Category: News

From bleepingcomputer.com

Microsoft says the emergency security updates released at the start of the week correctly patch the PrintNightmare Print Spooler vulnerability for all supported Windows versions and urges users to start applying the updates as soon as possible.

This clarified guidance comes after security researchers tagged the patches as incomplete after finding that the OOB security updates could be bypassed in specific scenarios.

“Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare,” the Microsoft Security Response Center explains.

“All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration.”

Read more…

From 2-spyware.com

Wwka ransomware is an infection targeting Windows OS users around the world. When it infects your computer, all personal files are encrypted with the RSA-2048 coding algorithm and are rendered useless until a specific decryption software is used to unlock them.

Within the presented ransom note (_readme.txt), the ransomware developers are trying to convince you that the only way to recover those files is by purchasing their decryption tool. Please don’t believe the cybercriminals as there might be other methods to regain access to your files.

Read more…

From helpnetsecurity.com

There’s been lots of excitement around the recently announced print spooler vulnerability CVE-2021-34527, commonly referred to as PrintNightmare. The excitement stems from the fact that this vulnerability has a CVSS score of 8.8, is present in ALL Windows operating systems, has been publicly disclosed with known exploits, and allows an attacker to easily execute remote code with system privileges. This vulnerability comes from functionality that allows users to install printer drivers on their systems.

Read more…

From helpnetsecurity.com

Cisco released security patches for high severity vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users to privilege escalation attacks.

The IT giant fixed two flaws (CVE-2021-1574, CVE-2021-1576) in Business Process Automation (BPA), an authenticated attacker could remotely exploit them to elevate their privileges to Administrator. Both issues resides in the web-based management interface of Business Process Automation (BPA), they received a CVSS score of 8.8. 

Read more…

From www.theregister.com

Dan Abramov, a software engineer at Facebook, this week published a plea to silence a particularly vocal JavaScript security tool – and its creators more or less agreed there’s room for improvement.

“As of today, npm audit is a stain on the entire npm ecosystem,” Abramov declared in a blog post. “The best time to fix it was before rolling it out as a default. The next best time to fix it is now.”

According to Abramov, 99 per cent of the vulnerabilities flagged by the command are false alarms in common usage scenarios. And this appears to be a fairly widespread sentiment among npm users.

Read more…

From securitymagazine.com

As companies emerge from the pandemic, and 40% of employees are planning to switch jobs1, corporate data is at risk. Files are being uploaded, shared, synced and emailed by employees as a normal course of everyday business or as they prepare for their next role with different organizations. The very same technologies that enable the free flow of data in an organization are also the ones that make it easy for insiders to exfiltrate data. According to a recent study conducted by Aberdeen and commissioned by Code42, data breaches from insiders can cost as much as 20% of annual revenue. Perhaps just as important, the study showcased that at least one in three reported data breaches involve an insider. Both accidental and malicious Insider Risk can cost businesses material portions of revenue on an ongoing annual basis.

Read more…

From securitymagazine.com

BetterCloud released “Data Security Report 2021: Top Risks in File Security.” BetterCloud surveyed more than 500 IT and security professionals—and examined internal BetterCloud data from thousands of organizations and users—to understand their top challenges, priorities, and the magnitude of data loss and sensitive information leaks.

“Last year, remote work became widespread, speeding digital transformation and SaaS adoption. With it came more collaboration, file sharing and an overall boost in productivity—which employees and businesses have embraced,” said David Politis, CEO, BetterCloud. “But it’s also brought about a host of new SaaS file security requirements and challenges due to the surge in remote access to networks and business data. Our findings clearly show this is a growing concern, but they also show companies aren’t investing enough in SaaS file security—thus increasing the risk for potential incidents, whether intentional or unintentional.”

Read more…