Elastic, the company behind Elasticsearch and the Elastic Stack, announced the arrival of Elastic SIEM. The initial launch of Elastic SIEM introduces a new set of data integrations for security use cases, and a new dedicated app in Kibana that lets security practitioners investigate and triage common host and network security workflows in a more streamlined way.
Maintainers of the world’s most popular open source media player, VLC, has issued the biggest single set of security fixes in the program’s history.
The Prince of Darkness is now wreaking havoc on computers running Windows. Like other ransomware, hackers gain control of computers and servers and won’t release them until a ransom is paid. Experts discovered the new malicious ransomware, dubbed LooCipher, as services in various cities have been paralyzed by other ransomware programs.
Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Akamai researcher Larry Cashdollar discovered a new piece of the Silex malware that is bricking thousands of devices, over 2,000 devices have been bricked in a few hours and the expert is continuing to see new infections.
AWS Security Hub gives customers a central place to manage security and compliance across an AWS environment. It aggregates, organizes, and prioritizes security alerts – called findings – from AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, and from a large and growing list of AWS Partner Network (APN) solutions.
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 14 and June 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.
by Moony Li and Lilang Wu (Threats Analysts) We discovered a double free vulnerability (assigned as CVE-2019-8635 ) in macOS. The vulnerability is caused by a memory corruption flaw in the AMD component. If successfully exploited, an attacker can implement privilege escalation and execute malicious code on the system with root privileges.
Dell’s SupportAssist utility that comes pre-installed on millions of Dell laptops and PCs contains a security vulnerability that could allow malicious software or rogue logged-in users to escalate their privileges to administrator-level and access sensitive information.
Mozilla on Thursday patched a second zero-day vulnerability in Firefox that has been exploited by malicious actors to deliver Mac malware to cryptocurrency exchanges. read more