malicious activity - Cloud Security Alliance News Clipping Site

The Register: Here’s what happens if you don’t layer network security – or remove unused web shells

Nov 22, 2024

—

by

Source URL: https://www.theregister.com/2024/11/22/cisa_red_team_exercise/ Source: The Register Title: Here’s what happens if you don’t layer network security – or remove unused web shells Feedly Summary: TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated The US Cybersecurity and Infrastructure Agency often breaks into critical organizations’ networks – with their permission,…

The Register: China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer

Nov 19, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/19/china_brazenbamboo_fortinet_0day/ Source: The Register Title: China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer Feedly Summary: No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet’s Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity.… AI…

The Register: Scattered Spider, BlackCat claw their way back from criminal underground

Nov 8, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/08/scattered_spider_blackcat_return/ Source: The Register Title: Scattered Spider, BlackCat claw their way back from criminal underground Feedly Summary: We all know by now that monsters never die, right? Two high-profile criminal gangs, Scattered Spider and BlackCat/ALPHV, seemed to disappear into the darkness like their namesakes following a series of splashy digital heists last year,…

Alerts: Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments

Oct 31, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/31/foreign-threat-actor-conducting-large-scale-spear-phishing-campaign-rdp-attachments Source: Alerts Title: Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments Feedly Summary: CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including government and information technology (IT). The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious…

Alerts: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

Oct 30, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/10/30/fortinet-updates-guidance-and-indicators-compromise-following-fortimanager-vulnerability Source: Alerts Title: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation Feedly Summary: Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional workarounds and indicators of compromise (IOCs). A remote, unauthenticated cyber threat actor could exploit this vulnerability to gain access to sensitive…

Hacker News: How to get the whole planet to send abuse complaints to your best friends

Oct 29, 2024

—

by

system automation

in Uncategorized

Source URL: https://delroth.net/posts/spoofed-mass-scan-abuse/ Source: Hacker News Title: How to get the whole planet to send abuse complaints to your best friends Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes a cybersecurity incident where the author received an abuse report linked to their server’s IP, suggesting potential involvement in malicious activities. Upon…

Cloud Blog: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)

Oct 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575/ Source: Cloud Blog Title: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575) Feedly Summary: Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiManager appliances across 50+ potentially compromised FortiManager devices in various industries. The vulnerability,…

The Register: X to allow third parties to train their AI models with social media users’ data

Oct 18, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/18/x_train_data/ Source: The Register Title: X to allow third parties to train their AI models with social media users’ data Feedly Summary: Another raft of reasons to ponder your social media presence Elon Musk’s social media mouthpiece X (formerly known as Twitter) has updated its Terms of Service and Privacy Policy to direct…

Cloud Blog: Introduction to Threat Intelligence and Attribution course, now available on-demand

Sep 23, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/introduction-to-intelligence-and-attribution-course-now-on-demand/ Source: Cloud Blog Title: Introduction to Threat Intelligence and Attribution course, now available on-demand Feedly Summary: Ask 10 cybersecurity experts to define “attribution” and they would likely provide as many different answers. The term has become an industry buzzword for the process by which evidence of a breach is converted into a…

Alerts: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229

Sep 20, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2024/09/20/versa-networks-releases-advisory-vulnerability-versa-director-cve-2024-45229 Source: Alerts Title: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229 Feedly Summary: Versa Networks has released an advisory for a vulnerability (CVE-2024-45229) affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates, hunt for any malicious…

Tag: malicious activity