BRANDEFENSE BRANDEFENSE
  • Home
  • Product
    How it works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    brandefense background
    Eliminate risks
    Explore the Brandefense
  • Blog
  • Resources
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    We in the Press
  • Partners
    Channel Partners
    Deal Registration
  • Company
    About Us
    Career
    Privacy Policy
    Terms of Use
    Contact Us
Free Trial

BRANDEFENSE

  • Home
  • Product
    How it works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    brandefense background
    Eliminate risks
    Explore the Brandefense
  • Blog
  • Resources
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    We in the Press
  • Partners
    Channel Partners
    Deal Registration
  • Company
    About Us
    Career
    Privacy Policy
    Terms of Use
    Contact Us
Weekly Security News – Week 6

Weekly Security News – Week 6

BRANDEFENSE
Weekly Newsletter
08/02/2023

Welcome to our 6th Weekly Security News. We’ve gathered the most speculative cyber security news for you. Keep reading to learn details about this week’s security news and protect yourself proactively.

See you next week!

github desktop and atom certificates

Code Signing Certificates for GitHub Desktop and Atom Apps Suffered Unauthorized Access

On December 7, 2022, GitHub discovered that a series of repositories used in the planning and development of GitHub Desktop and Atom were accessed by unknown threat actors without authorization. After a comprehensive investigation, it was announced that the services were not at risk, and no unauthorized changes were made to these projects as a result of this unauthorized access.

As a result of the unauthorized access, a number of encrypted code signing certificates for GitHub Desktop and Atom applications were leaked. The certificates are password-protected, and no evidence of malicious use has been observed so far. However, if the password of the certificates is decrypted, the threat actor can act as if they have been officially created by GitHub by signing unofficial applications with these certificates.

They will cancel the open certificates used for GitHub Desktop and Atom

As a preventive measure, GitHub announced that they will cancel the open certificates used for GitHub Desktop and Atom applications. This cancellation of certificates will make some versions of GitHub Desktop for Mac and Atom invalid. However, this edit will not affect GitHub Desktop for Windows. The following versions of GitHub Desktop for Mac will be removed from use on February 2:

  • 1.2
  • 1.1
  • 1.0
  • 0.8
  • 0.7
  • 0.6
  • 0.5
  • 0.4
  • 0.3
  • 0.2

GitHub Atom will also stop serving the following versions on February 2:

  • 63.1
  • 63.0

It is recommended that users switch to previous versions of the applications that are not affected by the breach to continue using GitHub Desktop and Atom.

security news – week 47
Weekly Newsletter
Security News – Week 47
23/11/2022

Read more
adobe acrobat reader rce code

Adobe Acrobat Reader DC RCE Vulnerability: Exploit Code Released

A recently patched critical Remote Code Execution (RCE) vulnerability in the Adobe Acrobat Reader DC software has been identified with the publication of proof-of-concept (PoC) exploitation code.

The security vulnerability, coded as CVE-2023-21608, arises from a Use-After-Free error that could cause arbitrary code execution in a current user session. The threat actor could exploit this security vulnerability by convincing users to open a specially crafted document, allowing them to use the user’s privileges to execute arbitrary code on the system or cause the application to crash.

Adobe Released the Security Bulletin for Adobe Acrobat Reader

Adobe recently patched the vulnerability through a security bulletin, but shortly after the release of the update, Hacksysteam security research announced the publication of PoC code targeting the exploitation of CVE-2023-21608 vulnerability. To avoid being targeted by attacks that could be carried out using the vulnerability and exploitation code, it is recommended that users who are using vulnerable Adobe Acrobat Reader DC versions upgrade to the current version where the vulnerability has been fixed.

rce in ibm websphere application server

RCE Alert in IBM WebSphere Application Server

A critical security vulnerability has been identified in IBM WebSphere Application Server that can cause remote code execution by threat actors.

The security vulnerability (coded as CVE-2023-23477) is caused by an incorrect authentication that occurs during data processing. A remote threat actor can execute random code on the targeted system by sending specially prepared data to the server.

