March 1, 2024 at 09:47AM The U.S. Department of Justice indicted Alireza Shafie Nasab, an Iranian national, for cyber-espionage targeting U.S. government and defense entities. Operating from 2016 to April 2021, Nasab and co-conspirators employed phishing and hacking techniques to compromise over 200,000 devices, resulting in charges carrying 5 to 20 years in prison. The … Read more
March 1, 2024 at 08:57AM Five Eyes agencies warn of ongoing exploitation of Ivanti VPN flaws and encourage organizations to assume credentials have been compromised, hunt for malicious activity, use Ivanti’s Integrity Checker Tool, and apply patches. Ivanti releases enhanced ICT to detect new/changed files on affected appliances. Agencies offer IoCs, Yara rules, and incident … Read more
March 1, 2024 at 08:57AM The US cybersecurity agency CISA added a high-severity elevation of privilege flaw in Microsoft Streaming Service to its Known Exploited Vulnerabilities catalog, warning of active exploitation. The flaw, tracked as CVE-2023-29360, could allow attackers to gain System privileges. CISA urges organizations to apply patches and has a deadline of March … Read more
March 1, 2024 at 06:15AM Cybersecurity researchers have found a new Linux variant of the BIFROSE remote access trojan, using a deceptive domain mimicking VMware. The malware, active since 2004, has been linked to a state-backed group from China. The latest variant disguises as VMware and has shown increased activity since October 2023, signifying evolving … Read more
March 1, 2024 at 04:12AM Summary: Cyber security incidents are costly, with an average data breach costing $4.35 million, and cyber attacks rose by 38% last year. To address this, Google Workspace offers a cloud-native architecture with zero-trust principles and AI-powered threat defences. A webinar on March 6 will cover preventing cyber threats, enabling safer … Read more
March 1, 2024 at 02:33AM The Five Eyes intelligence alliance issued a cybersecurity advisory warning about cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways. They cautioned that the Integrity Checker Tool may provide a false sense of security, allowing threat actors root-level persistence despite factory resets. Ivanti … Read more
March 1, 2024 at 01:09AM GitHub has announced the default activation of secret scanning push protection for all public repository pushes. This feature identifies over 200 token types from more than 180 service providers to prevent fraudulent use. The move comes as a response to ongoing “repo confusion” attacks targeting GitHub, aiming to thwart malicious … Read more
February 29, 2024 at 04:46PM Troutman Pepper has established the Incidents + Investigations Team to address the increasing demand for legal services related to data breaches and cybersecurity incidents. The team provides 24/7 support and expertise in regulated industries, emphasizing effective communication and comprehensive assistance through all stages of incident response. The firm offers a … Read more
February 29, 2024 at 04:46PM Tenable® released Tenable One for OT/IoT, the first exposure management platform offering comprehensive visibility into assets across IT, operational technology (OT), and IoT environments. This solution aims to address the increasing cyber attack surface due to interconnected assets, providing actionable risk intelligence to mitigate operational risks and prioritize security measures. … Read more
February 29, 2024 at 03:40PM The U.S. Cybersecurity Agency (CISA) revealed that attackers breaching Ivanti appliances can maintain root persistence after factory resets. Four vulnerabilities allow evasion of Ivanti’s Integrity Checker Tool, with ratings from high to critical. CISA warned of compromised Ivanti devices’ significant risk and ordered federal agencies to disconnect and rebuild affected … Read more