April 21, 2024 at 10:04PM MITRE revealed it was the victim of a cyber attack, despite its strong security measures. The Akira ransomware, deployed by Russian-linked groups, is still a threat, exploiting old vulnerabilities in Cisco software. Important security flaws, including sensitive data exposure and credentials theft, were discovered in various critical systems. Cerebral, an … Read more
April 11, 2024 at 06:05PM MITRE will add two sub-techniques to ATT&CK database, exploited by North Korean threat actors. TCC manipulation involves Apple macOS application permissions. “Phantom” DLL hijacking exploits nonexistent DLLs in Windows. These techniques allow hackers to gain privileged access and perform espionage. It’s crucial to keep SIP enabled and monitor DLL loading … Read more
April 11, 2024 at 04:09PM MITRE is adding two new techniques to its ATT&CK database due to exploits by North Korean threat actors. One technique involves TCC manipulation on Apple’s macOS, enabling privileged access for espionage. The other technique, phantom DLL hijacking on Windows, involves exploiting nonexistent DLL files. Both have been used by North … Read more
April 10, 2024 at 01:04AM MITRE ATT&CK techniques dominate cybersecurity incidents, particularly command and scripting interpreters (T1059) and phishing (T1566). A report by D3 Security reveals these techniques surpass others significantly. The widespread usage of malicious scripts underlines the need for comprehensive incident response plans. Additionally, robust education and multifactor authentication help defend against phishing … Read more
April 3, 2024 at 10:12AM The Common Vulnerabilities and Exposures (CVE) List managed by MITRE and the National Vulnerability Database (NVD) overseen by NIST are no longer considered a single reliable source of vulnerability information. Challenges include missing vulnerabilities, false positives, and resource limitations. NIST, acknowledging the backlog, is seeking a consortium to improve vulnerability … Read more
March 26, 2024 at 04:29AM Two DNSSEC vulnerabilities, KeyTrap (CVE-2023-50387) and NSEC3-encloser (CVE-2023-50868), were disclosed with similar descriptions and a severity score of 7.5 out of 10. However, a study by the ATHENE team finds NSEC3-encloser is less severe than KeyTrap, contrary to MITRE’s assessment. This has led to concerns about the accuracy and quality … Read more
February 26, 2024 at 07:26AM Summary: The advisory details the recent tactics of the APT29 cyber espionage group, attributed to the SVR, targeting cloud infrastructure. It outlines their previous activity and evolving techniques, such as accessing service and dormant accounts, using cloud-based token authentication, enrolling new devices to the cloud, and using residential proxies. Mitigation … Read more
February 5, 2024 at 06:27AM The current challenge in cyber security lies in the lack of effective risk management platforms, leading to alert fatigue and unmitigated risks. Combining NIST, MITRE, and NCSC frameworks offers a solution to mitigate these risks and enable proactive threat response. The SHQ Response Platform incorporates these frameworks to simplify risk … Read more
January 16, 2024 at 10:23AM The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) outlining indicators of compromise (IOCs) and tactics related to Androxgh0st malware. The advisory includes specific recommendations for mitigating cybersecurity incidents caused by Androxgh0st infections. The malware targets websites using Laravel and Apache HTTP Server, and allows threat actors to … Read more
December 14, 2023 at 05:27PM Swinfen Charitable Trust, UVA Health, Telemedicine AI, and MITRE have announced a collaboration to improve global health services. This partnership aims to enhance cyber infrastructure protection assessments for the OpenTelemed telemedicine platform, along with providing educational resources and cyber technology training to the Trust’s health professionals in 96 countries. For … Read more