High-risk ConnectWise Automate vulnerability fixed, admins urged to patch ASAP

ConnectWise has fixed a vulnerability in ConnectWise Automate, a popular remote monitoring and management tool, which could allow attackers to compromise confidential data or other processing resources. The severity of the vulnerability is merely “important”, as its exploitation requires additional access and/or privilege, but ConnectWise recommends administrators of on-premise instances to patch as soon as […]

Continue Reading

1,900 Signal users exposed following Twilio breach

The attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal. “Among the 1,900 phone numbers, the attacker explicitly searched for three numbers, and we’ve received a report from one of those three users that their account was re-registered,” […]

Continue Reading

Vulnerabilities in popular GPS tracker could allow hackers to remotely stop cars

Six vulnerabilities in the MiCODUS MV720 GPS tracker that’s used by organizations around the world to manage and protect vehicle fleets could be exploited by attackers to remotely cut fuel to or abruptly stop vehicles. “Attackers could choose to surreptitiously track individuals or demand ransom payments to return disabled vehicles to working condition,” BitSight researchers […]

Continue Reading

Attackers are using deepfakes to snag remote IT jobs

Malicious individuals are using stolen personally identifiable information (PII) and voice and video deepfakes to try to land remote IT, programming, database and software-related jobs, the FBI has warned last week. The increasing malicious use of deepfakes Deepfakes are synthetic media – images, audio recordings, videos – that make it look like a person has […]

Continue Reading

Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)

Cyber crooks have begun exploiting CVE-2022-22954, a RCE vulnerability in VMware Workspace ONE Access and Identity Manager, to deliver cryptominers onto vulnerable systems. About CVE-2022-22954 CVE-2022-22954 is, in effect, a server-side template injection vulnerability that can be triggered by a malicious actor with network access to achieve remote code execution. It was reported to VMware […]

Continue Reading

Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit module. Vulnerabilities of note CVE-2022-24521 is a vulnerability in the Windows Common Log File System Driver that was reported to Microsoft […]

Continue Reading