Attack Surface Management 2022 Midyear Review Part 2
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year.
Cyber News, Cyber Threat Trends
- October 27, 2022
- October 27, 2022
New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances
A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured
Cyber News, Cyber Threat Trends
- October 27, 2022
Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers’ Data
Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack. In an update to its ongoing investigation into the incident, the firm said the attackers had access to “significant amounts of health claims data” as well as personal data belonging to […]
Cyber News, Cyber Threat TrendsMedibank Backtracks: All Customer Data Was Exposed to Hackers
Insurer’s incident response processes under fire
Cyber News, Cyber Threat TrendsGitHub Bug Exposed Repositories to Hijacking
Checkmarx warns over 10,000 popular packages could be vulnerable
Cyber News, Cyber Threat TrendsWhite House Launches Chemical Sector Security Sprint
Bid to improve critical national infrastructure continues
Cyber News, Cyber Threat Trends
- October 27, 2022
From Bounty to Exploit: Observations About Cybercriminal Contests
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we discuss our takeaways and summarize the results of these contests.
Cyber News, Cyber Threat TrendsSmashing Security podcast #295: Slushygate, sextortion, and nano-targeting
What is slushygate and how does it link to sextortion in the States? What is the most impersonated brand when it comes to delivering phishing emails? And what the flip is nano-targeting? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley […]
Cyber News, Cyber Threat Trends
- October 26, 2022
Microsoft Event Log vulnerabilities threaten some Windows operating systems
A pair of newly discovered vulnerabilities have highlighted the ongoing risks posed by Internet Explorer’s (IE) deep integration into the Windows ecosystem, despite Microsoft ending support for IE in June 2022. Discovered by the Varonis Threat Labs team, the exploits affect an IE-specific Event Log that is present on all current Windows operating systems up […]
Cyber News, Cyber Threat Trends