IBM released a security bulletin

This vulnerability affects versions of IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server 8.5. IBM has released updates to fix the vulnerability. To avoid being targeted in attacks that can be carried out using the vulnerability, it is recommended that users of the following versions of the IBM WebSphere Application Server apply the latest updates immediately:

For IBM WebSphere Application Server users who use versions between 9.0.0.0 and 9.0.5.7:

  • Apply Fix Pack 9.0.5.8 or a later version.

For IBM WebSphere Application Server users who use versions between 8.5.0.0 and 8.5.5.19:

  • Apply Fix Pack 8.5.5.20 or later versions.
critical authentication bypass security vulnerability detected in atlassian jira

Critical Vulnerability Alert in Atlassian Jira Service Management Server and Data Center

A critical security vulnerability has been detected in the Jira Service Management Server and Data Center solutions developed by Atlassian.

The vulnerability, coded as CVE-2023-22501, is caused by a faulty authentication control. The threat actor can exploit this vulnerability by using a specially prepared request to impersonate another user and gain access to a Jira Service Management session. The vulnerability affects the following versions:

  • 3.0
  • 3.1
  • 3.2
  • 4.0
  • 4.1
  • 5.0
Atlassian solved the vulnerability for Jira Service Management Server and Data Center

The vulnerability is resolved in versions 5.3.3, 5.4.2, 5.5.1, 5.6.0, and later. It is recommended that users of vulnerable versions upgrade promptly to a version that resolves the vulnerability.

top 3 stealer malware activity research
Ransomware
Top 3 Stealer Malware Activity Research
30/03/2022

Last updated on August 9th, 2022 at 09:16 pm

Read more
Share on Facebook Share on Twitter
Search
Categories
APT GroupsBlogDark WebDRPSFraudRansomwareSector AnalysisSecurity NewsVIP SecurityWe in the PressWeekly Newsletter
Recent Posts
  • What is BEC (Business Email Compromise) Attack?
    What is BEC (Business Email Compromise) Attack?
  • What Is Smishing and How To Protect Yourself?
    What Is Smishing and How To Protect Yourself?
  • Security Newsletter | March 30, 2023
    Security Newsletter | March 30, 2023
  • What is Incident Response and How to Build It?
    What is Incident Response and How to Build It?
2022 Ransomware Trends Report
Report
Download Report
Follow us!

    Continue Reading

    Previous post

    Critical Vulnerability Alert in Atlassian Jira Service Management Server and Data Center

    critical authentication bypass security vulnerability detected in atlassian jira
    reddit suffer security breach
    Next post

    Reddit Suffered a Security Breach Resulting in Unauthorized Access to Internal Systems

    particle element
    We know what hackers know about you
    Our cyber threat intelligence and security research team is ready to help you.
    Request a demo
    Free Trial
    Contact
    Login

    Follow us on

    brandefense logo brandefense

    Brandefense is solving SOC’s complex challenges. We are here to help Brandefense customers to protect their brands and reputations against cyber threats.

    United States:

    300 Delaware Ave. Ste 210 #328 Wilmington, DE 19801 / USA

    Turkey:

    Üniversiteler Mahallesi, 1605.Cadde, Kapı No:3/1, No: 204, 06800 Çankaya/Ankara 06800

    © 2022 Brandefense. All rights reserved.

    Solutions
    Threat IntelligenceBrand ProtectionVulnerability ManagementFraud ProtectionVIP SecurityAttack Surface ManagementVulnerability Intelligence
    Use Case
    Data LeakagePhishing MonitoringAccount Takeover DetectionStolen Credit CardsDark Web MonitoringRemediation / Takedown
    Partners
    Channel PartnersDeal Registration
    Company
    AboutCareerPrivacy PolicyTerms Of UseContact
    Manage Cookie Consent
    To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    Manage options Manage services Manage vendors Read more about these purposes
    View preferences
    {title} {title} {title}
    Close
    Search

    Hit enter to search or ESC to close