Azure HDInsight has been identified with multiple Cross-Site Scripting – XSS vulnerabilities related to Stored XSS and Reflected XSS. The severity for these vulnerabilities ranges between 4.5 ( Medium ) and 4.6 ( Medium ).  These vulnerabilities have affected multiple products, including Azure Apache Oozie, Apache Ambari, Jupyter Notebooks, Apache Hadoop, and Apache Hive 2. However, Microsoft fixed these vulnerabilities on their 8th August Security update. Stored XSS As per the reports shared with Cyber Security News, 6 Stored XSS vulnerabilities and 2 Reflected XSS vulnerabilities were discovered, of which 4 of the Stored XSS vulnerabilities existed on the Apache Ambari.  These vulnerabilities were related to YARN Configurations, YARN Queue Manager, Background Operations, and Managed Notifications. All of these vulnerabilities are categorized under CVE-2023-36881 . The other two Stored XSS existed on the Jupyter Notebooks and Apache Woozie, categorized under CVE-2023-35394

Cyber-attacks targeting Meta Business and Facebook accounts are gaining popularity among criminals in Vietnam, according to a new report published by WithSecure. The WithSecure Intelligence team has observed an increasing number of cyber criminal groups targeting these platforms – and they mainly originate and operate from Vietnam. Typically, these adversaries leverage a variety of lure themes (involving names like OpenAI’s ChatGPT, Google’s Bard, popular software such as Notepad++ or even job and advertisement opportunities) shared through email, social media, or similar means to manipulate their victims into infecting themselves with information-stealing malware. Following infection, the malware steals various information, including Facebook session cookies and login credentials, giving the attacker access to the targeted account. Some malware implants can also hijack the accounts and run fraudulent ads automatically via the victim’s machine. Enablers for Other Cybercrimin

The CVE MITRE foundation has released the list of “ On the Cusp ” in which many of the CWEs (Common Weakness Enumerations) have increased as well as decreased in their rankings between 2022 and 2023. CVE releases the top 25 most dangerous software weaknesses which helps organizations to mitigate software security risks. However, exploitable vulnerabilities beyond these top 25 must also be taken into consideration as they also possess a great threat to an organization. 2023 “On the Cusp” As per the analysis from MITRE foundation, between the top 26-40 list of vulnerabilities, three vulnerabilities have increased in their rank when compared to their ranking in 2022, which includes Authorization Bypass Through User-Controlled Key, which moves to rank #38 from rank #56 in 2022. Allocation of Resources Without Limits or Throttling increased its rank from rank #42 in 2022 to rank #29 in 2023. Reachable Assertion also increased in rank from rank #44 in 2022 to rank #26 in 2023. 

According to recent reports, twelve government ministries in Norway have been targeted by cyber-attacks. The most recent attack was aimed at Norway’s public sector, and investigations are currently ongoing. Norway has been Europe’s largest gas supplier after Russia had a drop in the supply. Norway has also become Western Europe’s largest oil exporter. The cyber attack was identified as there was unusual traffic in Norway’s platform which was discovered on July 12. Erik Hope, the head of the government agency and in charge of providing services to the ministries, said, “We identified a weakness in the platform of one of our suppliers and that weakness has now been shut”. Norway Prognosticated in February In February, the Nordic Police Security Agency (PST) was taking necessary precautions for a cyber attack in response to the war between Russia and Ukraine. The PST said, ”Moscow would likely prioritize actions such as illegal gathering of intelligence, theft of information, cyber

Researchers uncovered a new phishing email campaign that employs ChatGPT and Google Bard to launch sophisticated email attacks. Threat actors had started relying on Artificial Intelligence since November 2022, when ChatGPT was released; many reports indicate threat actors using AIs to attack organizations. There have been several attacks based and targeted on Artificial Intelligence recently. However, three main techniques threat actors use AIs have been analyzed.  Credential Phishing Business Email Compromise (BEC) Vendor Fraud To combat such AI-based attacks, AI-based email security platform like Trustif protects your business emails by automatically disabling access to compromised accounts with AI-based account takeover protection. Credential Phishing – Impersonation of Facebook for Phishing Phishing emails have been a significant threat to every organization since most threat actors infiltrate a network using phishing campaigns. Furthermore, threat a

Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware. These malicious exploits are promoted by alleged researchers at a fake cybersecurity company named 'High Sierra Cyber Security,' who promote the GitHub repositories on Twitter, likely to target cybersecurity researchers and firms involved in vulnerability research. The repositories appear legitimate, and the users who maintain them impersonate real security researchers from Rapid7, and other security firms, even using their headshots. The same personas maintain accounts on Twitter to help add legitimacy to their research and the code repositories like GitHub, as well as draw victims from the social media platform. This campaign was discovered by VulnCheck , who reports that it has been underway since at least May 2023, promoting supposed exploits for zero-day flaws in popular so

