October 9, 2024 at 05:16PM Marriott will pay a $52 million penalty and enhance its cybersecurity practices following data breaches from 2014 to 2020 that affected 344 million individuals. Settlements with state attorneys general and the FTC mandate improved data security measures and customer rights regarding personal information without admitting liability. ### Meeting Takeaways: 1. … Read more
October 9, 2024 at 09:49AM The Trinity ransomware gang has targeted at least one US healthcare provider, likely Rocky Mountain Gastroenterology, which experienced a data breach. The HHS issued a security advisory highlighting Trinity’s sophisticated double extortion tactics. Organizations are urged to enhance cybersecurity measures, including MFA and secure backups, to prevent attacks. ### Meeting … Read more
October 8, 2024 at 04:32PM The Mamba 2FA platform is an emerging phishing-as-a-service (PhaaS) tool, targeting Microsoft 365 accounts through AiTM attacks. It offers a competitive price of $250/month and has evolved to enhance stealthiness and longevity. It specifically targets Microsoft 365 users and offers phishing templates for various services. This platform poses a significant … Read more
October 1, 2024 at 08:51AM Summary: Despite the implementation of multi-factor authentication (MFA) to enhance security, credentials remain the primary target for malicious parties entering systems, posing a persistent threat to cloud environments. This issue was highlighted in the SecurityWeek article “Cracking the Cloud: The Persistent Threat of Credential-Based Attacks.” Based on the meeting notes, … Read more
September 30, 2024 at 08:30AM Attackers are increasingly using session hijacking to bypass MFA. Microsoft detected 147,000 token replay attacks in 2023, a 111% increase YoY. Modern session hijacking targets cloud-based apps, seeking to steal session material and bypass MFA. Phishing toolkits like AitM and BitM, as well as infostealers, are used to hijack sessions. … Read more
September 9, 2024 at 05:52PM Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims’ networks, impacting Gen 5, Gen 6, and Gen 7 firewalls. The vulnerability initially affected the firewalls’ management access interface, but was later found to also impact the SSLVPN feature and exploited in attacks. Mitigation measures … Read more
September 3, 2024 at 05:37PM Three men in the UK have pleaded guilty to running a multifactor authentication (MFA) bypass ring, potentially making up to £7.9 million in less than two years. The trio operated OTP.agency, providing cybercriminals with tools to bypass MFA and access bank accounts. They face up to 14 years in prison … Read more
August 22, 2024 at 06:53AM Recent attacks on high-profile organizations are drawing comparisons to action movies, where the hero triumphs over adversity with a magical solution. Multi-factor authentication (MFA) is seen as a silver bullet, but it’s not foolproof. Social engineering can bypass MFA, and other security measures like passkeys and device posture checks are … Read more
August 16, 2024 at 03:11PM Microsoft urged Entra global admins to enable multi-factor authentication (MFA) for their tenants by October 15 to enhance security and protect against phishing and hijacking attempts. Admins can delay MFA enforcement until April 15, 2025, but it’s advised to set up MFA now to secure cloud resources. MFA will gradually … Read more
August 14, 2024 at 01:10PM Biotech company Enzo Biochem is required to pay a $4.5 million penalty to three state attorneys general after a 2023 ransomware attack compromised data for over 2.4 million individuals. The company’s poor cybersecurity practices allowed attackers to gain access, impacting New York, New Jersey, and Connecticut residents. Enzo is now … Read more