Cloud Security Alliance News Clipping Site

Tag: threat actor

  • The Register: US and UK govts warn: Russia scanning for your unpatched vulnerabilities

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/10/12/russia_is_targeting_you_for/ Source: The Register Title: US and UK govts warn: Russia scanning for your unpatched vulnerabilities Feedly Summary: Also, phishing’s easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK…

  • Alerts: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/10/10/best-practices-configure-big-ip-ltm-systems-encrypt-http-persistence-cookies Source: Alerts Title: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies Feedly Summary: CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet facing devices on the network. F5 BIG-IP is a suite of hardware and…

  • The Register: OpenAI says Chinese gang tried to phish its staff

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/10/10/china_phish_openai/ Source: The Register Title: OpenAI says Chinese gang tried to phish its staff Feedly Summary: Claims its models aren’t making threat actors more sophisticated – but is helping debug their code OpenAI has alleged the company disrupted a spear-phishing campaign that saw a China-based group target its employees through both their personal…

  • Slashdot: Internet Archive Suffers ‘Catastrophic’ Breach Impacting 31 Million Users

    by

    system automation
    in

    Source URL: https://yro.slashdot.org/story/24/10/09/2247234/internet-archive-suffers-catastrophic-breach-impacting-31-million-users?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Internet Archive Suffers ‘Catastrophic’ Breach Impacting 31 Million Users Feedly Summary: AI Summary and Description: Yes Summary: The Internet Archive’s “Wayback Machine” experienced a significant data breach, compromising a database of 31 million user records. This incident highlights the vulnerabilities that legacy systems may face and underscores the importance…

  • Alerts: Microsoft Releases October 2024 Security Updates

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/10/08/microsoft-releases-october-2024-security-updates Source: Alerts Title: Microsoft Releases October 2024 Security Updates Feedly Summary: Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft…

  • Microsoft Security Blog: Cybersecurity Awareness Month: Securing our world—together

    by

    system automation
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/01/cybersecurity-awareness-month-securing-our-world-together/ Source: Microsoft Security Blog Title: Cybersecurity Awareness Month: Securing our world—together Feedly Summary: To help our global cyberdefenders, Microsoft has put together the Be Cybersmart Kit, designed to educate everyone, on best practices for going passwordless, not falling for sophisticated phishing or fraud, device protection, AI safety, and more. The post Cybersecurity…

  • Microsoft Security Blog: File hosting services misused for identity phishing

    by

    system automation
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/08/file-hosting-services-misused-for-identity-phishing/ Source: Microsoft Security Blog Title: File hosting services misused for identity phishing Feedly Summary: Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities,…

  • Hacker News: European govt air-gapped systems breached using custom malware

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/mind-air-gap-goldenjackal-gooses-government-guardrails/ Source: Hacker News Title: European govt air-gapped systems breached using custom malware Feedly Summary: Comments AI Summary and Description: Yes Summary: This text presents an extensive analysis of the GoldenJackal APT group’s cyberespionage activities, notably their attacks on air-gapped systems within governmental organizations in Europe. It introduces previously undocumented malware tools employed…

  • Cisco Talos Blog: Threat actor believed to be spreading new MedusaLocker variant since 2022

    by

    system automation
    in

    Source URL: https://blog.talosintelligence.com/threat-actor-believed-to-be-spreading-new-medusalocker-variant-since-2022/ Source: Cisco Talos Blog Title: Threat actor believed to be spreading new MedusaLocker variant since 2022 Feedly Summary: Cisco Talos has discovered a financially motivated threat actor, active since 2022, recently observed delivering a MedusaLocker ransomware variant. Intelligence collected by Talos on tools regularly employed by the threat actor allows us to see…

  • Cloud Blog: An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader

    by

    system automation
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/unc2970-backdoor-trojanized-pdf-reader/ Source: Cloud Blog Title: An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader Feedly Summary: Written by: Marco Galli, Diana Ion, Yash Gupta, Adrian Hernandez, Ana Martinez Gomez, Jon Daniels, Christopher Gardner Introduction In June 2024, Mandiant Managed Defense identified a cyber espionage group suspected to have a North…