Amazon Web Services (AWS) has launched an ambitious initiative to fix one million vulnerabilities and, as a result, reduce technical debt by over $100 million. The cloud giant’s principal evangelist, Martin Beeby, said its new AWS BugBust would take the idea of a bug bash to a new level. “AWS BugBust allows you to create and manage private events that will transform and gamify the process of finding and fixing bugs in your software. It…

Security researchers have warned that at least 30 million Dell computers may be at risk after discovering multiple vulnerabilities that could allow attackers to execute arbitrary code within the machines’ BIOS. Security vendor Eclypsium said 129 Dell models were affected by the chain of four bugs, which have a cumulative CVSS score of 8.4 (high). “These vulnerabilities enable an attacker to remotely execute code in the pre-boot environment. Such code may alter the initial state of…

A misconfigured cloud database exposed over 800 million records linked to WordPress users before its owner was notified, according to Website Planet. Security researcher Jeremiah Fowler explained that the trove was left online with no password protection by US hosting provider DreamHost. The 814 million records he found were traced back to the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In the 86GB database, there was purportedly admin and…

DarkRadiation is a new strain of ransomware implemented in Bash that targets Linux and Docker cloud containers and leverages Telegram for C2. Trend Micro researchers spotted a new strain of ransomware, dubbed DarkRadiation, which is writted in Bash script and target Linux distributions (Red Hat/CentOS and Debian) and Docker cloud containers. The ransomware uses OpenSSL’s AES algorithm with CBC mode to encrypt files and leverages Telegram’s API for C2 communications. The ransomware appends radioactive symbols…