Cloud and Libraries - Information Management Today

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

Security Affairs

DECEMBER 10, 2021

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell ), in the Apache Log4j Java-based logging library.

Libraries

Libraries IT Cloud Data breaches

Ivanti Cloud Service Appliance flaw is being actively exploited in the wild

Security Affairs

SEPTEMBER 14, 2024

Ivanti warned that recently patched flaw CVE-2024-8190 in Cloud Service Appliance (CSA) is being actively exploited in the wild. Ivanti warned that a newly patched vulnerability, tracked as CVE-2024-8190 (CVSS score of 7.2), in its Cloud Service Appliance (CSA) is being actively exploited. to address the vulnerability.

Cloud

Cloud Libraries Authentication Cybersecurity

U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 14, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Cloud Services Appliance OS Command Injection Vulnerability CVE-2024-8190 (CVSS score of 7.2)

Cloud

Cloud IT Libraries Cybersecurity

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw

Security Affairs

SEPTEMBER 19, 2024

Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. is End-of-Life , and no longer receives updates for OS or third-party libraries. The vulnerability is a path traversal security issue. . ” The company note that CSA 4.6

Cloud

Cloud Authentication Libraries Access

New Study: 2018 State of Embedded Analytics Report

Why do some embedded analytics projects succeed while others fail? We surveyed 500+ application teams embedding analytics to find out which analytics features actually move the needle. Read the 6th annual State of Embedded Analytics Report to discover new best practices. Brought to you by Logi Analytics.

Analytics

U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 20, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Cloud Services Appliance a path traversal vulnerability CVE-2024-8190 (CVSS score of 9.4) added the company.

Cloud

Cloud IT Authentication Cybersecurity

Feedify cloud service architecture compromised by MageCart crime gang

Security Affairs

SEPTEMBER 16, 2018

MageCart cyber gang compromised the cloud service firm Feedify and stole payment card data from customers of hundreds of e-commerce sites. MageCart crime gang appears very active in this period, payment card data from customers of hundreds of e-commerce websites may have been stolen due to the compromise of the cloud service firm Feedify.

Cloud

Cloud Libraries Access Security

VMware fixes critical RCE in VMware Cloud Foundation

Security Affairs

OCTOBER 26, 2022

VMware addressed a critical remote code execution vulnerability in VMware Cloud Foundation tracked as CVE-2021-39144. VMware has released security updates to address a critical vulnerability, tracked as CVE-2021-39144 (CVSSv3 9.8), in VMware Cloud Foundation. appliances on VMware Cloud Foundation 3.x. Apply the NSX-v 6.4.14

Cloud

Cloud Libraries Security IT

Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform

Security Affairs

JULY 4, 2024

Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including four high-severity flaws. “In Splunk Enterprise versions below 9.0.10, 9.1.5, and 9.2.2,

Cloud

Cloud Analytics Libraries Authentication

Kalay cloud platform flaw exposes millions of IoT devices to hack

Security Affairs

AUGUST 17, 2021

FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks. ” ThroughTek, the company that developed the cloud IoT platform, has released SDK updates to address the flaw. The company recommends its customers to enable AuthKey and DTLS.

IoT

IoT Cloud Libraries Access

New Raccoon Stealer uses Google Cloud Services to evade detection

Security Affairs

APRIL 1, 2020

Researchers found a piece of Raccoon Stealer that abuse of Google Cloud Services and leverages multiple delivery techniques. “Finally, it downloads FoxMail-like components from /gate/libs.zip and a SQLite library for parsing the browser database from hxxp://{IP}/gate/sqlite3.dll.” Pierluigi Paganini.

Cloud

Cloud Sales Libraries Phishing

CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities Catalog

Security Affairs

MARCH 11, 2023

US CISA added an actively exploited vulnerability in VMware’s Cloud Foundation to its Known Exploited Vulnerabilities Catalog. Due to an unauthenticated endpoint that leverages XStream for input serialization in VMware Cloud Foundation (NSX-V), a malicious actor can get remote code execution in the context of ‘root’ on the appliance.”

Cloud

Cloud Libraries Cybersecurity Risk

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

The new malware implement new and improved rootkit and worm capabilities, it continues to target cloud applications by exploiting known vulnerabilities such as Oracle WebLogic ( CVE-2017-10271 ) and Apache ActiveMQ ( CVE-2016-3088 ) servers. “Pro-Ocean uses known vulnerabilities to target cloud applications.

