August 8, 2024 at 12:21PM Kimsuky, a North Korea-linked threat actor, has been identified in new cyber attacks targeting university staff for intelligence gathering. The attacks involve spear-phishing campaigns and use of a web shell to capture credentials and stage phishing pages. To combat this, users are advised to enable multi-factor authentication and scrutinize URLs … Read more
August 8, 2024 at 11:00AM AppOmni analyzed 230 billion SaaS audit log events, finding that most SaaS security incidents involve simple smash and grab incursions, with attackers using legitimate credentials for entry. The use of MITRE ATT&CK kill chain is minimal. AppOmni recommends implementing a full zero trust policy with effective MFA to prevent attacker … Read more
July 12, 2024 at 10:31AM Join the Cisco webinar on July 17, 2024, at 5pm BST/12pm ET/9am PT to explore emerging frameworks like Shared Signals and the use of machine learning in identity threat detection. Learn about digital credentials and how they contribute to enhanced identity security. Cisco’s experts will review their solution, including Identity … Read more
July 12, 2024 at 09:42AM AT&T experienced a major data breach, with threat actors stealing call logs for nearly all mobile customers, involving around 109 million customers. The breach occurred in April 2024, compromising call and text records for a specific period. Although no sensitive personal information was exposed, potential identity correlation is a concern. … Read more
July 11, 2024 at 09:23AM Ethan Steiger, CISO of Advance Auto Parts, disclosed that 2.3 million individuals were affected by a cyber breach. The criminals, under the alias Sp1d3r, attempted to sell the stolen data for $1.5 million, falsely claiming to have taken 380 million customer profiles. Snowflake has introduced new security measures, including multifactor … Read more
July 10, 2024 at 08:09AM Endpoint security has become increasingly important in the age of identity protection due to the rise in ransomware attacks. Identity Threat Detection and Response (ITDR) has emerged to address this gap, with capabilities such as coverage across all users and access methods, real-time detection, anomaly detection, chain detection with MFA … Read more
July 8, 2024 at 04:17PM Nearly 10 billion plaintext passwords, dubbed RockYou2024, have been leaked on a hacking forum. While the list may aid in brute-force attacks, it is unlikely for websites to allow such attempts. However, cybercriminals could find success in combining this data with other breaches to execute credential-stuffing attacks. Users are advised … Read more
July 2, 2024 at 08:28PM Summary: Over 500 credentials were stolen from Snowflake environments, impacting at least 165 customers. The cybersecurity investigation labeled it an information-stealing malware incident, urging enhanced security measures. Experts advise collecting and analyzing account data, using a single sign-on provider, and limiting the blast radius of a breach to enhance security. … Read more
June 27, 2024 at 11:50AM The Cybersecurity and Infrastructure Security Agency, in collaboration with the FBI and New Zealand organizations, released guidance on modern network access security, emphasizing modern firewall and network access management technologies. It focuses on three approaches: zero trust, secure service edge, and secure access service edge. Recommended practices include continuous monitoring, … Read more
June 26, 2024 at 01:41PM Neiman Marcus confirmed data theft affecting 65,000 customers through attacks on Snowflake. “Sp1d3r” sold personal data for $150,000. Over 70 million transactions, 50 million emails, and 12 million gift card numbers were for sale. UNC5537 accessed accounts using valid credentials due to lack of multifactor authentication, impacting 165 organizations. Strengthening … Read more