Author: Admin
November 1, 2024Ravi LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign aimed at getting open Git configurations to skim over credentials, clone private repositories, and even extract cloud credentials from source code. Codenamed activity THE EMERALD WHALEestimated to have collected over 10,000 private vaults and stored them in Amazon S3 storage owned by a previous victim. The bucket, consisting of at least 15,000 stolen credentials, has since been removed by Amazon. “Stolen credentials belong to Cloud Service Providers (CSPs), email providers and other services” – Sysdig said in the report. “Phishing and spam are the primary targets…
November 1, 2024Ravi LakshmananThreat Intelligence / Network Security Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 uses a botnet called Quad7 to orchestrate highly evasive password spraying attacks. The tech giant named the botnet CovertNetwork-1658, saying that password spraying operations are being used to steal credentials from numerous Microsoft customers. “Active since at least 2021, Storm-0940 gains initial access through password spraying and brute force attacks, or by exploiting or misusing network applications and services,” the Microsoft Threat Intelligence team said. said. “Storm-0940 is known to target organizations in North America and Europe, including think tanks,…
November 1, 2024Ravi LakshmananData Security / Artificial Intelligence Microsoft is further delaying the release of its controversial Recall feature for Windows PC Copilot+, saying it needs time to improve the experience. There was development reported for the first time from The Verge. The AI-powered tool was originally slated for a preview release starting in October. “We are committed to providing a safe and secure experience with Recall,” the company said in a statement said in an updated statement issued Thursday. “To ensure we’re delivering these important updates, we’re spending extra time refining the preview experience with the help of Windows…
Cybersecurity researchers have uncovered a new phishing kit that has been used in campaigns targeting Australia, Japan, Spain, the UK and the US since at least September 2024. Netcraft reported that more than 2,000 phishing websites have identified a set known as Xiū gǒu, with a proposal used in attacks targeting various verticals such as the public sector, postal services, digital services and banking services. “Threat objects using the kit to deploy phishing websites often rely on Cloudflare’s anti-bot and hosting obfuscation capabilities to prevent detection,” Netcraft said in a report released Thursday. Some aspects of the phishing kit have…
November 1, 2024Hacker newsSaaS Security / Identity Security Did you know that advanced threat actors can penetrate the identity systems of large organizations and extract sensitive data within days? This is a horrifying reality that is becoming more common and disturbing every day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised credentials to move laterally across networks, causing widespread damage. Cybersecurity and IT professionals now face an uphill battle against these sophisticated threats. Traditional security measures are falling short, leaving organizations vulnerable to data breaches, financial losses and reputational damage. This webinar provides important information and actionable…
Track the world leaders with Strava Back in 2018, people noticed that you could find secret military bases using data published by the fitness app Strava. Soldiers and other military used them to track their runs, and you could look at public data and find places where there shouldn’t be people running. Six years later, the problem remains. World has informed what the same Strava data can be used to track the movements of world leaders. They don’t wear tracking devices, but many of their bodyguards do. tags: data privacy, tracking Posted on October 31, 2024 at 11:16 am •…
October 31, 2024Ravi LakshmananSpy software / Mobile security Cybersecurity researchers have discovered an improved version of Apple’s iOS spy software called LightSpy, which not only extends its functionality, but also contains destructive capabilities to prevent a jailbroken device from booting. “While the way iOS implants are delivered is very similar to the macOS version, the post-exploitation and privilege escalation steps are significantly different due to platform differences,” ThreatFabric. said in an analysis published this week. LightSpy, first documented in 2020 as targeting users in Hong Kong, is modular implant which uses a plugin-based architecture to increase its capabilities and allow…
Roger Grimes on prioritizing cybersecurity advice This is a good point: Part of the problem is that we are constantly being given lists…lists of required controls…lists of things we are being asked to fix or improve…lists of new projects…lists of threats and so on that are not ranked by risk . For example, we are often given cybersecurity guidelines (such as PCI-DSS, HIPAA, SOX, NIST, etc.) with hundreds of recommendations. All of these are great guidelines to follow to reduce risk in your environment. They don’t tell you which of the recommended things will have the greatest impact on the…
October 31, 2024Ravi LakshmananCryptocurrency / Software Development LottieFiles discovered that its npm package ‘lottie-player’ had been compromised in a supply chain attack, prompting it to release an updated version of the library. “Oct 30 ~18:20 UTC – LottieFiles has been notified that our popular open source npm web player package @lottiefiles/lottie-player contains unauthorized new versions with malicious code,” the company said in a statement. said in a statement on X. “This does not affect our dotlottie player and/or SaaS service.” LottieFiles is an animation workflow platform that allows designers to create, edit, and share animations in a JSON-based animation file…
October 31, 2024Hacker newsIdentity Security / Browser Security In today’s browser-centric workplace, branding acts as the front line of defense for organizations. Often referred to as the “new perimeter,” identity stands between secure data management and potential breaches. However, a new report shows that businesses are often unaware of how their identities are being used across platforms. This leaves them vulnerable to data breaches, account hijacking and credential theft. “Corporate Identity Threat Report 2024” (download here) is based on exclusive data available only to the LayerX Browser Security platform. This data comes from LayerX’s unique visibility into every user’s browser…