Trustwave SpiderLabs is tracking the critical-rated zero-day vulnerability CVE-2022-30190. Threat actors are reported to be actively exploiting this vulnerability in the wild. Microsoft disclosed and issued guidance for CVE-2022-30190 on May 30. Trustwave is diligently watching over our clients for exposure and associated attacks and working closely with our clients to ensure that mitigations are in place.

The software supply chain remains a weak link for an attacker to exploit and gain access to an organization. According to a report in 2021, supply chain attacks increased by 650%, and some of the attacks have received a lot of limelight, such as SUNBURST in 2020 and Dependency Confusion in 2021.

It’s no secret that the security leaders, especially chief information security officers (CISOs), have one of the most stressful jobs in the C-suite. They are bumping up against high demand, high risk, and often unrealistic expectations for their work.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. A disturbing find, and how long before there is a rush by others to use this flaw?

Businesses have never been more vulnerable than they are today. While cybercrime cost companies an already whopping US$300 billion in 2013, damages have since skyrocketed to US$945 billion in 2020. That’s 300% growth in just a short span of seven years. The worst part is, that we can expect this number to continue rising exponentially in the coming decade.

Splunk SURGe recently released a whitepaper, blog, and video that outline the encryption speeds of 10 different ransomware families. Early in our research, during the literature review phase, we came across another group that conducted a similar study on ransomware encryption speeds. Who was this group you ask? Well, it was actually one of the ransomware crews themselves.

When it comes to understanding the difference between open source software vulnerabilities and malicious threats, it’s helpful to think in terms of passive vs. active threats. Vulnerabilities can be attacked and exploited, but in a vacuum don’t pose a threat. Malicious threats are different —– they involve a threat actor actively planning to attack you.

This blog is part three in a series about secure access to Amazon RDS. In Part 1, we covered how to use OSS Teleport as an identity-aware access proxy to access Amazon RDS instances running in private subnets. Part 2 explained implementing single sign-on (SSO) for Amazon RDS access using Okta and Teleport. In Part 3, we will guide you through the steps to configure privilege escalation for just-in-time access requests for Amazon RDS access.

On Tuesday, May 31, 2022, Volexity responsibly disclosed a remote code execution (RCE) vulnerability to Atlassian affecting all supported versions of Confluence Server & Data Center. The Object-Graph Navigation Language (OGNL) injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.

I’m happy to announce that 1Password has joined the FIDO Alliance to help build safer, simpler, and faster login solutions for everyone. In fact, we’re already on our way … keep reading for a sneak peek at the future of authentication in 1Password.