Cloud Security Alliance News Clipping Site

Tag: threat actors

  • Microsoft Security Blog: Microsoft’s guidance to help mitigate Kerberoasting  

    by

    system automation
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/11/microsofts-guidance-to-help-mitigate-kerberoasting/ Source: Microsoft Security Blog Title: Microsoft’s guidance to help mitigate Kerberoasting   Feedly Summary: Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks. Microsoft is sharing recommended actions administrators can take now to help prevent successful Kerberoasting cyberattacks. The post Microsoft’s…

  • Hacker News: Two never-before-seen tools, from same group, infect air-gapped devices

    by

    system automation
    in

    Source URL: https://arstechnica.com/security/2024/10/two-never-before-seen-tools-from-same-group-infect-air-gapped-devices/ Source: Hacker News Title: Two never-before-seen tools, from same group, infect air-gapped devices Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the discovery of advanced hacking toolsets linked to a nation-state group, likely from Russia, targeting air-gapped systems. The findings highlight the sophistication and resourcefulness involved in circumventing…

  • The Register: US and UK govts warn: Russia scanning for your unpatched vulnerabilities

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/10/12/russia_is_targeting_you_for/ Source: The Register Title: US and UK govts warn: Russia scanning for your unpatched vulnerabilities Feedly Summary: Also, phishing’s easier over the phone, and your F5 cookies might be unencrypted, and more in brief If you need an excuse to improve your patching habits, a joint advisory from the US and UK…

  • Alerts: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/10/10/best-practices-configure-big-ip-ltm-systems-encrypt-http-persistence-cookies Source: Alerts Title: Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies Feedly Summary: CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet facing devices on the network. F5 BIG-IP is a suite of hardware and…

  • The Register: OpenAI says Chinese gang tried to phish its staff

    by

    system automation
    in

    Source URL: https://www.theregister.com/2024/10/10/china_phish_openai/ Source: The Register Title: OpenAI says Chinese gang tried to phish its staff Feedly Summary: Claims its models aren’t making threat actors more sophisticated – but is helping debug their code OpenAI has alleged the company disrupted a spear-phishing campaign that saw a China-based group target its employees through both their personal…

  • Alerts: Microsoft Releases October 2024 Security Updates

    by

    system automation
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2024/10/08/microsoft-releases-october-2024-security-updates Source: Alerts Title: Microsoft Releases October 2024 Security Updates Feedly Summary: Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft…

  • Microsoft Security Blog: Cybersecurity Awareness Month: Securing our world—together

    by

    system automation
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/01/cybersecurity-awareness-month-securing-our-world-together/ Source: Microsoft Security Blog Title: Cybersecurity Awareness Month: Securing our world—together Feedly Summary: To help our global cyberdefenders, Microsoft has put together the Be Cybersmart Kit, designed to educate everyone, on best practices for going passwordless, not falling for sophisticated phishing or fraud, device protection, AI safety, and more. The post Cybersecurity…

  • Microsoft Security Blog: File hosting services misused for identity phishing

    by

    system automation
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/08/file-hosting-services-misused-for-identity-phishing/ Source: Microsoft Security Blog Title: File hosting services misused for identity phishing Feedly Summary: Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities,…

  • Hacker News: European govt air-gapped systems breached using custom malware

    by

    system automation
    in

    Source URL: https://www.welivesecurity.com/en/eset-research/mind-air-gap-goldenjackal-gooses-government-guardrails/ Source: Hacker News Title: European govt air-gapped systems breached using custom malware Feedly Summary: Comments AI Summary and Description: Yes Summary: This text presents an extensive analysis of the GoldenJackal APT group’s cyberespionage activities, notably their attacks on air-gapped systems within governmental organizations in Europe. It introduces previously undocumented malware tools employed…

  • Hacker News: AT&T, Verizon reportedly hacked to target US govt wiretapping platform

    by

    system automation
    in

    Source URL: https://www.bleepingcomputer.com/news/security/atandt-verizon-reportedly-hacked-to-target-us-govt-wiretapping-platform/ Source: Hacker News Title: AT&T, Verizon reportedly hacked to target US govt wiretapping platform Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses a cybersecurity breach involving multiple U.S. broadband providers, orchestrated by the Chinese hacking group Salt Typhoon. The attack is significant due to its implications for national…