US, EU to Ramp Up Chip Making and Raise Pressure on Russia
The United States and the European Union announced on Monday a joint effort to boost microchip manufacturing and tackle Russian disinformation around the war in Ukraine.
‘Sysrv’ Botnet Targeting Recent Spring Cloud Gateway Vulnerability
A new variant of the Sysrv botnet has added a recent Spring Cloud Gateway vulnerability to its exploit portfolio, Microsoft warns.
The Sysrv botnet has been active since at least late 2020, looking to exploit known security bugs in access interfaces in order to compromise Windows and Linux systems and install a Monero cryptominer on them.
SonicWall Patches Unauthorized Access Vulnerability in SMA Appliances
SonicWall has released patches for multiple vulnerabilities in its Secure Mobile Access (SMA) series appliances, including a high-severity issue that could lead to unauthorized access.
CISA Removes Windows Vulnerability From ‘Must-Patch’ List Due to Buggy Update
The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily removed a Windows flaw from its Known Exploited Vulnerabilities Catalog after it was informed by Microsoft that a recent update can cause problems on some types of systems.
Zyxel Firewall Vulnerability Exploitation Attempts Seen One Day After Disclosure
Exploitation attempts targeting a recently disclosed vulnerability affecting Zyxel firewalls started just one day after the flaw’s existence came to light.
Hired ‘Hackers’ Try, and Fail, to Invade Brazil Vote System
More than 20 would-be hackers gathered in the Brazilian electoral authority’s headquarters in the capital this week. Their mission: infiltrate the nation’s voting system ahead of a hotly anticipated race in October.
Iran-Linked OilRig APT Caught Using New Backdoor
The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan’s foreign ministry, according to new research published this week.
Hackers Can Make Siemens Building Automation Controllers ‘Unavailable for Days’
A vulnerability affecting building automation controllers from Siemens can be exploited to disrupt a device for an extended period of time, according to OT and IoT cybersecurity firm Nozomi Networks.
devOcean Emerges From Stealth With Cloud-Native Security Operations Platform
devOcean has emerged from stealth mode with a cloud-native security operations platform and $6 million in funding. The company’s seed round was led by Glilot Capital Partners, with participation from angel investors.
