#CyberThreats

The Imperative for Modern Security: Risk-Based Vulnerability Management

by

February 29, 2024 at 07:57AM The news has been filled with reports of various vulnerabilities being exploited, highlighting the urgent need for organizations to modernize their vulnerability management practices. With the rise in cyber threats, organizations face resource constraints and challenges in patch management, making a risk-based approach essential for prioritizing and managing vulnerabilities effectively. … Read more

Cyber Insights 2024: APIs – A Clear, Present, and Future Danger

by

February 28, 2024 at 10:51AM The annual Cyber Insights series by SecurityWeek discusses pressing cybersecurity issues. The 2024 edition addresses the evolving role of CISOs, the dilemma of API security, and the expanding attack surface. It includes perspectives from industry experts and highlights the growing need for proactive security measures. The threats to APIs are … Read more

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28’s MooBot Threat

by

February 28, 2024 at 01:21AM Cybersecurity agencies are warning Ubiquiti EdgeRouter users to take precautions against the MooBot botnet, tied to APT28 and used to conduct covert cyber operations globally. The advisory recommends resetting routers, updating firmware, changing default credentials, and implementing firewall rules. This highlights the increasing use of routers as launchpads for malicious … Read more

Russia’s ‘Midnight Blizzard’ Targets Service Accounts for Initial Cloud Access

by

February 27, 2024 at 04:56PM The threat group “Midnight Blizzard,” associated with Russian intelligence services, has shifted tactics, targeting cloud environments at organizations. Strategies include exploiting automated cloud services accounts, dormant accounts, and using OAuth tokens and MFA bombing attacks for unauthorized access. Mitigations recommended include multifactor authentication, strong passwords, and least privilege principles for … Read more

eBay, VMware, McAfee Sites Hijacked in Sprawling Phishing Operation

by

February 27, 2024 at 12:23PM The Economist and 8,000 other entities were compromised in Operation SubdoMailing, part of a larger single threat actor operation. Trusted brands, such as The Economist, were affected. It appears that Trusted brands like The Economist are among 8,000 entities compromised by Operation SubdoMailing, which is part of a larger operation … Read more

Hijacked subdomains of major brands used in massive spam campaign

by

February 27, 2024 at 09:29AM The “SubdoMailing” ad fraud campaign utilizes over 8,000 legitimate domains and 13,000 subdomains to send up to five million fraudulent emails daily. Notable brands like MSN, VMware, and eBay have been unknowingly involved, aiding in bypassing spam filters. The threat actors profit from ad views and scams, with Guardio Labs … Read more

Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub

by

February 27, 2024 at 08:51AM The Xeno RAT, an open-source remote access trojan, has been released on GitHub, with capabilities for remote system management and unique features such as real-time audio recording and hidden virtual network computing module. This release underscores the rise of freely available malware, highlighted by cybersecurity firm Cyfirma. Additionally, the article … Read more

Russian hackers shift to cloud attacks, US and allies warn

by

February 26, 2024 at 12:35PM The Five Eyes intelligence alliance issued a warning about increased targeting of cloud services by APT29, a Russian hacking group. A joint advisory by international cybersecurity agencies highlights APT29’s tactics, including compromising access credentials and exploiting dormant accounts. Recommendations for defenders include enabling multi-factor authentication and strong passwords, among others, … Read more

The Next Gen of Cybersecurity Could Be Hiding in Big Tech

by

February 26, 2024 at 10:05AM The cybersecurity industry faces a talent gap due to increasing cyber threats and limited cybersecurity staff. The growing attack surface, higher frequency and sophistication of attacks, and increasing regulations contribute to the shortage. Retraining technology workers in cybersecurity skills can address the gap, providing diverse perspectives and helping protect critical … Read more

Insurers Use Claims Data to Recommend Cybersecurity Technologies

by

February 22, 2024 at 04:37PM Businesses benefit from using managed detection and response (MDR) services, which cut median response time to cyber incidents by half and reduce incident impact. Such firms may receive discounts on cyber insurance premiums based on deployed MDR. The data-driven approach of insurtech firms like Coalition may lead to tailored cybersecurity … Read more