Last week, there were 117 vulnerabilities disclosed in WordPress based software that have been added to the Wordfence Intelligence Vulnerability Database, and there were 30 Vulnerability Researchers that contributed to WordPress Security. The most common vulnerability disclosed was Cross-Site Request Forgery. You can find all the vulnerabilities that have been added, along with statistics on the vulnerabilities that were disclosed, published on our blog here.
03/13/2023 08:00 AM EDT
Today, CISA is announcing the creation of the Ransomware Vulnerability Warning Pilot (RVWP). Through the RVWP, CISA:
- Proactively identifies information systems—belonging to critical infrastructure entities—that contain vulnerabilities commonly associated with ransomware intrusions.
- Notifies the owners of the affected information systems, which enables the owners to mitigate the vulnerabilities before damaging intrusions occur.
Review the RVWP webpage for details, including information on the authorities and services CISA leverages to enable RVWP notifications.
Linux doesn’t BSoD. It has oopses and panics instead. (We show you how to make a kernel module to explore further.)
The March security updates for Android include fixes for two critical remote code execution (RCE) vulnerabilities. Update as soon as you can!
Morphisec has reported that an advanced information stealer malware dubbed SYS01 is aimed at stealing access to Facebook business accounts and Chromium-based browsers’ credentials.
A new malware dubbed HiatusRAT infects routers to spy on its targets, mostly in Europe and in the U.S. Learn which router models are primarily targeted and how to protect from this security threat.
Thanks to Meta LLaMA, AI text models may have their “Stable Diffusion moment.”
03/16/2023 08:00 AM EDT
The Federal Bureau of Investigation (FBI), CISA, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) has released a joint cybersecurity advisory (CSA), #StopRansomware: LockBit 3.0. This joint advisory details known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) that FBI investigations correlated with LockBit 3.0 ransomware as recently as March 2023. LockBit 3.0 functions as an affiliate-based ransomware variant and is a continuation of LockBit 2.0 and LockBit.
CISA encourages network defenders to review and apply the recommendations in the Mitigations section of this CSA. See StopRansomware.gov for additional guidance on ransomware protection, detection, and response.
Copilot, a natural language bot that can pull from data across the Microsoft 365 suite, is now in testing with select commercial customers.
03/15/2023 08:00 AM ED
The Water Information Sharing and Analysis Center (WaterISAC) has released an advisory, Potential for Mandatory Microsoft DCOM Patch to Disrupt SCADA. ICS/OT/SCADA engineers and operators should assess the use of the Distributed Component Object Model (DCOM) protocol in their industrial environments. According to WaterISAC, “failure to address could result in loss of critical communications between impacted ICS/OT/SCADA devices.”
CISA urges operators to review the WaterISAC advisory and apply recommended compensating controls. See Microsoft KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414) for more information.