited by REvil gang in the massive ransomware supply chain attack. Software vendor Kaseya has released a security update to fix the zero-day vulnerabilities in its VSA software that were exploited by the REvil ransomware gang in the massive ransomware supply chain attack. The company announced last week that fewer than 60 of its customers and less than 1,500 businesses have been impacted…

Cyber News reports that this is the third time in four months that member information has shown up on a hacker forum. Image: iStock/iBrave A data set including information from 600 million LinkedIn users showed up for sale on a hacker forum this week. That’s the third time in four months that scraped data from the networking site has been offered up for sale, according to a report from Cyber News.  The data is all…

Guest post by Liran Tal, Snyk Director of Developer Advocacy  Docker is totalling up to more than 318 billion downloads of container images. With millions of applications available on Docker Hub, container-based applications are popular and make an easy way to consume and publish applications. That being said, the naive way of building your own Docker Node.js web applications may come with many security risks. So, how do we make security an essential part of…

WASHINGTON – A notorious group of hackers tied to Iran’s Islamic Revolutionary Guard Corps has waged a covert campaign targeting university professors and other experts based in the U.K. and the U.S. in an attempt to steal their sensitive information, according to research by the cybersecurity firm Proofpoint.    The group, known as TA453 and Charming Kitten, has been masquerading as British scholars at the University of London’s School of Oriental and African Studies (SOAS)…

Image: Sobhan Farajvan/Pacific Press/LightRocket via Getty Images Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet. Iranian hackers with links to the country’s Islamic Revolutionary Guard Corps impersonated two academics in an attempt to hack journalists, think tank analysts, and other academics, according to a new report. In early 2021, the hackers—dubbed inside the industry as Charming Kitten or TA453—sent emails to targets pretending to be Dr. Hanns Bjoern…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Data Theft, Malicious Apps, Middle East, Phishing, Targeted Campaigns, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats…