The Hacker News Daily Updates

Iranian hackers exploiting unpatched Log4j 2 bugs to attack Israeli organizations.

Views expressed in this cybersecurity, cybercrime, and cyberespionage update are those of the reporters and correspondents. 

Accessed on 27 August 2022, 1510 UTC.

Content supplied by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGqQJjLMWSSzzVrmGjRPhPNvxfm

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.net

https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, and information security)

The Hacker News Daily Updates

Five Keys to a Secure Work-From-Anywhere Solution As organizations adopt hybrid work, they need to extend security to employees no matter where they may be located. Download Now Sponsored

LATEST NEWS Aug 27, 2022

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability’s long tail for remediation. Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater (aka ... Read More

Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that could lead to the execution of malicious code on vulnerable installations. Tracked as CVE-2022-36804 (CVSS score: 9.9), the issue has been characterized as a command injection vulnerability in ... Read More

Hackers Breach LastPass Developer System to Steal Source Code Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed, ... Read More

Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework Nation-state threat actors are increasingly adopting and integrating the Sliver command-and-control (C2) framework in their intrusion campaigns as a replacement for Cobalt Strike. “Given Cobalt Strike’s popularity as an attack tool, defenses against it have also improved over time,” Microsoft ... Read More

Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative compromise of 9,931 accounts. The activity has been condemned 0ktapus by Group-IB because the initial goal of the ... Read More

Protecting the Endpoint to Work from Anywhere A global ransomware survey showed that 67% of organizations have been a ransomware target. Download Now Sponsored