Phishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM Attacks

November 29, 2024 at 05:33AM Researchers warn of a phishing-as-a-service (PhaaS) toolkit, Rockstar 2FA, targeting Microsoft 365 credentials through email campaigns. Utilizing adversary-in-the-middle (AitM) attacks, it bypasses multi-factor authentication (MFA). Promoted features assist cybercriminals in executing campaigns with minimal expertise, leading to significant potential financial losses for victims. ### Meeting Takeaways – Cybercrime / Cloud … Read more

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

November 29, 2024 at 05:33AM Microsoft addressed four security vulnerabilities in its AI and cloud offerings, including a critical privilege escalation flaw (CVE-2024-49035) exploited in the wild. Other flaws include XSS and authentication issues in various products. While most have been mitigated, users are advised to update Dynamics 365 Sales apps for security. ### Meeting … Read more

Fighting cybercrime with actionable knowledge

November 29, 2024 at 04:28AM Cybercrime is evolving, making continuous training essential for cybersecurity professionals. Celebrating 35 years, the SANS Institute offers over 85 courses and 240,000 GIAC certifications globally, emphasizing updated curriculums. New courses in 2025 will cover cybercrime intelligence and Linux incident response, ensuring professionals stay equipped to tackle emerging threats. ### Meeting … Read more

The Future of Serverless Security in 2025: From Logs to Runtime Protection

November 28, 2024 at 06:51AM Serverless environments, like AWS Lambda, face significant security challenges under traditional log-based and static analysis methods. Sweet Security’s innovative sensor provides real-time monitoring of internal operations, detecting and blocking threats such as code injections and misuse of vulnerable libraries, enabling organizations to secure serverless computing effectively. ### Meeting Takeaways: Cloud … Read more

Microsoft Patches Exploited Vulnerability in Partner Network Website

November 28, 2024 at 06:07AM Microsoft has patched vulnerabilities in several services, including Azure and Copilot Studio, with one flaw described as ‘exploited.’ The vulnerabilities, mostly related to privilege escalation, have been assigned CVE identifiers for transparency. Users don’t need to take action, as patching occurs automatically over several days. ### Meeting Takeaways on Microsoft … Read more

Data broker leaves 600K+ sensitive files exposed online

November 27, 2024 at 01:07PM Over 600,000 sensitive files, including personal criminal histories, were exposed online by SL Data Services in an unprotected database. Security researcher Jeremiah Fowler reported the issue, highlighting risks of phishing and social engineering. Although the database was eventually closed, the exposed information could severely impact individuals and their associates. ### … Read more

Israel Defies VC Downturn With More Cybersecurity Investments

November 27, 2024 at 02:06AM Despite a global slowdown in cybersecurity funding, Israeli startups secure significant investments amid ongoing military operations and regional tensions. Israel remains a key tech innovation hub, and cybersecurity investments are projected to rise 45% in 2024, reversing previous declines. Investors prefer addressing global issues rather than local ones. **Meeting Takeaways: … Read more

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

November 27, 2024 at 01:04AM A threat actor named Matrix has initiated a large-scale DDoS campaign by exploiting vulnerabilities in IoT devices, primarily targeting IP addresses in China and Japan. This operation utilizes publicly available scripts, promotes a DDoS-for-hire service via Telegram, and highlights the need for improved security practices to mitigate such attacks. **Meeting … Read more

CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls

November 26, 2024 at 11:31AM CyberRatings.org has completed a “Mini-Test” of native firewalls from AWS, Azure, and GCP, assessing their security effectiveness against 522 exploits. Results showed protection effectiveness ranging from 0.38% to 50.57%. The findings raise concerns about reliance on CSP firewalls, urging customers to consider third-party solutions. A second, more rigorous test is … Read more

IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR

November 26, 2024 at 09:01AM IBM announced patches for multiple vulnerabilities, including two severe remote code execution issues in Data Virtualization Manager and Security SOAR. These flaws could allow unauthorized code execution. Users are advised to update their systems promptly. Additional vulnerabilities in other IBM products were also addressed. Details are available on IBM’s security … Read more