Security News


Open debug mode in Cisco mobile networking software created critical security hole | The Daily Swig

Cisco has patched a pair of vulnerabilities in its telco-focused Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS software, … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/open-debug-mode-in-cisco-mobile-networking-software-created-critical-security-hole&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNG5vpBv5pC587hQ-wTa8M619a9bHQ


Australia, U.K. Work on Security Ties as China’s Clout Expands – Bloomberg

Britain’s top foreign and defense officials will meet their Australian counterparts in Sydney on Friday to advance a security pact involving … https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/articles/2022-01-20/australia-u-k-work-on-security-ties-as-china-s-clout-expands&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AFQjCNHV8gxfCI90IIQ4io9u2s2OD7ywPg


White House orders federal agencies to raise cybersecurity bar for national security systems …

The Daily Swig … systems “to take specific actions against known or suspected cybersecurity threats and vulnerabilities”, reads a fact sheet. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/white-house-orders-federal-agencies-to-raise-cybersecurity-bar-for-national-security-systems&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNF5sE-oWZj1PearQbCZU1dhSFdelA


Red Cross suffers cyber-attack – data of 515,000 ‘highly vulnerable‘ people exposed | The Daily Swig

The ‘sophisticated’ attack was detected last week. The International Committee of the Red Cross (ICRC) has revealed a data breach exposing … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/red-cross-suffers-cyber-attack-data-of-515-000-highly-vulnerable-people-exposed&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNFJXinGktE_1Owe3nFXA4qwKKTDCQ


Union Pacific Steps Up Security to Curb Los Angeles Train Thefts – Bloomberg

Union Pacific Corp. is erecting physical barriers and increasing its own policing of an area in Los Angeles where people have been stealing goods … https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/articles/2022-01-20/union-pacific-steps-up-security-to-curb-los-angeles-train-thefts&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AFQjCNETgTXTwuMZI-8NLmd40UK3B_5AFw


Crypto.com Says User Accounts Breached Earlier Held $34 Million – Bloomberg.com

In a report released Thursday, the private company said that 4,836.26 Ethereum, 443.93 Bitcoin and $66,200 were stolen during the security breach on … https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/articles/2022-01-20/crypto-com-says-user-accounts-breached-earlier-held-34-million&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AFQjCNFAIbUpQDfnMYPHixGTe9loYr9mLw


GitHub Actions flaw that allowed code to be approved without review is addressed with new …

Gil previously told The Daily Swig: “Required reviews is one of the most widely used security mechanisms in GitHub, and since GitHub Actions is … https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/github-actions-flaw-that-allowed-code-to-be-approved-without-review-is-addressed-with-new-feature-rollout&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGPK_GMCVi9lPH0dOuoLIUIwLDzOA


China Crackdown Leads to HK Journalist Layoffs After Apple Daily, Stand Close – Bloomberg

Security probe stigma left some struggling to find jobs, while others changed profession, emigrated or embraced “lying flat” https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/articles/2022-01-19/hong-kong-s-crackdown-leaves-journalists-hawking-fried-chicken&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AFQjCNGUhA-8_pJ2TjHWbD_45115Rb3xLA


Security vulnerabilities in Umbraco CMS could lead to account takeover | The Daily Swig

Umbraco CMS uses a configuration named ‘ApplicationUrl’, which is used whenever application code needs to build a URL pointing back to the site. https://www.google.com/url?rct=j&sa=t&url=https://portswigger.net/daily-swig/security-vulnerabilities-in-umbraco-cms-could-lead-to-account-takeover&ct=ga&cd=CAIyGjgzMjVmMTg3YzNmN2FkZTk6Y29tOmVuOlVT&usg=AFQjCNGvWJBLq8LUuVXgJIEFcnQ0Pj1v8Q


The White House Is Worried About Open Source Software Security – Bloomberg.com

A flaw found in a popular piece of software illustrates one danger of volunteer-run development projects. https://www.google.com/url?rct=j&sa=t&url=https://www.bloomberg.com/news/articles/2022-01-19/log4j-vulnerability-shows-risk-of-relying-on-open-source-volunteer-coders&ct=ga&cd=CAIyGmI4ZmJhZDk5YTU5NzM0NzE6Y29tOmVuOlVT&usg=AFQjCNGiazRQrxnRmuibcFXA-mqv9AoaHw