June 14, 2024 at 11:06AM Scattered Spider gang, also known as Octo Tempest, engages in social engineering attacks to steal data from SaaS apps. They use SMS phishing and SIM swapping for on-premise access. Their tactics expanded to cloud infrastructures without ransomware. They create new virtual machines, disable security protections, and exfiltrate data to cloud … Read more
June 14, 2024 at 08:30AM “Data is rapidly expanding, with businesses of all sizes managing petabytes. The data is continuously accessed and analyzed, posing challenges for securing such a dynamic landscape. An upcoming webinar features industry experts discussing adapting security strategies, access control, third-party data risks, and future-proofing for big data era. Essential for data … Read more
June 12, 2024 at 03:30PM Fortinet is set to acquire Lacework, a cloud security firm, to bolster its secure access service edge (SASE) offerings with cloud-native security services. Lacework’s platform integrates artificial intelligence, machine learning, data collection, and code security tools to safeguard cloud workflows. The deal is expected to be completed in the second … Read more
June 12, 2024 at 10:09AM Cybersecurity researchers have uncovered an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. The threat actors abused anonymous access to launch malicious container images containing a DERO miner. The attack involves targeting externally accessible Kubernetes API servers and uses obfuscation techniques to resist analysis. The attacker’s tactics … Read more
June 11, 2024 at 03:21AM As many as 165 Snowflake customers had their data potentially exposed in a campaign targeting data theft and extortion, identified as UNC5537 by Mandiant. The group is believed to operate under various aliases, targeting organizations worldwide and collaborating with a party based in Turkey. Snowflake is taking measures to enhance … Read more
June 7, 2024 at 11:33AM Tenable, a well-known player in vulnerability management, has announced the acquisition of Israeli startup Eureka Security, specializing in DSPM. The deal enhances Tenable’s Cloud-Native Application Protection Platform and provides tools to assess and manage data risk. This acquisition follows Tenable’s previous purchase of another Israeli cloud security firm, Ermetic. Financial … Read more
June 6, 2024 at 09:32AM The Boston Red Sox are making comprehensive cybersecurity efforts by adopting a software-as-a-service model and embracing IoT at Fenway Park. Despite limited resources, support from Major League Baseball helps the team punch above its weight in cyber defense. Their security apparatus is dynamic and constantly evolving to protect IP, ensure … Read more
June 6, 2024 at 03:59AM Summary: A novel cryptojacking attack campaign called Commando Cat exploits exposed Docker remote API servers to deploy cryptocurrency miners using Docker images from the open-source Commando project. Malicious actors use the cmd.cat/chattr image to gain initial access, employing techniques like chroot and volume binding to access the host system. Recommendations … Read more
June 5, 2024 at 05:57PM Threat actors are claiming to sell 3TB of data stolen from Advance Auto Parts. The stolen data includes 380 million customer profiles, 140 million customer orders, and other sensitive information. The breach is linked to compromised Snowflake accounts, affecting multiple customers. However, Snowflake claims it was not due to any … Read more
June 5, 2024 at 04:08PM The Cloud Security Alliance released the fourth Annual SaaS Security Survey Report, highlighting that 70% of organizations are prioritizing investment in SaaS security. It revealed the establishment of dedicated SaaS security teams and increased budgets. Despite challenges, companies investing in SaaS security are experiencing fewer security incidents, signaling a positive … Read more