December 7, 2023 at 04:22AM Modern Attack Surface Management (ASM) is essential for CISOs as traditional methods can’t keep up with evolving digital threats and cloud-based environments. Modern ASM solutions should offer continuous, real-time discovery and contextual risk assessments across all environments. Trend Vision One™ provides comprehensive, automated ASM with total visibility, prioritization, and remediation … Read more
December 6, 2023 at 02:48PM At the Black Hat Europe 2023 event, Ollie Whitehouse of the NCSC stated that current cybersecurity is inadequate to counter advanced threats. He criticized security vendors for creating closed ecosystems with up-charges for better security and lacking transparency, especially regarding SaaS vulnerabilities. He advocated for basic security improvements and greater … Read more
December 6, 2023 at 09:52AM CISA removed CVE-2022-28958, a supposed critical flaw in a D-Link router, from its Known Exploited Vulnerability catalog after a review revealed it was not a real vulnerability. VulnCheck debunked the issue, originally believed to allow remote code execution. The flaw was included due to an invalid proof of concept but … Read more
December 5, 2023 at 12:47PM CISA reported two server breaches at a federal agency due to an unpatched Adobe ColdFusion flaw (CVE-2023-26360). The attackers exploited the vulnerability for reconnaissance and malware deployment, but their further malicious activities were hindered. The incidents occurred months after agencies were ordered to patch the flaw, and the attackers’ identities … Read more
December 5, 2023 at 12:07PM CISA warns of ongoing attacks exploiting a critical Adobe ColdFusion vulnerability (CVE-2023-26360), despite a fix. Hackers targeted government servers, installing malware and conducting reconnaissance. Although attacks were contained, CISA stresses updating ColdFusion and enhancing security measures. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a … Read more
December 5, 2023 at 03:12AM A new cyber threat, AeroBlade, targeted a U.S. aerospace company in a suspected espionage attempt. The BlackBerry team identified the attack, which utilized spear-phishing, remote template injection, and a malicious VBA macro. Attacks started in September 2022 and became more stealthy over time, culminating in July 2023 with a reverse … Read more
December 4, 2023 at 03:19PM Microsoft warns of APT28 exploiting a critical Outlook flaw, CVE-2023-23397, to hijack Exchange accounts, targeting governmental and key sectors in the US, Europe, and the Middle East. The attacks, using various vulnerabilities, have been ongoing since April 2022. Urgent mitigation includes applying security updates and enabling MFA. Meeting Takeaways: 1. … Read more
December 1, 2023 at 02:15PM Agent Raccoon, a novel .NET malware used for espionage, targets organizations globally and is linked to nation-state actors by Unit 42. It masquerades as an updater, using DNS for covert communication and includes tools for credential theft and data exfiltration, with active development indicating evolving capabilities. Meeting Takeaways: 1. A … Read more
December 1, 2023 at 05:48AM The latest Gcore Radar report has revealed an unprecedented surge in DDoS attacks, with intensities surpassing 1.5 Tbps. Gcore successfully defended a gaming industry customer against two substantial DDoS attempts using a variety of defense strategies, including dynamic traffic shaping, anomaly detection, regular expression filters, and collaborative threat intelligence, thereby … Read more
November 29, 2023 at 12:18AM A critical security flaw in Apache ActiveMQ (CVE-2023-46604) is being exploited to distribute the GoTitan botnet and PrCtrl Rat malware for remote control of infected systems. Threat groups like Lazarus are using the flaw to deliver various payloads, including DDoS bots and cryptojackers. Meeting Takeaways: 1. A critical security flaw … Read more