Microsoft officially disclosed it is investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation.
"The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker," the tech giant said. (The Hacker News)
Microsoft says the North Korean-sponsored Lazarus threat group is trojanizing legitimate open-source software and using it to backdoor organizations in many industry sectors, such as technology, defense, and media entertainment. (BleepingComputer)
A voided lawsuit from a cyber insurance carrier claiming its customer misled it on its insurance application could potentially pave the way to change how underwriters evaluate self-attestation claims on insurance applications. (DarkReading)
The National Security Agency (NSA) and CISA have issued guidance on how to secure operational technology (OT) and industrial control systems (ICSs) part of U.S. critical infrastructure.
The joint advisory shares info on all the steps used by malicious actors to compromise IT-enabled OT and ICS assets which provide a larger attack surface and highlights measures security professionals can take to defend against them. (BleepingComputer)
According to newly published ESG research, just over half of all organizations (52%) say that security operations are more difficult today than they were two years ago. When asked why 41% pointed to an evolving and dangerous threat landscape, 38% identified a growing and changing attack surface, 37% said that alert volume and complexity are driving this change, and 34% blamed growing use of public cloud computing services. (CSO)