The Hacker News Daily Updates

"Iran Government entities under attack by new wave of BackdoorDiplomacy attacks."

Views expressed in the cybersecurity, cybercrime, cyber espionage update are those of the reporters and correspondents.  Accessed on 18 January 2023, 1436 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGrcFgJrtgLDmKnfbxWBDWkVVCT

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates

Industrial Cybersecurity Pulse Protecting Critical Infrastructure eBook Featured articles in this eBook include stories on how a desert water authority added new tech to shore up its systems, whether government regulations are helping keep critical infrastructure safe and how to protect the power grid through cyber-physical threat response. Download Now Sponsored

LATEST NEWS Jan 18, 2023

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late December 2022. Palo Alto Networks Unit 42, which is tracking the activity under its constellation-themed moniker Playful Taurus, said it observed the government domains attempting to connect to malware infrastructure previously identified as ... Read More

Guide: How MSSPs and vCISOs can extend their services into compliance readiness without increasing cost Compliance services are emerging as one of the hottest areas of cybersecurity.  While compliance used to be mainly the province of large enterprises, times have changed, and it is now a day-to-day concern for a growing number of small and medium businesses.  Even when these organizations are not regulated, SMEs often aim to follow compliance and/or security frameworks either for their own ... Read More

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be weaponized to achieve remote code execution. The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass and impact Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035. "The ... Read More

Git Users Urged to Update Software to Prevent Remote Code Execution Attacks The maintainers of the Git source code version control system have released updates to remediate two critical vulnerabilities that could be exploited by a malicious actor to achieve remote code execution. The flaws, tracked as CVE-2022-23521 and CVE-2022-41903, impacts the following versions of Git: v2.30.6, v2.31.5, v2.32.4, v2.33.5, v2.34.5, v2.35.5, v2.36.3, v2.37.4, v2.38.2, and ... Read More

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via a path traversal flaw (CVE-2022-45092, CVSS score: ... Read More

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins, have since been ... Read More

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems. GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and commit changes to a given codebase from a web browser or via an integration in Visual Studio Code. It also comes with a ... Read More

4 Places to Supercharge Your SOC with Automation It's no secret that the job of SOC teams continues to become increasingly difficult. Increased volume and sophistication of attacks are plaguing under-resourced teams with false positives and analyst burnout. However, like many other industries, cybersecurity is now beginning to lean on and benefit from advancements in automation to not only maintain the status quo, but to attain better ... Read More

Industrial Cybersecurity Pulse Protecting Critical Infrastructure eBook Featured articles in this eBook include stories on how a desert water authority added new tech to shore up its systems, whether government regulations are helping keep critical infrastructure safe and how to protect the power grid through cyber-physical threat response. Download Now Sponsored