#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Apache Superset | Breaking Cybersecurity News | The Hacker News

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack

Jan 10, 2024 Patch Management / Threat Intelligence
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  six security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. This includes  CVE-2023-27524  (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution. It was fixed in version 2.1. Details of the issue  first came to light  in April 2023, with Horizon3.ai's Naveen Sunkavally describing it as a "dangerous default configuration in Apache Superset that allows an unauthenticated attacker to gain remote code execution, harvest credentials, and compromise data." It's currently not known how the vulnerability is being exploited in the wild. Also added by CISA are five other flaws - CVE-2023-38203  (CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300  (CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrus
Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

Sep 07, 2023 Server Security / Vulnerability
Patches have been released to address two new security vulnerabilities in Apache Superset  that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs  CVE-2023-39265  and  CVE-2023-37941 , which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset's metadata database. Outside of these weaknesses, the latest version of Superset also remediates a separate improper REST API permission issue ( CVE-2023-36388 ) that allows for low-privilege users to carry out server-side request forgery ( SSRF ) attacks. "Superset by design allows privileged users to connect to arbitrary databases and execute arbitrary SQL queries against those databases using the powerful SQLLab interface," Horizon3.ai's Naveen Sunkavally  said  in a technical write-up. "If Superset can be tricked into connecting to its own metadata database, an attacker can directly read or write application configuration thr
Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Feb 14, 2024Financial Security / Cyber Threats
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more limited resources. The FinServ Threat Landscape Recent trends show an alarming increase in sophisticated cyber-attacks. Cybercriminals now deploy advanced techniques like deep fake technology and AI-powered attacks, making it increasingly difficult for banks to differentiate between legitimate and malicious activities. These developments necessitate a shift towards more sophisticated and adaptive cybersecurity measures. Take these industry statistics, for example. Financial firms report 703 cyberattack attempts per week.1 On average, 270 attacks (entailing unauthorized access of data, appl
Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

Apr 26, 2023 Server Security / Vulnerability
The maintainers of the  Apache Superset  open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. The vulnerability, tracked as  CVE-2023-27524  (CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a default SECRET_KEY that could be abused by attackers to authenticate and access unauthorized resources on internet-exposed installations. Naveen Sunkavally, the chief architect at Horizon3.ai, described the issue as "a dangerous default configuration in Apache Superset that allows an unauth attacker to gain remote code execution, harvest credentials, and compromise data." It's worth noting that the flaw does not affect Superset instances that have changed the default value for the SECRET_KEY config to a more cryptographically secure random string. The cybersecurity firm, which found that the SECRET_KEY is defaulted to the value "\x02\x01thisismy
cyber security

The Critical State of AI in the Cloud

websiteWiz.ioArtificial Intelligence / Cloud Security
Wiz Research reveals the explosive growth of AI adoption and what 150,000+ cloud accounts revealed about the AI surge.
Cybersecurity Resources