One thing is certain. Vulnerabilities are not going anywhere anytime soon because humans are not perfect and our imperfections can show in what we create. Also, while technology like AI applications can help you become productive, it can lead to a data breach.
This and more is what we are about to review. Let's begin.
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
The vulnerability risk is high because the kind of power that it gives to the attackers is dangerous.
For example:
The devices, which typically sell for $30 to $100, are known as IP KVMs. Administrators often use them to remotely access machines on networks.
This provides power and convenience to admins, but in the wrong hands, the capabilities can often torpedo what might otherwise be a secure network.
The Collapse of Predictive Security in the Age of Machine-Speed Attacks
As a cyber defender, know that it's nothing new. You just need to change how you protect the systems that you are charged to protect.
Here is what's going on:
“Preemptive security means reducing the conditions attackers rely on before exploitation occurs, detecting and responding with full environmental context, and prioritizing action based on material risk, not alert volume.”
Internet access brokers are a primary cause for this necessary shift in defense, and the success of infostealers are key to the IABs’ efficiency. “Infostealers provide a gold mine of information that attackers can use,”
Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches
It's your responsibility to know the apps in your environment.
From the article:
While complexity is the enemy of security, SaaS is the disguiser and multiplier of complexity, through poor visibility into its shadow AI.
An attacker can often find greater visibility into a SaaS app by stealing the right OAuth access and/or refresh token (courtesy of the modern infostealer that can enter, scrape and depart without the victim realizing it).
‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors
What I found fascinating from the article is: the exploit is written in JavaScript. I know, it sounds weird, but it's what it is.
From the article:
Written completely in JavaScript, DarkSword starts with the exploitation of Safari bugs to achieve remote code execution (RCE), continues with a sandbox escape, and shifts to exploiting kernel flaws to inject and execute JavaScript code for privilege escalation and final payload execution.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.
Top comments (0)