Snyk Security Researchers have been using dynamic analysis techniques to unravel the behaviors of obfuscated malicious packages. A recent interesting finding in the Python Package Index (PyPi) attempted to imitate a known open source developer through identity spoofing. Upon further analysis, the team uncovered that the package, raw-tool, was attempting to hide malicious behavior using base64 encoding, reaching out to malicious servers, and executing obfuscated code.

According to the latest Ransomware Spotlight Year End report, 56% of the 223 older vulnerabilities identified prior to 2021 are still actively exploited and used as the entry points to ransomware attacks. This warrants the question of why enterprises aren’t patching vulnerabilities regularly.

On September 29, Microsoft Security Threat Intelligence reported two significant zero-day vulnerabilities being exploited in the wild. The two vulnerabilities, named “ProxyNotShell”, affect Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.

As a CIO in charge of your organization's security, you're responsible for ensuring the security of your company's data. But with so many cybersecurity threats out there, it can be difficult to know where to start. Should you focus on conducting a vulnerability assessment? Or is a risk assessment more important? In this article, we will discuss vulnerability vs risk, cyber threats, and protecting sensitive data.

Trustwave security teams are aware of two zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) impacting Microsoft Exchange Server 2013, 2016, and 2019 and organizations with Outlook Web Access facing the Internet. If exploited, the vulnerabilities can allow an attacker to elevate privilege and remote code execution capability. We immediately investigated the vulnerabilities and potential exploits and continue to monitor the situation.

Did you know that malware attacks on software have increased by 11% to reach 2.8 billion in 2022? This is a staggering rise in security attacks and a huge point of concern for the industry. For many companies, the security of their software systems becomes a priority only after they experience a breach. But it doesn’t have to be that way. If you want to keep your systems secure and provide users with a safe environment, you need to be conscious of security flaws.

On Sept. 29th 2022, cybersecurity organization GTSC publicized a report outlining attacks they have seen in the wild targeting as-yet unpatched vulnerabilities in Microsoft Exchange. When successfully exploited this combination of vulnerabilities results in an authenticated Remote Code Execution (RCE) attack. Until a patch has been issued, Microsoft has posted a security bulletin detailing a workaround.

The market-leading CrowdStrike Falcon® platform, applying a combination of advanced machine learning (ML), artificial intelligence (AI) and deep analytics across the trillions of security events captured in the CrowdStrike Security Cloud, has identified a new supply chain attack pattern during the installation of a chat based customer engagement platform.