Cloud

Cloud Libraries Mining IT

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. gopsutil – a process utility library, used for system and processes monitoring. “The spre. ssh/config,bash_history, /.ssh/known_hosts,

Mining

Mining Libraries Cloud Communications

EastWind campaign targets Russian organizations with sophisticated backdoors

Security Affairs

AUGUST 12, 2024

. “Attackers use the classic DLL sideloading technique: when the desktop.exe file is launched, the malicious VERSION.dll library is loaded into the corresponding process” reads the report published by Kaspersky. “This library is a backdoor packed with the VMProtect tool.

Libraries

Libraries Encryption Cloud Archiving

A high-severity flaw affects VMware Workstation, Fusion and vSphere products.

Security Affairs

JUNE 10, 2020

The CVE-2020-3960 flaw was discovered by Cfir Cohen, a researcher from Google’s cloud security team. “VMware Horizon Client for Windows contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. ” reads the advisory. .

Cloud

Cloud Libraries Access Authentication

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Security Affairs

JUNE 17, 2022

Experts discovered a feature in Microsoft 365 suite that could be abused to encrypt files stored on SharePoint and OneDrive and target cloud infrastructure. This step is unique to cloud ransomware compared to the attack chain for endpoint-based ransomware. The versioning settings are under list settings for each document library. .

Libraries

Libraries Encryption Ransomware Cloud

INFRA:HALT flaws impact OT devices from hundreds of vendors

Security Affairs

AUGUST 4, 2021

IN FRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors. ” Forescout Device Cloud. Forescout Device Cloud is a repository of information of 13+ million devices monitored by Forescout appliances.

Manufacturing

Manufacturing Libraries Cloud Security

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Security Affairs

DECEMBER 12, 2021

Quebec shut down nearly 4,000 of its sites in response to the discovery of the Log4Shell flaw in the Apache Log4j Java-based logging library. Quebec shut down nearly 4,000 of its sites as a preventative measure after the disclosure of a PoC exploit for the Log4Shell flaw ( CVE-2021-44228 ) in the Apache Log4j Java-based logging library.

Libraries

Libraries Digital transformation Education Government

Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE

Security Affairs

DECEMBER 11, 2021

Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 ( aka Log4Shell ), in the Apache Log4j Java-based logging library. The Log4j is widely used by both enterprise apps and cloud services, including Apple iCloud and Steam.

Libraries

Libraries Cloud Access Cybersecurity

Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities

Security Affairs

MARCH 8, 2022

Below is the complete list of vulnerabilities addressed by Microsoft: Tag CVE ID CVE Title Severity.NET and Visual Studio CVE-2022-24512.NET NET and Visual Studio Remote Code Execution Vulnerability Important.NET and Visual Studio CVE-2022-24464.NET

Libraries

Libraries IoT Security Cloud

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

JULY 29, 2020

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. It has been active for at least two years.”

Blockchain

Blockchain Mining Cloud Communications

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 1, 2023

Skia is an open-source 2D graphics library that provides common APIs that work across a variety of hardware and software platforms. CVE-2023-49103 – The vulnerability resides in the Graphapi app, which relies on a third-party GetPhpInfo.php library that provides a URL.

IT

IT Libraries Cybersecurity Passwords

VMware warns of the public availability of CVE-2021-39144 exploit code

Security Affairs

OCTOBER 31, 2022

The remote code execution vulnerability resides in the XStream open-source library. Due to an unauthenticated endpoint that leverages XStream for input serialization in VMware Cloud Foundation (NSX-V), a malicious actor can get remote code execution in the context of ‘root’ on the appliance.” appliances on Cloud Foundation 3.x.

Libraries

Libraries Cloud Security IT

Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws

Security Affairs

NOVEMBER 14, 2023

Three of these vulnerabilities are actively exploited in attacks in the wild: – CVE-2023-36033 – Windows DWM Core Library Elevation of Privilege Vulnerability An attacker can trigger this vulnerability to elevate privileges through the Windows Desktop Manager (DWM). ” reads the post published by ZDI.

Security

Security Cloud Libraries Phishing

Accelerate growth with Cloud Editions (CE) 25.1

OpenText Information Management

FEBRUARY 4, 2025

As I step into my second week as Chief Product Officer, Im thrilled to see the incredible innovation driving Cloud Editions 25.1. The latest Cloud Editions (CE) 25.1, OpenText continues to lead through the seamless integration of cloud, security, and AI technologies. 2025 marks a turning point in shaping the future of business.

