securityXspace: a blog about cyber-philosophy.

[Free Download] Industry Cyber-Exposure Report: FTSE 250+ Get Started The report reveals that even among very large, mature, and well-resourced organisations, we see evidence of cybersecurity basics being missed or deployed insufficiently. Source: Rapid7 Releases Industry Cyber-Exposure Report: FTSE 250+

US Customs and Border Protection (CBP) officials on Monday said that one of its subcontractors had been breached in a “malicious cyberattack,” exposing images of travelers coming in and out of the country. Less than 100,000 people had their information compromised by the attack, according to a law enforcement official. Source: Hackers steal 100,000 traveler…

Popular media player receives 33 security bug fixes, two of which are rated high severity. Maintainers of the popular open-source VLC media player patched two high-severity bugs Friday. The flaws were an out-of-bound write vulnerability and a stack-buffer-overflow bug. Developers behind the software, VideoLAN, said the patches were two of 33 fixes being pushed out…

The MuddyWater cyber espionage group has used an updated multi-stage PowerShell backdoor in recent cyber attacks. Security experts at Trend Micro report that the MuddyWater APT group (aka SeedWorm and TEMP.Zagros ), used an updated multi-stage PowerShell backdoor in recent cyber espionage campaigns. Source: MuddyWater APT group updated its multi-stage PowerShell backdoor Powerstats

The CVE-2019-2725 vulnerability in Oracle WebLogic recently, addressed by the company, is being exploited in cryptojacking attacks, Trend Micro reports. Experts at Trend Micro reported that the recently patched CVE-2019-2725 vulnerability in Oracle WebLogic is being exploited in cryptojacking attacks. Source: CVE-2019-2725 Oracle WebLogic flaw exploited in cryptojacking campaign

Security expert discovered an exposed database belonging to Shanghai Jiao Tong University containing 8.4TB in email metadata. Director of Trust & discovered an unprotected database owned by Shanghai Jiao Tong University that was exposed online. Source: Shanghai Jiao Tong University data leak – 8.4TB in email metadata exposed

by Mark Vicente, Johnlery Triunfante, and Byron Gelera In April 2019, a security advisory was released for CVE-2019-2725 , a deserialization vulnerability involving the widely used Oracle WebLogic Server. Soon after the advisory was published, reports emerged on the SANS ISC InfoSec forums that the vulnerability was already being actively exploited to install cryptocurrency miners.…

Major HSM vulnerabilities impact banks, cloud providers, governments ZDNet Researchers disclose major vulnerabilities in HSMs (Hardware Security Modules). Source: Major HSM vulnerabilities impact banks, cloud providers, governments

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 31 and June 7. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are…

SandboxEscaper is back, with a second bypass for the recent CVE-2019-0841 Windows patch. Source: SandboxEscaper Debuts ByeBear Windows Patch Bypass