The Hacker News Daily Updates

Technical details released for "SynLapse" RCE vulnerability in Microsoft Azure.

Views expressed in this cybersecurity-cyber crime update are those of the reporters and correspondents.

Accessed on 14 June 2022, 1903 UTC.

Content supplied by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGpGTHKfMlCRDgpcrNpWBkPpnNr

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.net

https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, and information security)

The Hacker News Daily Updates

Why Kubernetes Security Is Mission-Critical Learn Kubernetes security best practices, including zero trust principles and a model of how to meet NSA Kubernetes hardening guidelines. Download Now Sponsored

LATEST NEWS Jun 14, 2022

Technical Details Released for 'SynLapse' RCE Vulnerability Reported in Microsoft Azure Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The latest safeguards include moving the shared integration runtimes ... Read More

Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens An unpatched security issue in the Travis CI API has left tens of thousands of developers' user tokens exposed to potential attacks, effectively allowing threat actors to breach cloud infrastructures, make unauthorized code changes, and initiate supply chain attacks. "More than 770 million logs of ... Read More

Free eBook: Understanding Databases Deploy High-Performance Database Clusters in Modern Applications. Develop a high-level understanding of industry-standard databases, the design of database architectures, and different deployment methods in the cloud. Download instantly -- no registration required. Download ... Read More

New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using "Magic Packets" A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet. "The Syslogk rootkit is heavily based on Adore-Ng but incorporates new ... Read More

Researchers Detail PureCrypter Loader Cyber Criminals Using to Distribute Malware Cybersecurity researchers have detailed the workings of a fully-featured malware loader dubbed PureCrypter that's being purchased by cyber criminals to deliver remote access trojans (RATs) and information stealers. "The loader is a .NET executable obfuscated with SmartAssembly and makes use of ... Read More

Why Kubernetes Security Is Mission-Critical Learn Kubernetes security best practices, including zero trust principles and a model of how to meet NSA Kubernetes hardening guidelines. Download Now Sponsored