August 28, 2024 at 12:27PM Dick’s Sporting Goods, the largest outdoor retail chain in the US, confirmed a cyberattack on its servers. The nature and extent of the stolen information are unknown. Business operations were not disrupted, indicating ransomware was not used. The company has engaged law enforcement and an external security firm to investigate … Read more
August 7, 2024 at 07:26PM At the Black Hat USA conference, it was revealed that an obscure issue in Microsoft’s Entra ID identity and access management service could enable a hacker with admin-level access to gain global administrator privileges. This could lead to unauthorized access, including accessing sensitive data and planting malware in an organization’s … Read more
July 12, 2024 at 10:33AM In early 2023, a CISA red team exercise exposed significant cybersecurity gaps in a federal civilian executive branch organization. The SILENTSHIELD assessment revealed the organization’s failure to prevent and identify malicious activity, insufficient network segmentation, deficient log collection, and use of a ‘known-bad’ detection approach. Additionally, bureaucratic communication and decentralized … Read more
June 24, 2024 at 04:58PM CISA’s Chemical Security Assessment Tool (CSAT) suffered a breach in January when hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans. CISA confirmed the breach, stating that while no evidence of data theft was found, they are notifying potentially impacted individuals and organizations out … Read more
April 23, 2024 at 09:27AM A Russian APT group, Fancy Bear, has been using a tool called GooseEgg to exploit a vulnerability in the Windows Print Spooler service, enabling privileges elevation and credential theft in intelligence-gathering attacks globally. The group’s history includes targeting Microsoft product vulnerabilities for cyber-espionage, with significant recent activity in attacks against … Read more
February 20, 2024 at 09:01AM A new security advisory cautions Salesforce users with customized instances to be wary of common programming errors and misconfigurations. The advisory emphasizes the vulnerability of the Apex programming language, citing instances where leaked data and vulnerable sites were identified. Recommendations include avoiding certain configurations and conducting thorough security assessments of … Read more
January 31, 2024 at 12:36PM A recent code security audit of the Tor network by Radically Open Security revealed 17 vulnerabilities, including a high-risk CSRF bug in the Onion Bandwidth Scanner. The issues can lead to DoS attacks, security bypass, and unauthorized access. This audit followed another by Cure53 that focused on user interface changes … Read more