The National Science Foundation’s National Optical-Infrared Astronomy Research Laboratory (NOIRLab) detected an attempted cyberattack on its computer systems, leading to the suspension of observations at Gemini North Observatory in Hawaii. The NOIRLab cybersecurity team acted quickly to prevent damage, but the observatory remains closed for investigation. This incident follows a similar cyberattack on the Atacama Large Millimeter Array (ALMA) radio telescope in Chile last November.
Burger King France has experienced a second misconfiguration incident that exposed sensitive data, including database credentials, job posts, and applicant data. Threat actors could have potentially executed arbitrary code and manipulated the site’s analytics by combining the compromised credentials with the site’s Google Tag Manager ID. The researchers alerted Burger King to the issue, and it has been resolved.
Tech giants like Google and Microsoft are increasingly adopting the Rust programming language for its built-in memory safety and other security features. Rust’s ability to avoid memory safety issues and vulnerabilities has made it a popular choice among developers and companies focused on secure code. Companies like Fortanix, Google, and 1Password have committed to using Rust extensively, while Microsoft is rewriting parts of its kernel using Rust and plans to have Windows booting with Rust in the kernel.
Mallox ransomware has seen a 174% increase in activity in 2023, following the trend of stealing data before encrypting files and threatening to publish the stolen data as leverage. The group targets poorly secured MS-SQL servers through dictionary attacks to gain access to victims’ networks. The Mallox ransomware group has been recruiting affiliates for their ransomware-as-a-service program, indicating a potential increase in attacks.
Cybersecurity agencies from the Five Eyes nations have identified a four-year-old critical security flaw in Fortinet FortiOS SSL as one of the most frequently exploited vulnerabilities in 2022. The agencies noted that attackers prioritize developing exploits for severe and widely known vulnerabilities, emphasizing the importance of organizations applying security updates promptly. Other widely exploited flaws include unauthenticated remote code execution vulnerabilities in Zoho ManageEngine ADSelfService Plus and Atlassian Confluence Server and Data Center, as well as remote code execution vulnerabilities in VMware Workspace ONE Access and Identity Manager.
Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.