Cloud

Cloud IoT Digital transformation Metadata

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

Security Affairs

SEPTEMBER 1, 2022

Researchers from Broadcom Symantec’s Threat Hunter team discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials that allowed access to private cloud services. “Over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services.”

Cloud

Cloud Authentication B2B Libraries

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

Don’t look now but cryptojacking may be about to metastasize into the scourge of cloud services. Then a JavaScript library called Coinhive came along that enabled people to embed mining code on their websites. Bilogorskiy: That’s been happening a lot, especially with companies moving their computing into the cloud.

Mining

Mining Cloud Ransomware Passwords

Microsoft 365 Research Highlights Cloud Vulnerabilities

eSecurity Planet

JUNE 21, 2022

In a sequence that suggests cloud services may be more vulnerable than many think, Proofpoint researchers have demonstrated how hackers could take over Microsoft 365 accounts to ransom files stored on SharePoint and OneDrive. You can limit the document library version, making the oldest versions almost impossible to restore.

Cloud

Cloud Ransomware Libraries Phishing

Aqua CEO on Why Cloud-Native Apps Need Supply Chain Security

Data Breach Today

DECEMBER 6, 2022

Aqua's Dror Davidoff Shares How Open-Source Repositories Create Risk for Cloud Apps Software has increasingly relied on components developed by third parties or from open-source libraries, which Aqua Security CEO Dror Davidoff says injects additional risk.

Cloud

Cloud Libraries Security Risk

Free Download Manager backdoored to serve Linux malware for more than 3 years

Security Affairs

SEPTEMBER 14, 2023

The executable is a backdoor that accesses the Linux API and invokes syscalls using the statically linked dietlibc library. The crond backdoor creates a reverse shell. The researchers revealed that attackers deployed a Bash stealer on the infected system. ” continues the report. org) is hosted on the files2.freedownloadmanager[.]org

Cloud

Cloud Libraries Passwords IT

Threat actors started exploiting critical ownCloud flaw CVE-2023-49103

Security Affairs

NOVEMBER 28, 2023

It allows individuals and organizations to create their own private cloud storage services, giving them control over their data while facilitating collaboration and file access across multiple devices. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).

Cybersecurity

Cybersecurity Libraries Passwords Access

Microsoft Patch Tuesday, December 2021 Edition

Krebs on Security

DECEMBER 14, 2021

But this month’s Patch Tuesday is overshadowed by the “ Log4Shell ” 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw. Log4Shell is the name picked for a critical flaw disclosed Dec.

Libraries

Libraries Cybersecurity Data breaches Cloud

China-linked GIMMICK implant now targets macOS?

Security Affairs

MARCH 23, 2022

Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across Asia. The experts attribute the intrusion to a China-linked APT group tracked as Storm Cloud, which is known to target organizations across Asia. ” reads the analysis published by Volexity.

Cloud

Cloud Libraries IT Access

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Security Affairs

FEBRUARY 16, 2021

The initial stage of these trojans is generally the execution of a dropper in a form of a VBS, JScript, or MSI file that downloads from the Cloud (AWS, Google, etc.) For this, Cloud services are often used by crooks including Google, S3 Buckets from AWS, and MediaFire file sharing service. the trojan loader/injector.

Libraries

Libraries Communications Phishing Encryption

Malicious Clicker apps in Google Play have 20M+ installs

Security Affairs

OCTOBER 24, 2022

After the configuration is downloaded, it registers the FCM (Firebase Cloud Messaging) listener to receive push messages. . “Once the application is opened, it downloads its remote configuration by executing an HTTP request. At first glance, it seems like well-made android software. ” continues the report.

Libraries

Libraries Personal data Cloud Security

Win the experience economy with Titanium X for OpenText Experience Cloud

OpenText Information Management

MARCH 31, 2025

OpenText Experience Cloud continues to drive innovation, empowering organizations to create frictionless and data-driven engagements. Thats where OpenText Experience Aviator steps in, revolutionizing content creation and customer engagement by integrating advanced generative AI across OpenText Experience Cloud solutions. Why upgrade?

Cloud

Cloud Customer Experience Communications CMS

Achieving cloud excellence and efficiency with cloud maturity models

IBM Big Data Hub

MAY 17, 2024

Business leaders worldwide are asking their teams the same question: “Are we using the cloud effectively?” ” This quandary often comes with an accompanying worry: “Are we spending too much money on cloud computing?” Why move to cloud? CMMs are a great tool for this assessment.

