Home » Security Bloggers Network » Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

by Andrew Swoboda on June 13, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories.

Another nation-state actor exploits Microsoft Follina to attack European and US entities

A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks aimed at government entities in Europe and the U.S., reports Security Affairs. The issue affects multiple Microsoft Office versions, including Office, Office 2016, and Office 2021.

DARLENE HIBBS | Security Researcher at Tripwire

The recently disclosed 0-day in Microsoft Support Diagnostic Tool (MSDT), CVE-2022-30190, nicknamed Follina, is being actively exploited by a nation-state actor to attack government entities via malicious Word documents. The 0-day can be exploited via a Word document and allows remote code execution with minimal interaction from the user. It is possible to exploit this vulnerability without the user needing to open the document which bypasses protections given by the Protected View feature of Office to limit code execution. To mitigate the risk from the vulnerability it is recommended that the registry keys relating to MSDT be deleted.

Linux botnets now exploit critical Atlassian Confluence bug

Several botnets are now using exploits targeting a critical remote code execution (RCE) vulnerability to infect Linux servers running unpatched Atlassian Confluence Server and Data Center installs. Bleeping Computer notes that successful exploitation of this flaw (tracked as CVE-2021-26084) allows unauthenticated attackers to create new admin accounts, execute commands, and ultimately take over the server remotely to backdoor Internet-exposed servers.

ANDREW SWOBODA | Senior Security Researcher at Tripwire

CVE-2021-26084 has been actively exploited in the wild since the release of proof of concepts. This (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Andrew Swoboda. Read the original post at: https://www.tripwire.com/state-of-security/vert/vert-news/vert-cybersecurity-news-june-6-2022/

June 13, 2022June 13, 2022 Andrew Swoboda botnet, Linux, nation-state attacks, VERT News

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

Another nation-state actor exploits Microsoft Follina to attack European and US entities

DARLENE HIBBS | Security Researcher at Tripwire

Linux botnets now exploit critical Atlassian Confluence bug

ANDREW SWOBODA | Senior Security Researcher at Tripwire

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Randall Munroe’s XKCD ‘Good Science’