Microsoft warns that the Russian threat group "APT28" uses "GooseEgg," a previously unknown hacking tool, to exploit a Windows Print Spooler vulnerability. Through this exploitation, they escalate privileges as well as steal credentials and data. APT28 created this tool to target the vulnerability, tracked as CVE-2022-38028 and reported by the US National Security Agency (NSA.) Redmond fixed the flaw during the Microsoft October 2022 Patch Tuesday.

Researchers at Legit Security discovered a dependency confusion vulnerability in an archived Apache project. The finding emphasizes the importance of analyzing third-party projects and dependencies, especially those that have been archived or possibly neglected when it comes to security updates. Dependency confusion, also known as "dependency hijacking" or "substitution attack," allows attackers to launch software supply chain attacks by exploiting vulnerable dependencies in open source software.

According to new research, threat actors can use the DOS-to-NT path conversion process to achieve rootkit-like capabilities and conduct malicious activities such as concealing and impersonating files, directories, and processes. According to SafeBreach security researcher Or Yair, the DOS path at which the file or folder exists is converted to an NT path when a user executes a function with a path argument in Windows. During the conversion process, a known issue occurs: the function removes trailing dots from any path element and trailing spaces from the last path element.

According to the Shadowserver Foundation, a recently addressed vulnerability could affect about 6,000 Internet-accessible Palo Alto Networks firewalls. Palo Alto Networks disclosed the flaw on April 12 and began rolling out patches a few days later. State-sponsored threat actors had exploited the vulnerability, and this activity recently increased after Proof-of-Concept (PoC) code was released.

A hack that caused a small Texas town’s water system to overflow in January has recently been linked to a shadowy Russian hacktivist group. The attack was one of three on small towns in the rural Texas Panhandle. Local officials said the public was not in danger, and the attempts were reported to federal authorities. Mike Cypert, the city manager of Hale Center, said there were 37,000 attempts in four days to log into their firewall. He added that the attempted hack failed as the city “unplugged” the system and operated it manually.

Cannes Hospital Centre – Simone Veil (CHC-SV) recently shut down its systems in response to a cyberattack it fell victim to. Also known as the Broussailles Hospital, the healthcare organization decided to completely cut off computer access to contain the attack, which forced employees to turn to pen and paper to continue providing services to patients. CHC-SV says it is making all the efforts to ensure that it can provide the full range of care across its fields of activity, adding that it has been working with regional healthcare entities to redirect patients based on their needs.

The MITRE Corporation recently became the latest high-profile victim of an Ivanti-related breach after a nation-state actor compromised its R&D network via two chained zero-day vulnerabilities. The non-profit said the last time it suffered a significant cyber-incident like this was 15 years ago. MITRE noted that an unnamed state actor on this occasion comprised MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network that provides storage, computing, and networking resources.

According to Louisiana State University (LSU) researcher and professor Chen Wang, muting microphones and turning off cameras during video conferences may not provide users with the privacy they expect. A National Science Foundation (NSF) CAREER Award will help him in his efforts to reduce the risk posed by "micro signals" from those devices. Wang says that even when turned off, computer microphones and cameras can leak information beyond what is seen and heard via signals that are too small for humans to recognize but detectable by machines.

The US Department of Defense (DOD) has awarded Defense Established Program to Stimulate Competitive Research (DEPSCoR) grants to three researchers in the Ira A. Fulton Schools of Engineering at Arizona State University (ASU). The three researchers will each receive up to $600,000 over three years to research cybersecurity, cyber deception, and more. Adil Ahmad and his team want to revolutionize computer logging infrastructure with the DEPSCoR grant. They will use logs to improve cybersecurity.

According to Pentera, 93 percent of enterprises that admitted to a breach experienced unplanned downtime, data exposure, or financial loss. Pentera surveyed 450 Chief Information Security Officers (CISOs), Chief Information Officers (CIOs), and Information Technology (IT) security leaders from companies with over 1,000 employees. On average, enterprises use 53 security solutions across their organization. However, despite large security stacks, 51 percent of enterprises reported a breach in the previous 24 months.