Cloud

Cloud Digital transformation Security IT

Silver Sparrow, a new malware infects Mac systems using Apple M1 chip

Security Affairs

FEBRUARY 20, 2021

The command and control infrastructure is hosted on the Amazon Web Services S3 cloud platform, while callback domains for this activity cluster leveraged domains hosted through Akamai CDN. This implies that the adversary likely understands cloud infrastructure and its benefits over a single server or non-resilient system.

Cloud

Cloud Libraries IT Ransomware

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Security Affairs

SEPTEMBER 16, 2024

The archives are disseminated in cloud-sharing websites, Discord servers, and online libraries, and other means. In the group’s attack chain, Void Banshee attempts to trick victims into opening zip archives containing malicious files disguised as book PDFs. The APT group focuses on North America, Europe, and Southeast Asia.

Archiving

Archiving File names Libraries Passwords

Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

Security Affairs

JUNE 22, 2021

DarkRadiation is a new strain of ransomware implemented in Bash that targets Linux and Docker cloud containers and leverages Telegram for C2. Trend Micro researchers spotted a new strain of ransomware, dubbed DarkRadiation, which is writted in Bash script and target Linux distributions (Red Hat/CentOS and Debian) and Docker cloud containers.

Ransomware

Ransomware Encryption Passwords Cloud

New enhanced Joker Malware samples appear in the threat landscape

Security Affairs

JULY 16, 2021

The image are hosted on legit cloud file hosting services and the malware uses a combination of native libraries to decrypt the offline payload from the APK’s assets or connect to C&C for the payload. dex file as before. The payload is hidden inside an image using steganography to evade scanner detection.

Encryption

Encryption Libraries Cloud Security

[Podcast] Tips for Staying Cyber-Safe While Working from Home

AIIM

JUNE 11, 2020

And finally, on this episode, hear an AIIM member case study of how Laserfiche helped Mille Lacs Corporate Ventures migrate their contract management process to the cloud. Click here to access our full library of episodes. Click here to check out this episode. Want more episodes like this?

Libraries

Libraries Cybersecurity Ransomware Cloud

Vulnerability Recap 11/4/24 – Fourteen-Year Bug Finally Gets Patched

eSecurity Planet

NOVEMBER 4, 2024

We’re looking at cloud credential theft (not good) and a big win for early vulnerability fixes (better) this week, as well as critical Mitsubishi Electric and Rockwell Automation bugs that could affect industrial control environments. They’ve stolen over 10,000 cloud credentials thus far, Sysdig reports.

Cloud

Cloud Honeypots Authentication Manufacturing

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

Ivanti Cloud Service Appliance flaw is being actively exploited in the wild

Webinars

Trending Sources

U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Webinars

Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw

New Study: 2018 State of Embedded Analytics Report

U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

Feedify cloud service architecture compromised by MageCart crime gang

VMware fixes critical RCE in VMware Cloud Foundation

Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform

Kalay cloud platform flaw exposes millions of IoT devices to hack

New Raccoon Stealer uses Google Cloud Services to evade detection

CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities Catalog

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

EastWind campaign targets Russian organizations with sophisticated backdoors

A high-severity flaw affects VMware Workstation, Fusion and vSphere products.

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

INFRA:HALT flaws impact OT devices from hundreds of vendors

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE

Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities

Doki, an undetectable Linux backdoor targets Docker Servers

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

VMware warns of the public availability of CVE-2021-39144 exploit code

Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws

Accelerate growth with Cloud Editions (CE) 25.1

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

Microsoft 365 Research Highlights Cloud Vulnerabilities

Aqua CEO on Why Cloud-Native Apps Need Supply Chain Security

Free Download Manager backdoored to serve Linux malware for more than 3 years

Threat actors started exploiting critical ownCloud flaw CVE-2023-49103

Microsoft Patch Tuesday, December 2021 Edition

China-linked GIMMICK implant now targets macOS?

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Malicious Clicker apps in Google Play have 20M+ installs

Win the experience economy with Titanium X for OpenText Experience Cloud

Achieving cloud excellence and efficiency with cloud maturity models

Silver Sparrow, a new malware infects Mac systems using Apple M1 chip

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

New enhanced Joker Malware samples appear in the threat landscape

[Podcast] Tips for Staying Cyber-Safe While Working from Home

Vulnerability Recap 11/4/24 – Fourteen-Year Bug Finally Gets Patched

Stay Connected