Stealing cryptocurrencies is a joint event, and a recent addition to this trend is the DoubleFinger loader, which is mainly designed to steal cryptocurrency through multiple stages. This recent addition, the DoubleFinger loader, is identified by the security researchers at Securelist. The first stage of DoubleFinger’s loading process begins when the victim opens a harmful PIF attachment in an email, causing DoubleFinger to be deployed on the targeted machine. In this case, Companies like Trustifi stop advanced email threats That target Your business email with  AI-Powered Email Security . DoubleFinger Stage Analysis Here below, we have mentioned all the DoubleFinger stages:- DoubleFinger stage 1  DoubleFinger stage 2 DoubleFinger stage 3 DoubleFinger stage 4 DoubleFinger stage 5 The “espexe.exe” binary undergoes several modifications during the initial stage, and the DialogFunc is specifically patched to execute a malicious shellcode.  A PNG image from

Ethical hacking entails a legitimate attempt to access a computer system, application, or data without authorization. Ethical hacking tools play a significant role in testing weaknesses in the computer network and applications. It involves copying the tactics and behaviors of malicious attackers to carry out ethical hacking.  This procedure aids in locating security flaws that can be fixed before a malicious attacker can take advantage of them.  To test the system’s defenses, the company that owns the system or network permits ethical hackers to carry out such activities. This means that, in contrast to malicious hacking, the process is organized, approved, and, more importantly, ethical. Investigating the system or network for vulnerabilities that malicious hackers can take advantage of or obliterate is the goal of ethical hackers. By doing this, they can strengthen the security footprint and make it more resistant to attacks or able to deflect them. Wha

Cisco Umbrella is a cloud-based web filtering and security platform. It uses DNS to filter and block access to malicious or inappropriate websites. It provides advanced threat protection, content filtering, and secure web gateway capabilities. Umbrella allows organizations to create custom policies, offers flexible deployment options, and integrates with the Cisco security ecosystem. It helps protect against online threats, enforce web access policies, and enhance security. Features DNS and IP-layer Security : Protects the DNS and IP layers, blocking connections to malicious sites and IPs. Web Filtering:  Implements web content filtering to enforce acceptable use policies and block access to inappropriate or risky websites. Malware and Phishing Protection : Detects and blocks malware infections, including ransomware, and prevents phishing attacks. Secure Internet Gateway: Offers secure internet access for users, regardless of location, by redirecting traffic throu

Perimeter81 offers web filtering solutions as part of its network security platform. These solutions provide organizations with control over internet access by filtering URLs, content, and applications. It includes features like URL filtering, content filtering, malware and phishing protection, application control, reporting, and VPN and network security integration. Perimeter81’s web filtering solutions enable organizations to enhance security, productivity, and compliance by managing and controlling web access effectively. Features Secure Network Access : Provides secure and controlled access to network resources for remote and on-premises users. Zero Trust Architecture : Implements a zero-trust security model, requiring authentication and authorization for every access attempt. Software-Defined Perimeter: Utilizes software-defined networking to create a flexible and scalable security framework. Cloud VPN : Establishes secure connections between remote users a

Web filtering solutions involve monitoring and filtering internet traffic to prevent users from accessing specific websites, applications, or types of content that may be deemed inappropriate, unsafe, or non-compliant with organizational guidelines. In today’s digital era, where Internet access is pervasive and essential for personal and professional purposes, ensuring a secure and productive online environment has become paramount. Web filtering solutions are crucial in managing and controlling internet usage, allowing organizations to safeguard their networks, protect sensitive information, enforce acceptable use policies, and optimize productivity.  Web filtering software is designed to monitor and filter internet traffic, enabling organizations to control access to websites, applications, and content based on predefined rules and policies. These solutions employ various techniques such as URL filtering, keyword filtering, category-based filtering, and content

Network Security tools for Penetration testing is more often used by security industries to test the vulnerabilities in network and applications. Here you can find the Comprehensive Network Security Tools list that covers Performing Penetration testing Operation in all the Environment. Network Security Tools Scanning / Pentesting Vulnerability Manager Plus – It is an integrated threat and vulnerability management solution that secures your enterprise network from exploits by instantly detecting vulnerabilities and remediating them. OpenVAS – OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. Metasploit Framework – one fo the best Network Security Tools for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research. Kali – Kali Linux is a Debian-derived Linux dist